Slide 1

Download Report

Transcript Slide 1

Usability of CAPTCHAs Or “usability issues in CAPTCHA design”

Jeff Yan

School of Computing Science Newcastle University, UK (Joint work with Ahmad Salah El Ahmad)

Apology

 n th  2 nd time to miss SOUPS … (n > 2) time to be unable to present my paper …  All due to the same problem:  A US visit visa!

(started my application in April, I’ve not heard its result yet …) SOUPS’08 (CMU, July 2008) (2)

SOUPS’08 (CMU, July 2008)  Does this man look like a terrorist?! ;-) (3)

CAPTCHA

   Why was it invented?

  Ask any CMU people, or read the cartoon  Automated Turing tests  that computers cannot pass, but human can Almost standard security technology (e.g. for anti spam)  widespread application on commercial websites SOUPS’08 (CMU, July 2008) (4)

Main CAPTCHAs

 Text-based schemes   typically require users to solve a text recognition task the most widely deployed  Sound-based schemes  typically require users to solve a speech recognition task.  Image-based schemes   typically require users to perform an image recognition task Example: Microsoft’s Assira SOUPS’08 (CMU, July 2008) (5)

This paper is about understanding

how to design usability usable

and

robust CAPTCHAs, with a focus on

 Isn’t that … CAPTCHAs with poor usability should not exist by definition?

  Yes, but … still many deployed CAPTCHAs, including famous ones, are not that usable … SOUPS’08 (CMU, July 2008) (7)

 How about robustness?

  When necessary, it will be covered However, our major attacks are discussed in somewhere else   Low-cost attacks on schemes by Microsoft, Yahoo and Google (CCS’08, to appear) The pixel count attack (ACSAC’07)  Breaking CAPTCHAs by counting the number of pixels!

SOUPS’08 (CMU, July 2008) (8)

A framework for CAPTCHA usability

   Distortion  distortion techniques employed and their impact on usability.

Content  content embedded in CAPTCHA challenges and their impact on usability  e.g. how the content should be organized?

Presentation  the way that CAPTCHA challenges are presented and impact on usability. SOUPS’08 (CMU, July 2008) (9)

Distortion | confusing characters

 Well-known that under common distortions, characters such as 1 and l, o and 0, 5 and s, would cause confusion  To be secure (or resistant to segmentation attacks), Google and Yahoo CAPTCHAs introduced new confusing characters  vv or w? rm or nn?

  cl or d? cm or an?

rn or m? nn or m? … SOUPS’08 (CMU, July 2008) (10)

Distortion | confusing characters

 ~6% challenges in Google CAPTCHA, and ~10% in the latest Yahoo scheme (rolled out since Mar 2008) were observed to have such confusing characters.

(11) SOUPS’08 (CMU, July 2008)

Content | string length

  A design issue: string length predictable or not?

Case study:  Microsoft CAPTCHA used a fixed length of 8 characters, which helped its usability The first object is “7”?

The first object is “L”?

With the length info, users can be pretty sure that the first objects in the above examples are noise.

SOUPS’08 (CMU, July 2008) (12)

Content | string length

 However, the length info also helped our automated segmentation attack (success rate: >92%)  Our program knows when to stop!

Start point  Stop: identified 8 chars already SOUPS’08 (CMU, July 2008) (13)

Presentation | the use of colour

 Using colour is common practice in CAPTCHA design (for all sorts of reasons)  However, we have seen many cases in which the use of colour  is unhelpful for usability   has caused negative impact on security, or is problematic in terms of both usability and security SOUPS’08 (CMU, July 2008) (14)

Presentation | the use of colour

 Case 1: Gimpy-r (a well-known early scheme) How human see it How machines see it SOUPS’08 (CMU, July 2008) (15)

Presentation | the use of colour

Case 1: Gimpy-r    Dominant colour of distorted text (often black) is distinguishable:  always the lowest intensity, and  never appeared in the background easy to extract the text colour background:  No much use in terms of security  negative effect in usability (e.g. confusing people) SOUPS’08 (CMU, July 2008) (16)

Presentation | the use of colour

 Case 2: BotBlock How human see it How machines see it SOUPS’08 (CMU, July 2008) (17)

Presentation | the use of colour

Case 2: BotBlock    sophisticated colour management providing resistance to OCR However, the misuse of colour:  texts have distinguishable colour patterns   the same colour for foreground occurs repetitively.

easy to extract text automatically Negative effect on usability and false sense of security .

SOUPS’08 (CMU, July 2008) (18)

Presentation | the use of colour

 It seems that the “Las Vegas effect” also applies to CAPTCHA design  No colour might be better than too much colour  Major CAPTCHAs started to avoid using fancy colour management, including  Microsoft    Yahoo Google reCAPTCHA SOUPS’08 (CMU, July 2008) (19)

The framework:

applied to text CAPTCHAs

Category

Distortion Content Presentation

Usability issue

Distortion method and level Confusing characters Friendly to foreigners?

Character set String length How long?

Predictable or not?

Random string or dictionary word?

Offensive word Font type and size Image size Use of color Integration with web pages SOUPS’08 (CMU, July 2008) (20)

The framework

   Inspired by text-based CAPTCHAs Applicable to sound-based schemes  Details see our paper also applicable to image-based schemes (e.g. IMAGINATION)  for schemes such as Assira and Bongo, in which distortion is absent, only the dimensions of content and presentation will apply.

SOUPS’08 (CMU, July 2008) (21)

Summary

 First attempt towards a systematic analysis of usability issues in CAPTCHA design (in particular, text-based schemes)  Proposed a simple but novel framework, which accommodates both   novel issues we have identified, and known issues scattered in the literature  The framework is applicable to text, sound and (some) image based CAPTCHAs.

SOUPS’08 (CMU, July 2008) (22)