Detecting human attacks on text‐based CAPTCHAs using the keystroke dynamic approach
Abstract A Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) is a simple test that is used on websites to differentiate between human users and automated attacks that indulge in spamming and other fraudulent activities. A text‐based CAPTCHA is the most popular secu...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2021-03-01
|
| Series: | IET Information Security |
| Subjects: | |
| Online Access: | https://doi.org/10.1049/ise2.12018 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Abstract A Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) is a simple test that is used on websites to differentiate between human users and automated attacks that indulge in spamming and other fraudulent activities. A text‐based CAPTCHA is the most popular security technique used by many websites on the Internet, such as Microsoft, Google and eBay, to secure their sites from automated attacks. By design, however, a CAPTCHA is unable to differentiate between a legitimate human user and a human‐based attacker. This may make websites vulnerable to human‐based attacks while using CAPTCHAs. Hence this article proposes a novel defence system using the keystroke dynamic approach. To evaluate our system, a laboratory experiment was conducted and the results showed that the proposed system is able to detect human‐based attacks on text‐based CAPTCHAs effectively with a 100% detection rate. |
|---|---|
| ISSN: | 1751-8709 1751-8717 |