research-article

Balancing usability and security in a video CAPTCHA

Authors:
Kurt Alfred Kluever

Google, Inc., New York, NY

Google, Inc., New York, NY
View Profile

,
Richard Zanibbi

Rochester Institute of Technology, Rochester, NY

Rochester Institute of Technology, Rochester, NY
View Profile

SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and SecurityJuly 2009Article No.: 14Pages 1–11https://doi.org/10.1145/1572532.1572551

Published:15 July 2009Publication History

SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and Security

Pages 1–11

ABSTRACT

We present a technique for using content-based video labeling as a CAPTCHA task. Our CAPTCHAs are generated from YouTube videos, which contain labels (tags) supplied by the person that uploaded the video. They are graded using a video's tags, as well as tags from related videos. In a user study involving 184 participants, we were able to increase the human success rate on our video CAPTCHA from roughly 70% to 90%, while keeping the success rate of a tag frequency-based attack fixed at around 13%. Through a different parameterization of the challenge generation and grading algorithms, we were able to reduce the success rate of the same attack to 2%, while still increasing the human success rate from 70% to 75%. The usability and security of our video CAPTCHA appears to be comparable to existing CAPTCHAs, and a majority of participants (60%) indicated that they found the video CAPTCHAs more enjoyable than traditional CAPTCHAs in which distorted text must be transcribed.

References

H. S. Baird and K. Popat. Human Interactive Proofs and Document Image Analysis. In Proc. IAPR DAS 2002, ACM Press (2002), 507--518. Google ScholarDigital Library
M. Cha, H. Kwak, P. Rodriguez, Y.-Y. Ahn, and S. Moon. I Tube, You Tube, Everybody Tubes: Analyzing the World's Largest User Generated Content Video System. In Proc. IMC 2007, ACM Press (2007), 1--14. Google ScholarDigital Library
K. Chellapilla, K. Larson, P. Y. Simard, and M. Czerwinski. Building Segmentation Based Human-friendly Human Interaction Proofs (HIPs). In Proc. HIP 2005, LNCS (2005), 1--26. Google ScholarDigital Library
M. Chew and H. S. Baird. Baffletext: A Human Interactive Proof. In Proc. DRR 2003, IST/SPIE (2003), 305--316.Google Scholar
M. Chew and J. D. Tygar. Image Recognition CAPTCHAs. In Proc. ISC 2004, LNCS (2004), 268--279.Google ScholarCross Ref
J. Douceur, J. Elson, J. Howell, and J. Saul. Asirra: A CAPTCHA that Exploits Interest-Aligned Manual Image Categorization. In Proc. CCS 2007, ACM Press (2007), 366--374. Google ScholarDigital Library
G. Geisler and S. Burns. Tagging Video: Conventions and Strategies of the YouTube Community. In Proc. JCDL 2007, ACM/IEEE (2007), 480--480. Google ScholarDigital Library
P. B. Godfrey Text-based CAPTCHA algorithms. In Proc. HIP 2002.Google Scholar
P. Golle. Machine Learning Attacks Against the ASIRRA CAPTCHA. In Proc. CCS 2008, ACM Press (2008), 535--542. Google ScholarDigital Library
L. A. Goodman. Snowball sampling. The Annals of Mathematical Statistics 32, 1 (1961), 148--170.Google ScholarCross Ref
R. Gossweiler, M. Kamvar and S. Baluja. What's Up CAPTCHA? A CAPTCHA Based on Image Orientation. In Proc. WWW 2009, ACM Press (2009), 841--850. Google ScholarDigital Library
M. J. Halvey and M. T. Keane. Analysis of Online Video Search and Sharing. In Proc. Hypertext 2007, ACM Press (2007), 217--226. Google ScholarDigital Library
G. W. Hart. To Decode Short Cryptograms. Communications of the ACM 37, 9 (1994), 102--108. Google ScholarDigital Library
A. Kerckhoffs. La Cryptographie Militaire. Journal des Sciences Militaires 9, (1883), 161--191.Google Scholar
K. A. Kluever. Evaluating the Usability and Security of a Video CAPTCHA. Master's thesis, Rochester Institute of Technology, 2008.Google Scholar
G. Kochanski, D. P. Lopresti and C. Shih. Using a Text-to-Speech Synthesizer to Generate a Reverse Turing Test. In Proc. ICTAI 2003, IEEE Press (2003), 226--232. Google ScholarDigital Library
V. I. Levenshtein. Binary Codes Capable of Correcting Deletions, Insertions, and Reversals. Soviet Physics Doklady 10, (1966), 707--710.Google Scholar
J. B. Lovins. Development of a Stemming Algorithm. Mechanical Translation and Computational Linguistics 11, (1968), 22--31.Google Scholar
M. Naor. Verification of a human in the loop or Identification via the Turing Test. Unpublished manuscript, (1996).Google Scholar
J. C. Paolillo. Structure and Network in the YouTube Core. In Proc. HICSS 2008, IEEE Press (2008), 156--166. Google ScholarDigital Library
M. F. Porter. An Algorithm for Suffix Stripping. Program 14, 3 (1980), 130--137.Google ScholarCross Ref
Y. Rui and Z. Liu. ARTiFACIAL: Automated Reverse Turing test using FACIAL features. Multimedia Systems Journal 9, 6 (2004), 493--502.Google ScholarDigital Library
A. Rusu. Exploiting the Gap in Human and Machine Abilities in Handwriting Recognition for Web Security Applications. PhD thesis, University of New York at Buffalo, 2007. Google ScholarDigital Library
A. M. Turing. Computing Machinery and Intelligence. Mind 59, 236 (1950), 433--460.Google Scholar
C. van Rijsbergen. Information Retrieval, Second edition. Butterworth-Heinemann Ltd, London, UK, 1979. Google ScholarDigital Library
L. von Ahn, M. Blum, and J. Langford. Telling Humans and Computers Apart Automatically. Communications of the ACM 47, 2 (2004), 56--60. Google ScholarDigital Library
L. von Ahn and L. Dabbish. Labeling Images with a Computer Game. In Proc. CHI 2004, ACM Press (2004), 319--326. Google ScholarDigital Library
J. Yan and A. S. E. Ahmad. A Low-cost Attack on a Microsoft CAPTCHA. In Proc. CCS 2008, ACM Press (2008), 543--554. Google ScholarDigital Library
J. Yan and A. S. E. Ahmad. Usability of CAPTCHAs or usability issues in CAPTCHA design. In Proc. SOUPS 2008, ACM Press (2008), 44--52. Google ScholarDigital Library

