Balancing Usability and Security in a Video CAPTCHA

Posted by Kurt on July 13th, 2009

This week (July 15th - July 17th), Richard Zanibbi and I are attending SOUPS ‘09 in Mountain View, CA. It’s a smaller conference that’s gotten great reviews and has had some excellent CAPTCHA-related work presented in the past. On Friday morning, I’ll be presenting a paper titled Balancing Usability and Security in a Video CAPTCHA. A reporter from ZDNet.co.uk has already written a short article about it which you can find here.

Paper

The paper can be downloaded here and the slides can be downloaded here. It’s also available at the ACM Digital Library.

Bibtex Entry

@inproceedings{kak-soups09,
	Title = {Balancing Usability and Security in a Video CAPTCHA},
	Author = {Kurt Alfred Kluever and Richard Zanibbi},
	Booktitle = {Proceedings of the 5th Symposium On Usable Privacy and Security 2009},
	Address = {Mountain View, CA, USA},
	Month = {July},
	Year = {2009}
}

Paper Accepted at SOUPS ‘09

Posted by Kurt on April 26th, 2009

Richard Zanibbi and I will be presenting Balancing Usability and Security in a Video CAPTCHA at SOUPS ‘09 this summer. SOUPS is conveniently being held on Google’s Mountain View campus, so I’ll be out there for the week visiting friends, enjoying the sun, working, and attending the conference. Once our camera-ready version is finished, I’ll post a full copy of the paper here and also on my new Google Research page.

Here’s some quick info about SOUPS:

The fifth Symposium on Usable Privacy and Security (SOUPS) will be held July 15-17, 2009 at Google in Mountain View, CA. This symposium will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. The program features technical papers, workshops and tutorials, a poster session, panels and invited talks, and discussion sessions. SOUPS 2009 will be held in cooperation with ACM SIGCHI.

MS Thesis available in RIT Library and DML

Posted by Kurt on January 25th, 2009

My thesis is now available in a bounded hard-copy at the RIT library on the 3rd floor (Call No. Q341 .K58 2008) and online through the RIT Digital Media Library.

Video CAPTCHAs: Usability vs. Security

Posted by Kurt on September 13th, 2008

On September 26th, 2008 I will be presenting some of my work on Video CAPTCHAs at the IEEE Western New York Image Processing Workshop 2008 in Rochester, NY. The workshop will be held in the Imaging Science building at RIT (registration details can be found at the above link). The paper is in the form of a 4 page “extended abstract” and can be downloaded below.

Paper

The paper can be downloaded here or from the RIT Digital Media Library.

Bibtex Entry

@inproceedings{videoCAPTCHAsUsabilityVsSecurity,
	Title = {Video CAPTCHAs: Usability vs. Security},
	Author = {Kurt Alfred Kluever and Richard Zanibbi},
	Booktitle = {Proceedings of the IEEE Western New York Image Processing Workshop 2008},
	Address = {Rochester, NY, USA},
	Month = {September},
	Year = {2008}
}

Breaking the PayPal.com CAPTCHA

Posted by Kurt on May 12th, 2008

The PayPal.com CAPTCHA suffers several weaknesses: fixed font face, fixed font size, no distortions, trivial background noise, and it’s easy to segment. In this experiment, a three step algorithm has been developed to break the PayPal CAPTCHA. The image is preprocessed to remove noise using thresholding and a simple cleaning technique, and then segmented using vertical projections and candidate split positions. Four classification methods have been implemented: pixel counting, vertical projections, horizontal projections and template correlations. The system was trained on a sample of twenty PayPal CAPTCHAs to create thirty-six training templates (one for each character: 0-9 and A-Z). A separate sample of 100 PayPal CAPTCHAs were used for testing. The following success rates have been achieved using the different classifiers: 8% pixel counting, vertical projections 97%, horizontal projections 100%, template correlations 100%. Three of the trained classifiers out perform the 88% success rate of Pwntcha.

Example

Preprocess

  1. Original:
  2. Grey Scale:
  3. Thresholding:
  4. Further Cleaning:

Segment

  1. Segmented:
  2. Padded:

Classify

  • Pixel Counting: 8% Break Rate
  • Vertical Projections: 97% Break Rate
  • Horizontal Projections: 100% Break Rate
  • Template Correlations: 100% Break Rate

Paper

The final paper including MATLAB source code, sample runs, and results can be downloaded here or from the RIT Digital Media Library.

