7th Annual IEEE Information Assurance Workshop

 21-23 June 2006

 "The West Point Workshop"

 United States Military Academy, West Point, New York
Chair:  LTC Ronald Dodge, Ronald.Dodge@usma.edu

http://www.itoc.usma.edu/workshop/2006
   

Home
Call for Papers
Papers
Posters
Submission
Registration
Travel
Lodging
Program
Vendor Info
Contacts
Photographs
   IAWorkshop 2006 START Conference Manager    

Visual Reverse Turing Tests: A False Sense of Security

Miroslav Ponec

The 7th IEEE Information Assurance Workshop (IAWorkshop 2006)
West Point, New York, USA, June 21-23, 2006

Abstract

Internet services are increasingly abused by malicious scripts that try to mimic human users. Reverse Turing tests are challenges used to differentiate humans from computers. Visual reverse Turing tests use visual challenges, such as distorted character recognition tasks, that are easily solved by humans, while remaining too hard for automatic scripts. We demonstrate that the computational and development cost of a script breaking through some currently deployed visual reverse Turing tests is low, thus making them ineffective in protecting these services. We present two case studies of successful attacks on character-based tests that are currently used to protect two public web services. Our attacks utilize image processing techniques and also exploit flaws in the test deployment.

  
START Conference Manager (V2.52.3)
Maintainer: rrgerber@softconf.com

 

   
         
The IEEE Information Assurance Workshop is sponsored by the IEEE Systems Man and Cybernetics Society, supported by the National Security Agency, and hosted by the Information Technology Operations Center, Department of Electrical Engineering and Computer Science, at the United States Military Academy, West Point, New York.