Journal of Information Processing
Online ISSN : 1882-6652
ISSN-L : 1882-6652
HMM-based Attacks on Google's ReCAPTCHA with Continuous Visual and Audio Symbols
Shotaro SanoTakuma OtsukaKatsutoshi ItoyamaHiroshi G. Okuno
Author information
JOURNAL FREE ACCESS

2015 Volume 23 Issue 6 Pages 814-826

Details
Abstract

CAPTCHAs distinguish humans from automated programs by presenting questions that are easy for humans but difficult for computers, e.g., recognition of visual characters or audio utterances. The state of the art research suggests that the security of visual and audio CAPTCHAs mainly lies in anti-segmentation techniques, because individual symbol recognition after segmentation can be solved with a high success rate with certain machine learning algorithms. Thus, most recent commercial CAPTCHAs present continuous symbols to prevent automated segmentation. We propose a novel framework that can automatically decode continuous CAPTCHAs and assess its effectiveness with actual CAPTCHA questions from Google's reCAPTCHA. Our framework is constructed on the basis of a sequence recognition method based on hidden Markov models (HMMs), which can be concisely implemented by using an off-the-shelf library HMM toolkit. This method concatenates several HMMs, each of which recognizes a symbol, to build a larger HMM that recognizes a question. Our experimental results reveal vulnerabilities in continuous CAPTCHAs because the solver cracks the visual and audio reCAPTCHA systems with 31.75% and 58.75% accuracy, respectively. We further propose guidelines to prevent possible attacking from HMM-based CAPTCHA solvers on the basis of synthetic experiments with simulated continuous CAPTCHAs.

Content from these authors
© 2015 by the Information Processing Society of Japan
Previous article Next article
feedback
Top