Presentation

A copy of the slides used for a presentation of this experiment can be downloaded here.

Data

The 20 training and 100 testing PayPal CAPTCHA images are available to download here.

Source Code

Complete MATLAB code (281 lines, well commented) for preprocessing, segmenting, and classifying the images is available here.

YouTube Video

Note that this video wasn’t created by me. Skip forward to approximately the 1 minute mark.

Breaking the ASP Security Image Generator

Posted by Kurt on February 28th, 2008

For my independent study, I investigated optical character recognition techniques and their application to recognizing text-based HIPs (methods used to distinguish human users and machines on the internet). This study is an extension of methods covered in neural networks and machine learning, computer vision, and artificial intelligence. The report includes experimental results of breaking the ASP Security Image Generator (CAPTCHA) v2.0 with a 72% success rate. Posting of source code is not currently planned. However, my paper contains fairly detailed steps and can be downloaded here.

Rule-based Office Monitoring System

Posted by Kurt on February 18th, 2008

As part of my Artifical Intelligence course, we developed a rule-based expert system that can autonomously govern a building’s environment to optimize user comfort and energy consumption, whilst providing safety and monitoring functions. The expert system has been developed using the Java programming language and the Java Expert System Shell (JESS). Rules are stored as an external resource and can be modified in real time without requiring a rebuild of the entire project. Write-up 1 includes problem description, design considerations, and implementation details. Write-up 2 includes testing results and a comparison to another system.

OCR using Artificial Neural Networks

Posted by Kurt on February 18th, 2008

Optical character recognition refers to the process of translating images of hand-written, typewritten, or printed text into a format understood by machines for the purpose of editing, indexing/searching, and a reduction in storage size. The OCR process is complicated by noisy inputs, image distortion, and differences between typefaces, sizes, and fonts. Artificial neural networks are commonly used to perform character recognition due to their high noise tolerance. In my Artificial Intelligence course, I explored several OCR techniques which utilize ANN’s.

Paper

My final writeup where I surveyed four OCR techniques which utilized ANNs can be downloaded here.

Presentation

I also gave a final presentation on my research where I compared and contrasted four methods. My slides can be downloaded here.

Seam Carving Project

Posted by Kurt on November 6th, 2007

For my Computer Vision course project, I implemented the seam carving technique by Shai Avidan of Mitsubishi Electronic Research Labs and Ariel Shamir of The Interdisciplinary Center and MERL. My final paper, presentation, and code for my seam carving project is now available.

Paper

My final writeup can be downloaded here.

Presentation

Presentation available here!

Code

Java code available here!
Matlab code available here!

Video

Examples

Original image

Image with 100 lowest energy seams shown

Image with 100 lowest energy seams shown

Image with 100 seams removed (no noticeable artifacts)

Image with 100 seams removed (no noticeable artifacts)

Image with 250 seams removed (artifacts start to appear)

Image with 250 seams removed (artifacts start to appear)

IEEE Sensors 2007 Paper

Posted by Kurt on October 28th, 2007

The IEEE paper (Improving Measurement Accuracy in Sensor Networks by an Object Model Generation and Application) which I co-authored with Dr. Leon Reznik is now available on IEEE’s website. It was prepared for the IEEE Sensors 2007 Conference in Atlanta, GA. Bibtex entry:

@inproceedings{4388413,
	Address = {Atlanta, GA},
	Author = {Reznik, Leonid and Kluever, Kurt Alfred},
	Booktitle = {Proceedings of the 6th Annual IEEE Conference on Sensors},
	Doi = {10.1109/ICSENS.2007.4388413},
	Issn = {1930-0395},
	Month = {October},
	Pages = {371-374},
	Publisher = {IEEE Computer Society},
	Title = {Improving Measurement Accuracy in Sensor Networks by an Object Model Generation and Application},
	Year = {2007},
	Bdsk-Url-1 = {http://dx.doi.org/10.1109/ICSENS.2007.4388413}
}

Modified version of Webby Blue
Copyright © 2008 kloover.com. All rights reserved.
**This is my personal blog. The views expressed on these pages are mine alone and not those of my employer.**