Sign In

Communications of the ACM

ACM TechNews

Researchers Defeat CAPTCHA on Popular Web Sites


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
CAPTCHAs

The examples of text CAPTCHAs that could be solved by the Stanford CAPTCHA-breaking algorithms.

Credit: Courtesy of network-security-research.blogspot.com

Stanford University researchers have developed an automated tool that can decipher Completely Automated Public Turing tests to tell Computers and Humans Apart (CAPTCHAs), which are used by many Web sites as an anti-spam test.

The Stanford team, led by researchers Elie Bursztein, Matthieu Martin, and John C. Mitchel, developed various methods of cleaning up purposefully introduced background noise and breaking text strings into individual characters for easier recognition.

Some of the CAPTCHA-breaking algorithms are based on tools used by robots to orient themselves in new environments. The researchers created Decaptcha, which was run against CAPTCHAs used by 15 high-profile Web sites. The only tested site that could not be broken was Google.

The researchers also developed several recommendations to improve CAPTCHA security, including randomizing the length of the text string, randomizing the character size, applying a wave-like effect to the output, and using collapsing or lines in the background.

From IDG News Service
View Full Article

 

Abstracts Copyright © 2011 Information Inc. External Link, Bethesda, Maryland, USA 

 


 

No entries found