A Paradigm Shift for the CAPTCHA race, and its application towards more robust authentication mechanism
Professor Sungdeok (Steve) Cha
Computer Science and Engineering, Korea University, Seoul, Korea
Time & Place
Thu, 16 Aug 2018 14:00:00 NZST in Jack Erskine 340
All are welcome
CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) challenges are often correctly solved by software but have increasingly become too difficult for humans to pass. If the correct response to a challenge remains the same, robots can gather invaluable information from accidental successes and will easily defeat future challenges through heuristic learning.
Introducing uncertainty to the challenges will fundamentally change the rules of image-based CAPTCHA systems. This new approach temporarily excludes some images from a challenge's results, assigning them a neutral role. However, future challenges might include these images. So, successful responses might differ between challenges even though the challenges use the same images, thereby eliminating the threat of heuristic attacks. To further reduce the chance of robots accidently passing a challenge, this approach analyzes the decisions made on neutral images. If the outcome would have been different had the challenge results included the neutral images, those images are added to a "trap" database and included in future challenges. In experiments, this approach almost always defeated powerful robots (for example, robots using heuristic learning or a search engine), but humans could still easily pass the challenges.
This "new breed" of CAPTCHA technique can be effectively used in other tasks than defeating bots assisted by powerful search engines and heuristic algorithms. It is useful as image annotation tools as well as providing secure and user-friendly (e.g., easy to remember but likely difficult to be penetrated) authentication mechanism.
Sungdeok (Steve) Cha got Ph.D. in Information and Computer Science at University of California, Irvine, USA in 1991. After working in industry, at the Hughes Aircraft Company and the Aerospace Corporation and, he joined the Computer Science Department of KAIST (Korea Advanced Institute of Science and Technology) from 1994 through 2008. He is currently a professor at the Korea University, serves as an editorial board member of the Journal of Systems and Software, and recently served as co-editor-in-chief of the Software Engineering Handbook to be published by Springer in 2019.