Title :
Captchæcker: Reconfigurable CAPTCHAs based on automated security and usability analysis
Author :
Javed, Yousra ; Nazir, Maliha ; Khan, Muhammad Murtaza ; Khayam, Syed Ali ; Li, Shujun
Author_Institution :
Nat. Univ. of Sci. & Technol. (NUST), Islamabad, Pakistan
fDate :
Oct. 31 2011-Nov. 1 2011
Abstract :
CAPTCHAs have been deployed ubiquitously by web sites to combat automated malicious programs. Security against web bots and usability to legitimate users are two main goals that have to be simultaneously satisfied when designing a useful CAPTCHA scheme. However, there exists a well-known and intricate trade-off between these goals. So far, balancing this trade-off remains an art rather than a science, as we do not have any automated tools to evaluate the security and usability of CAPTCHAs and then to configure the CAPTCHA generation engine accordingly. In this position paper, we propose a general framework called Captchæcker that aims to solve this configuration problem by automating the security-usability analysis of CAPTCHAs. The proposed framework will allow dynamic reconfiguration of a CAPTCHA scheme after its security-usability goal is changed or its security is compromised due to an attack.
Keywords :
Web sites; security of data; CAPTCHA generation engine; Web bots; Web sites; automated malicious program; automated security; captchæcker; reconfigurable CAPTCHA; usability analysis; Engines; Google; Humans; Pattern recognition; Security; Usability; Visualization; CAPTCHA; design; reconfiguration; security; usability;
Conference_Titel :
Configuration Analytics and Automation (SAFECONFIG), 2011 4th Symposium on
Conference_Location :
Arlington, VA
Print_ISBN :
978-1-4673-0401-6
Electronic_ISBN :
978-1-4673-0400-9
DOI :
10.1109/SafeConfig.2011.6111665
