Exploiting the Human-Machine Gap in Image
Recognition for Designing CAPTCHAs
Ritendra Datta, Jia Li, James Z. Wang
The Pennsylvania State University, University Park, PA 16802
Abstract:
Security researchers have, for long, devised
mechanisms to prevent adversaries from conducting automated network
attacks, such as denial-of-service, which lead to signi cant wastage
of resources. On the other hand, several attempts have been made to
automatically recognize generic images, make them semantically
searchable by content, annotate them, and associate them with
linguistic indexes. In the course of these attempts, the limitations
of state-of-the-art algorithms in mimicking human vision have become
exposed. In this paper, we explore the exploitation of this limitation
for potentially preventing denial-of-service type attacks. While
undistorted natural images have been shown to be algorithmically
recognizable and searchable by content to moderate levels, controlled
distortions of speci c type and strength can potentially make machine
recognition harder without affecting human recognition. This
difference in recognizability makes it a promising candidate for
automated Turing tests called CAPTCHAs which can differentiate humans
from machines. We empirically study the application of controlled
distortions of varying nature and strength, and their effect on human
and machine recognizability. While human recognizability is measured
on the basis of an extensive user study, machine recognizability is
based on three memory-based content-based image retrieval (CBIR) and
matching algorithms. We give a detailed description of our
experimental image CAPTCHA system, IMAGINATION, that uses systematic
distortions at its core. A signi cant research topic within signal
analysis, CBIR is actually conceived here as a tool for an adversary,
so as to help us design more foolproof image CAPTCHAs.
Full Paper in Color
(PDF, 4MB)
On-line Info
Citation:
Ritendra Datta, Jia Li and James Z. Wang, ``Exploiting the
Human-Machine Gap in Image Recognition for Designing CAPTCHAs,'' IEEE
Transactions on Information Forensics and Security, vol. 4, no. 3, pp. 504-518,
2009.
Copyright 2009 IEEE.
Personal use of this
material is permitted. However, permission to reprint/republish this
material for advertising or promotional purposes or for creating new
collective works for resale or redistribution to servers or lists, or
to reuse any copyrighted component of this work in other works, must
be obtained from the IEEE.
Last Modified:
Thu Feb 5 11:11:03 EST 2009
© 2009