Jeff Yan
ABSTRACT
CAPTCHA is now almost a standard security technology, and has found widespread application in commercial websites. Usability and robustness are two fundamental issues with CAPTCHA, and they often interconnect with each other. This paper discusses usability issues that should be considered and addressed in the design of CAPTCHAs. Some of these issues are intuitive, but some others have subtle implications for robustness (or security). A simple but novel framework for examining CAPTCHA usability is also proposed.
- L von Ahn, M Blum and J Langford. "Telling Humans and Computer Apart Automatically", CACM, V47, No2, 2004. Google Scholar
Digital Library
- Luis von Ahn, Personal Communications, Oct 2007.Google Scholar
- HS Baird, MA Moll and SY Wang. "A highly legible captcha that resists segmentation attacks". Proc. of Second Int'l Workshop on Human Interactive Proofs (HIP'05), ed. by HS Baird and DP Lopresti, Springer-Verlag. LNCS 3517, Bethlehem, PA, USA, 2005. Google ScholarDigital Library
- K Chellapilla, K Larson, P Simard and M Czerwinski, "Designing human friendly human interaction proofs", ACM CHI'05, 2005. Google ScholarDigital Library
- K Chellapilla, K Larson, P Simard and M Czerwinski, "Building Segmentation Based Human-friendly Human Interaction Proofs", 2nd Int'l Workshop on Human Interaction Proofs, Springer-Verlag, LNCS 3517, 2005. Google ScholarDigital Library
- M Chew and HS Baird. "BaffleText: a human interactive proof". Proc. of 10th IS&T/SPIE Document Recognition & Retrieval Conference, 2003.Google Scholar
- AL Coates, H S Baird and RJ Fateman. "PessimalPrint: A Reverse Turing Test", Int'l. J. on Document Analysis & Recognition, Vol. 5, pp. 158--163, 2003.Google Scholar
- Lindsay W. MacDonald. "Using Colour Effectively in Computer Graphics". IEEE Computer Graphics and Applications, July/August 1999. Google ScholarDigital Library
- T Converse, "CAPTCHA generation as a web service", Proc. of Second Int'l Workshop on Human Interactive Proofs (HIP'05), ed. by HS Baird and DP Lopresti, Springer-Verlag. LNCS 3517, Bethlehem, PA, USA, 2005. pp. 82--96 Google ScholarDigital Library
- Dan Goodin, "Facebook takes the Captcha rap". The Register, Dec 13, 2007. Available at http://www.theregister.co.uk/2007/12/13/facebook_captcha _goes_wrong/Google Scholar
- Paul Festa. "Spam-bot tests flunk the blind", CNET News.com, July 2, 2003. Available at http://www.news.com/2100-1032-1022814.html.Google Scholar
- Greg Mori and Jitendra Malik. "Recognising Objects in Adversarial Clutter: Breaking a Visual CAPTCHA", IEEE Conference on Computer Vision and Pattern Recognition (CVPR'03), Vol 1, June 2003, pp. 134--141. Google ScholarDigital Library
- Jakob Nielsen. Usability 101: Introduction to Usability, 2003. Available at http://www.useit.com/alertbox/20030825.html.Google Scholar
- W3C Working Group, "Inaccessibility of CAPTCHA - Alternatives to Visual Turing Tests on the Web", Nov, 2005. Available at http://www.w3.org/TR/turingtest/.Google Scholar
- J Yan and A S El Ahmad. "Breaking Visual CAPTCHAs with Naïve Pattern Recognition Algorithms", in Proc. of the 23rd Annual Computer Security Applications Conference (ACSAC'07). FL, USA, Dec 2007. IEEE computer society. pp 279--291.Google Scholar
- J Yan and A S El Ahmad. "A Low-cost Attack on a Microsoft CAPTCHA", School of Computing Science Technical Report, Newcastle University, England. Feb, 2008.Google Scholar
- BotBlock. http://www.chimetv.com/tv/products/botblock.shtml. Accessed in Feb, 2008.Google Scholar
- http://recaptcha.net/Google Scholar
- http://www.cryptographp.comGoogle Scholar
- FreeCap. http://www.puremango.co.uk/cm_php_captcha_script_113.phpGoogle Scholar
- Diablo 2 event, http://newd2event.net/index.php?id=hacks/redvex/HotPlug_PluginGoogle Scholar
- The "Shout it out" audio CAPTCHA, http://www.nswardh.com/shout/. Accessed in Feb, 2008.Google Scholar
- R Chow, P Gollé, M Jakobsson, X Wang, L Wang. "Making CAPTCHAs clickable". Ninth Workshop on Mobile Computing Systems and Applications (HotMobile 2008). 2008 February 25--26; Napa, CA. Google ScholarDigital Library
- Ritendra Datta, Jia Li and James Z. Wang, "IMAGINATION: A Robust Image-based CAPTCHA Generation System", Proceedings of the ACM Multimedia Conference, pp. 331--334, Singapore, ACM, November 2005. Google ScholarDigital Library
- J Elson, JR Douceur, J Howell and J Saul. "Asirra: a CAPTCHA that exploits interest-aligned manual image categorization". Proceedings of the 14th ACM conference on Computer and communications security (CCS), 2007. Google ScholarDigital Library
- M Hoque, D Russomanno, M Yeasin. "2D Captchas from 3D Models", IEEE SoutheastCon 2006 Memphis, TN, April 2006.Google Scholar
- J Yan and A S El Ahmad. "Is cheap labour behind the scene? - Low-cost automated attacks on Yahoo CAPTCHAs", School of Computing Science Technical Report, Newcastle University, England. Apr, 2008.Google Scholar
Index Terms
- Usability of CAPTCHAs or usability issues in CAPTCHA design
Recommendations
On the necessity of user-friendly CAPTCHA
CHI '11: Proceedings of the SIGCHI Conference on Human Factors in Computing SystemsA "Completely Automated Public Turing test to tell Computers and Humans Apart" (CAPTCHA) is a mechanism widely used nowadays for protection of web applications, interfaces, and services from malicious users. A questionnaire-based survey combined with a ...
CAPTCHINO - A Gamification of Image-Based CAPTCHAs to Evaluate Usability Issues
ICCS '12: Proceedings of the 2012 International Conference on Computing SciencesCAPTCHA technology is at a boom in the field of information security. When text CAPTCHAs are at a point of break down, it is the time for the image based CAPTCHAs to get a pace. But often the designers of the CAPTCHA forget the issues related to the ...
Association rule mining for the usability of the CAPTCHA interfaces: a new study of multimedia systems
This paper presents an analysis of the CAPTCHA interfaces in terms of their usability to Internet users. The usability is represented by the time needed to the users for finding a solution to the CAPTCHA, which is called response time. Specifically, the ...
Comments