Index Terms

Balancing usability and security in a video CAPTCHA
1. Human-centered computing
  1. Human computer interaction (HCI)
2. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

CAPTCHA: Impact of Website Security on User Experience
ICIIT '19: Proceedings of the 2019 4th International Conference on Intelligent Information Technology

As currently many people use the Internet to access websites, Internet security becomes an important topic. One popular security mechanism is Captcha or Completely Automated Public Turing Computer and Humans Apart, which determine whether or not the ...
Read More
Image enhanced CAPTCHA for web security
CISR '14: Proceedings of the 9th Annual Cyber and Information Security Research Conference

Many websites use CAPTCHA to defend against malicious automated programs from performing abusive tasks such as illegitimate account registration. CAPTCHA is widely used on commercial websites as a HIP system due to its simplicity of use and ...
Read More
Automatic tag expansion using visual similarity for photo sharing websites

In this paper we present an automatic photo tag expansion method designed for photo sharing websites. The purpose of the method is to suggest tags that are relevant to the visual content of a given photo at upload time. Both textual and visual cues are ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and Security
July 2009
205 pages
ISBN:9781605587363
DOI:10.1145/1572532
General Chair:
Lorrie Faith Cranor
Carnegie Mellon University
Copyright © 2009 Copyright held by the author/owner.
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 15 July 2009
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA)
human interactive proof (HIP)
tagging
video understanding
Qualifiers
- research-article
Conference

Acceptance Rates
SOUPS '09 Paper Acceptance Rate15of49submissions,31%Overall Acceptance Rate15of49submissions,31%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 58
  Total Citations
  View Citations
- 770
  Total Downloads
- Downloads (Last 12 months)14
- Downloads (Last 6 weeks)4
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Balancing usability and security in a video CAPTCHA

SOUPS '09: Proceedings of the 5th Symposium on Usable Privacy and Security

ABSTRACT

References

Cited By

Index Terms

Recommendations

CAPTCHA: Impact of Website Security on User Experience

Image enhanced CAPTCHA for web security

Automatic tag expansion using visual similarity for photo sharing websites