Title :
Divide and Conquer: An Efficient Attack on Yahoo! CAPTCHA
Author :
Gao, Haichang ; Wang, Wei ; Fan, Ye
Author_Institution :
Software Eng. Inst., Xidian Univ., Xi´´an, China
Abstract :
CAPTCHA is now almost a standard security technology to tell computers and humans apart. The most widely deployed CAPTCHAs are text-based schemes. In this paper, we document how we have broken such text-based scheme used by Yahoo!. Using "connecting characters together" principle, Yahoo! CAPTCHA is effectively resistant to segmentation and recognition in the early attacks. In contrast to early works that recognized the text after segmentation, we combined the recognition with segmentation to divide and conquer the CAPTCHA. In another word, we segment the text by extracting the recognized characters. The experiments show that our extraction and segmentation attack on Yahoo! CAPTCHA achieved a success rate of about 78% and an overall (individual character recognition with OCR) success rate of 54.7%.
Keywords :
Internet; Web sites; divide and conquer methods; security of data; CAPTCHA; Internet security; Yahoo; character recognition; divide and conquer method; standard security technology; text-based schemes; Character recognition; Computers; Head; Humans; Image color analysis; Joining processes; Security; CAPTCHA; Human Interactive Proof; Internet security; Yahoo!; recognition attack; segmentation attack;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on
Conference_Location :
Liverpool
Print_ISBN :
978-1-4673-2172-3
DOI :
10.1109/TrustCom.2012.131
