国产精品99一区二区三_免费中文日韩_国产在线精品一区二区_日本成人手机在线

AI can easily break text CAPTCHA: new research

Source: Xinhua| 2018-12-24 09:51:08|Editor: mmm
Video PlayerClose

XI'AN, Dec. 24 (Xinhua) -- A new study suggested that text-based CAPTCHAs, one of the most widely used website security mechanisms, are no longer safe when facing smarter artificial intelligence.

Text-based CAPTCHA uses a jumble of distorted or blurred letters, characters and numbers to distinguish humans from computer programs, to block the latter from accessing polls and auctions disguised as a human user. This reverse Turing test builds on the belief that people are more adept at recognizing these symbols than machines.

But researchers from China's Northwest University, Peking University, and Lancaster University in Britain said they developed a new algorithm, based on machine learning, that can break most text-based CAPTCHAs within 0.05 seconds.

The research was published in a paper presented at the ACM Conference on Computer and Communications Security (CCS) 2018 in Toronto. It described the algorithm as "generic, low-effort yet effective" compared with previous attacks on CAPTCHAs that could be laborious and scheme-specific.

Fang Dingyi, co-author of the paper at Northwest University, said the program had been tested on CAPTCHA schemes used by 50 popular websites including those operated by Google, Wikipedia, Microsoft, Baidu, Alibaba, and Tencent.

Overall, the program had a success rate of over 50 percent of decoding CAPTCHAs on most websites within 0.05 seconds. Its success rate of decoding certain Google CAPTCHAs, considered to be the most difficult, stood at 3 percent.

"It is widely believed that a CAPTCHA scheme is ineffective if the decoding rate is above 1 percent," said Tang Zhanyong, co-author of the paper at Northwest University.

The AI tool draws on a technique known as the "generative adversarial network," or GAN. It teaches a CAPTCHA generator program to produce large numbers of training CAPTCHAs, which are then used to train a solver to break real CAPTCHAs.

"This research suggests one can easily launch an attack on a new CAPTCHA scheme using AI. It means that this first defense of many websites is no longer reliable," said Fang.

The researchers advised website owners to consider deploying alternative multiple-layer security mechanisms. Fang said his team is looking at ways to develop a more reliable CAPTCHA system.

"We want to offer an alternative to the current text-based CAPTCHA scheme. The alternative should improve its security without compromising the user experience," Fang said.

TOP STORIES
EDITOR’S CHOICE
MOST VIEWED
EXPLORE XINHUANET
010020070750000000000000011100001376950661
主站蜘蛛池模板: 休宁县| 庄河市| 东阿县| 贵南县| 千阳县| 茂名市| 阿巴嘎旗| 平果县| 建平县| 峨眉山市| 湖南省| 陇南市| 昌都县| 土默特左旗| 县级市| 新龙县| 南岸区| 临夏市| 巴林左旗| 武清区| 滕州市| 泸西县| 濮阳市| 噶尔县| 富顺县| 清水县| 教育| 永春县| 锡林浩特市| 中卫市| 大连市| 增城市| 壶关县| 卓尼县| 兰考县| 大同市| 黔江区| 广元市| 三亚市| 武穴市| 登封市|