A CAPTCHA model based on visual psychophysics: Using the brain to distinguish between human users and automated computer bots

Saadat Beheshti, S. M. R., Liatsis, P. & Rajarajan, M. (2017). A CAPTCHA model based on visual psychophysics: Using the brain to distinguish between human users and automated computer bots. Computers and Security, 70, pp. 596-617. doi: 10.1016/j.cose.2017.08.006

[img] Text - Accepted Version
Restricted to Repository staff only until 24 August 2018.
Available under License Creative Commons Attribution Non-commercial No Derivatives.

Download (1MB) | Request a copy

Abstract

Demand for the use of online services such as free emails, social networks, and online polling is increasing at an exponential rate. Due to this, online service providers and retailers feel pressurised to satisfy the multitude of end-user expectations. Meanwhile, automated computer robots (known as “bots”) are targeting online retailers and service providers by acting as human users and providing false information in order to abuse their service provisioning. CAPTCHA is a set of challenge/response protocol, which was introduced to protect online retailers and service providers from misuse and automated computer attacks. Text-based CAPTCHAs are the most popular form, and are used by most online service providers to differentiate between the human users and bots. However, the vast majority of text-based CAPTCHAs have been broken using the Optical Character Recognition (OCR) techniques and thus, reinforces the need for developing a secure and robust CAPTCHA model. Security and usability are the two fundamental issues that pose a trade-off in the design of a CAPTCHA; a hard CAPTCHA model could also be difficult for human users to resolve, which affects its usability, and vice versa. The model developed in this study uses the unsurpassed abilities of the Human Visual System (HVS) to superimpose and integrate complex information presented in individual frames, using the mechanism of trans-saccadic memory. In this context, the model integrates in its design the concept of persistence of vision, which enables humans to see the world in a continuous fashion. Preliminary results from the proposed model based on this technique are encouraging. To ensure the usability of the proposed CAPTCHA model, we set the threshold for the ORO parameter at 40%. This ensured that our CAPTCHA strings would be recognised by human observers at a rate of over 99% (or as close to 100% as is realistic). In turn, when examining the robustness of our VICAP model to computer programme attacks, we can observe that for the traditional case of OCR recognition, based on a single-frame scenario, the Computer Recognition Success Rate (CRSR) was about 0%, while in the case of a multi-frame scenario, the CRSR could increase to up to 50%.

Item Type: Article
Additional Information: © 2017. This manuscript version is made available under the CC-BY-NC-ND 4.0 license http://creativecommons.org/licenses/by-nc-nd/4.0/
Uncontrolled Keywords: CAPTCHA, Persistence of vision, Trans-Saccadic memory, Visual integration, Authentication, Security
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: School of Engineering & Mathematical Sciences > Engineering
URI: http://openaccess.city.ac.uk/id/eprint/18198

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics