SlideShare ist ein Scribd-Unternehmen logo
1 von 33
Downloaden Sie, um offline zu lesen
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 1
PREFACE
As an integral part of the curriculum, I ARPIT GUPTA student of Integral University,
Lucknow, pursuing B.TECH in need to get exposed to the actual knowledge Computer
Science & Engineering environment the better understanding of the various new technologies
developed for the betterment of the future.
A well-planned, properly executed and evaluated seminar topic helps a lot on inculcating a
professional attitude. It provides a linkage between the student and the teacher to develop an
awareness of CSE approach to problem solving, based on a broad understanding of process and
mode operations of the technology.
I consider myself fortunate enough that I had an opportunity to collect information about,
“CAPTCHA” and write about this topic.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 2
CERTIFICATE
This is to certify that B.Tech Seminar Report entitled “CAPTCHA” is a bonafide record of
work carried out by Arpit Gupta student of 4th
Year (7th
Semester), Computer Science &
Engineering.
This report is submitted to the Department of Computer Science & Engineering in partial
fulfillment of requirement for the award of Bachelor’s degree in Computer Science&
Engineering during the session 2013-2014.
Mr. Parvez Mahmood Khan
Head of Department
(CSE)
Mr. Kamlesh Chandra Maurya
Assistant Professor
(Department of Computer Science)
Mr. Avadhesh Kumar
Assistant Professor
(Department of Computer Science)
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 3
PRONOUNCEMENT
The seminar report on the topic “CAPTCHA” was given in our supervision. This is a written
testimony of the excellent presentation given by Arpit Gupta in seminar hall for the partial
fulfillment of Bachelor’s degree in Computer Science & Engineering of Integral University.
The seminar was given wonderfully and applauded by the audience present in the seminar hall.
All of them were comprehensively with the topic. We congratulate her for her wonderful work
and wish success in future.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 4
ACKNOWLEDGEMENT
I would like to express my sincere gratitude from the core of my heart to Mr. Kamlesh
Chandra Maurya and Mr. Avadhesh Kumar, my seminar coordinators and all my friends and
colleagues for their tremendous help and cooperation in completion of this seminar report.
I have put great efforts in making this seminar report. I have tried my level best to be accurate at
all points and have included each and every point regarding “CAPTCHA”.
My efforts have also been in the direction to make my seminar report look attractive and
presentable. I hope my hard work will be appreciated by all.
Arpit Gupta
B.Tech, 4th
Year
Computer Science & Engineering
Roll No: 1000112031
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 5
STUDENT DECLARATION
I, Arpit Gupta hereby declare that the work which is being presented in the file,
“CAPTCHA”, is in partial fulfillment of the requirement of the seminar that has been given by
me, as a scheduled program of my B.TECH education.
This is an authentic record of my own carried out under the supervision of Mr. Kamlesh
Chandra Maurya and Mr. Avadhesh Kumar.
ARPIT GUPTA
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 6
TABLE OF CONTENT
CONTENT PAGE NUMBERS
1) Abstract………………………………………………………………………..7
2) Introduction…………………………………………………………………...8
3) Background……………………………………………………………………9
4) Captchas and Turing
Test…………….……………………………………………………………..10
5) Why Captcha was
needed………………………………………………………………………..11
6) Captcha Logic……………………………………………………………….12
7) How to generate……………………………………………………………..13
8) Types of Captcha……………………………………………………………15
9) Guidelines for Captcha
implementation……………………………………………………………...25
10) Applications……………………………………………………………..…..28
11) Advantages…………………………………………………………………..30
12) Disadvantages……………………………………………………………….30
13) Future Scope………………………………………………………………...31
14) Conclusion…………………………………………………………………..32
15) References…………………………………………………………………...33
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 7
ABSTRACT
CAPTCHA (completely automated public turing test to tell computers and
humans apart), a technique used by a computer to tell if it is interacting with a
human or another computer. Because computing is becoming pervasive, and
computerized tasks and services are commonplace, the need for increased levels of
security has led to the development of this way for computers to ensure that they
are dealing with humans in situations where human interaction is essential to
security. Activities such as online commerce transactions, search engine
submissions, Web polls, Web registrations, free e-mail service registration and
other automated services are subject to software programs, or bots, that mimic the
behavior of humans in order to skew the results of the automated task or perform
malicious activities, such as gathering e-mail addresses for spamming or ordering
hundreds of tickets to a concert.
In order to validate the digital transaction, using the CAPTCHA system the user is
presented with a distorted word typically placed on top of a distorted background.
The user must type the word into a field in order to complete the process.
Computers have a difficult time decoding the distorted words while humans can
easily decipher the text.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 8
INTRODUCTION
A CAPTCHA is a program that protects websites against bots by generating and
grading tests that humans can pass but current computer programs cannot. For
example, humans can read distorted text as the one shown below, but current
computer programs can't:
A CAPTCHA or Captcha is a type of challenge-response test used in computing to
ensure that the response is not generated by a computer. The process usually
involves one computer (a server) asking a user to complete a simple test which the
computer is able to generate and grade. Because other computers are unable to
solve the CAPTCHA, any user entering a correct solution is presumed to be
human. Thus, it is sometimes described as a reverse Turing test, because it is
administered by a machine and targeted to a human, in contrast to the standard
Turing test that is typically administered by a human and targeted to a machine. A
common type of CAPTCHA requires that the user type letters or digits from a
distorted image that appears on the screen.
The term "CAPTCHA" (based upon the word capture) was coined in 2000 by Luis
von Ahn, Manuel Blum, Nicholas J. Hopper (all of Carnegie Mellon University),
and John Langford (then of IBM). It is a contrived acronym for "Completely
Automated Public Turing test to tell Computers and Humans Apart." Carnegie
Mellon University attempted to trademark the term, but the trademark application
was abandoned on 21 April 2008. Currently, CAPTCHA creators recommend use
of reCAPTCHA as the official implementation.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 9
Background:
The need for CAPTCHAs rose to keep out the website/search engine abuse
by bots. In 1997, AltaVista sought ways to block and discourage the automatic
submissions of URLs into their search engines. Andrei Broder, Chief Scientist of
AltaVista, and his colleagues developed a filter. Their method was to generate a
printed text randomly that only humans could read and not machine readers. Their
approach was so effective that in an year, “spam-add-ons’” were reduced by 95%
and a patent was issued in 2001.
In 2000, Yahoo’s popular Messenger chat service was hit by bots which pointed
advertising links to annoying human users of chat rooms. Yahoo, along with
Carnegie Mellon University, developed a CAPTCHA called EZ-GIMPY, which
chose a dictionary word randomly and distorted it with a wide variety of image
occlusions and asked the user to input the distorted word.
In November 1999, slashdot.com released an online poll asking which was the best
graduate school in computer science (a dangerous question to ask over the web!).
As is the case with most online polls, IP addresses of voters were recorded in order
to prevent single users from voting more than once. However, students at Carnegie
Mellon found a way to stuff the ballots by using programs that voted for CMU
thousands of times. CMU's score started growing rapidly. The next day, students at
MIT wrote their own voting program and the poll became a contest between voting
“bots". MIT finished with 21,156 votes, Carnegie Mellon with 21,032 and every
other school with less than 1,000. Can the result of any online poll be trusted? Not
unless the poll requires that only humans can vote.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 10
CAPTCHAS AND THE TURING TEST:
CAPTCHA technology has its foundation in an experiment called the Turing
Test. Alan Turing, sometimes called the father of modern computing, proposed the test as a way
to examine whether or not machines can think -- or appear to think -- like humans. The classic
test is a game of imitation. In this game, an interrogator asks two participants a series of
questions. One of the participants is a machine and the other is a human. The interrogator can't
see or hear the participants and has no way of knowing which is which. If the interrogator is
unable to figure out which participant is a machine based on the responses, the machine passes
the Turing Test.
Of course, with a CAPTCHA, the goal is to create a test that humans can pass easily
but machines can't. It's also important that the CAPTCHA application is able to present
different CAPTCHAs to different users. If a visual CAPTCHA presented a static image that was
the same for every user, it wouldn't take long before a spammer spotted the form, deciphered the
letters, and programmed an application to type in the correct answer automatically.
Most, but not all, CAPTCHAs rely on a visual test. Computers lack the sophistication
that human beings have when it comes to processing visual data. We can look at an image and
pick out patterns more easily than a computer. The human mind sometimes perceives patterns
even when none exist, a quirk we call pareidol ia. Ever see a shape in the clouds or a face on the
moon? That's your brain trying to associate random information into patterns and shapes.
But not all CAPTCHAs rely on visual patterns. In fact, it's important to have an
alternative to a visual CAPTCHA. Otherwise, the Web site administrator runs the risk of
franchising any Web user who has a visual impairment. One alternative to a visual test isan
audible one. An audio CAPTCHA usually presents the user with a series of spoken letters or
numbers. It's not unusual for the program to distort the speaker's voice, and it's also common for
the program to include background noise in the recording. This helps thwart voice recognition
programs.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 11
Why CAPTCHA was needed???
 To prevent the following :-
 Multiple votes in online polls.
 Worms and Spam e-mails.
 Search engine BOTs.
 Preventing dictionary attacks(password cracking).
 Tampering with rankings on recommendation systems (e.g. e-bay,
amazon etc.)
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 12
CAPTCHA Logic:
1. The CAPTCHA image (or question) is generated. There are different ways to do this. The
classic approach is to generate some random text, apply some random effects to it and
convert it into an image.
2. Step 2 is not really sequential. During step 1, the original text (pre-altered) is persisted
somewhere, as this is the correct answer to the question. There are different ways to
persist the answer, as a server- side session variable, cookie, file, or database entry.
3. The generated CAPTCHA is presented to the user, who is prompted to answer it.
4. The back-end script checks the answer supplied by the user by comparing it with the
persisted (correct) answer. If the value is empty or incorrect, we go back to step 1: a new
CAPTCHA is generated. Users should never get a second shot at answering the
same CAPTCHA.
5. If the answer supplied by the user is correct, the form post is successful and processing
can continue. If applicable, the generated CAPTCHA image is deleted.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 13
Picks a random
string of letters:
o m a g
Renders it to a
distorted image:-
HOW TO GENERATE
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 14
..... and generates a test
TYPE THE CHARACTERS
THAT APPEAR IN THE
IMAGE
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 15
Types of CAPTCHAs
CAPTCHAs are classified based on what is distorted and presented as a challenge to the
user. They are:
 Text CAPTCHAs:
These are simple to implement. The simplest yet novel approach is to present the user
with some questions which only a human user can solve. Examples of such questions are:
1. What is twenty minus three?
2. What is the third letter in UNIVERSITY?
3. Which of Yellow, Thursday and Richard is a colour?
4. If yesterday was a Sunday, what is today?
Such questions are very easy for a human user to solve, but it’s very difficult to program a
computer to solve them. These are also friendly to people with visual disability – such as those
with colour blindness.
Properties-
 Typically relay on sophisticated distortion of text images rendering them unrecognizable
to the state of the art of the pattern recognition programs but recognizable by humans.
 Very effective, needs a large question bank.
 Cognitively challenged users find it hard .
Other text CAPTCHAs involves text distortions and the user is asked to identify the text hidden.
The various implementations are:
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 16
Gimpy:
Gimpy is a very reliable text CAPTCHA built by CMU in collaboration with Yahoo for their
Messenger service. Gimpy is based on the human ability to read extremely distorted text and the
inability of computer programs to do the same. Gimpy works by choosing ten words randomly
from a dictionary, and displaying them in a distorted and overlapped manner. User has to
recognize at least 3 words.
Gimpy then asks the users to enter a subset of the words in the image. The human user is capable
of identifying the words correctly, whereas a computer program cannot.
Gimpy CAPTCHA
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 17
Ez – Gimpy:
This is a simplified version of the Gimpy CAPTCHA, adopted by Yahoo in their signup
page. Ez – Gimpy randomly picks a single word from a dictionary and applies distortion to the
text. The user is then asked to identify the text correctly.
 A modified version of Gimpy.
 Used in Yahoo Messenger Service.
 It contains only one random character string.
 The word is random and not picked from the
dictionary, so not prone to dictionary attack.
 Its not a good implementation of CAPTCHA.
Yahoo’s Ez – Gimpy CAPTCHA
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 18
BaffleText:
This was developed by Henry Baird at University of California at Berkeley. This is
a variation of the Gimpy. This doesn’t contain dictionary words, but it picks up random
alphabets to create a nonsense but pronounceable text. Distortions are then added to this text and
the user is challenged to guess the right word. This technique overcomes the drawback of Gimpy
CAPTCHA because, Gimpy uses dictionary words and hence, clever bots could be designed to
check the dictionary for the matching word by brute-force.
finans
ourses
BaffleText examples
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 19
MSN Captcha:
Microsoft uses a different CAPTCHA for services provided under MSN umbrella. These are
popularly called MSN Passport CAPTCHAs. They use eight characters (upper case) and digits.
Foreground is dark blue, and background is grey. Warping is used to distort the characters, to
produce a ripple effect, which makes computer recognition very difficult. Its very strongly
implemented and hasn’t been broken. It is segmentation –resistant.
XTNM5YRE
L9D28229B
MSN Passport CAPTCHA
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 20
Some Text Based CAPTCHAs
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 21
 Graphic CAPTCHAs:
Graphic CAPTCHAs are challenges that involve pictures or objects that have some sort of
similarity that the users have to guess. They are visual puzzles, similar to Mensa tests. Computer
generates the puzzles and grades the answers, but is itself unable to solve it.
 Bongo:
Bongo. Another example of a CAPTCHA is the program we call BONGO. BONGO is
named after M.M. Bongard, who published a book of pattern recognition problems in the 1970s .
BONGO asks the user to solve a visual pattern recognition problem. It displays two series of
blocks, the left and the right. The blocks in the left series differ from those in the right, and the
user must find the characteristic that sets them apart. A possible left and right series is shown in
Figure 2.5
Fig 2.5 Bongo CAPTCHA
These two sets are different because everything on the left is drawn with thick lines and those on
the right are in thin lines. After seeing the two blocks, the user is presented with a set of four
single blocks and is asked to determine to which group the each block belongs to. The user
passes the test if s/he determines correctly to which set the blocks belong to. We have to be
careful to see that the user is not confused by a large number of choices.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 22
PIX:
PIX is a program that has a large database of labeled images. All of these images are
pictures of concrete objects (a horse, a table, a house, a flower). The program picks an object at
random, finds six images of that object from its database, presents them to the user and then asks
the question “what are these pictures of?” Current computer programs should not be able to
answer this question, so PIX should be a CAPTCHA. However, PIX, as stated, is not a
CAPTCHA: it is very easy to write a program that can answer the question “what are these
pictures of?” Remember that all the code and data of a CAPTCHA should be publicly available;
in particular, the image database that PIX uses should be public. Hence, writing a program that
can answer the question “what are these pictures of?” is easy: search the database for the images
presented and find their label. Fortunately, this can be fixed. One way for PIX to become a
CAPTCHA is to randomly distort the images before presenting them to the user, so that
computer programs cannot easily search the database for the undistorted image.
Ex:- Pick the common characteristic among the
following four pictures
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 23
Some Graphics Based CAPTCHAs
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 24
Audio CAPTCHAs:
The final example we offer is based on sound. The program picks a word or a sequence of
numbers at random, renders the word or the numbers into a sound clip and distorts the sound
clip; it then presents the distorted sound clip to the user and asks users to enter its contents. This
CAPTCHA is based on the difference in ability between humans and computers in recognizing
spoken language. Nancy Chan of the City University in Hong Kong was the first to implement a
sound-based system of this type. The idea is that a human is able to efficiently disregard the
distortion and interpret the characters being read out while software would struggle with the
distortion being applied, and need to be effective at speech to text translation in order to be
successful. This is a crude way to filter humans and it is not so popular because the user has to
understand the language and the accent in which the sound clip is recorded.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 25
Guidelines for CAPTCHA implementation:
If your website needs protection from abuse, it is recommended that you use a
CAPTCHA. There are many CAPTCHA implementations, some better than others. The
following guidelines are strongly recommended for any CAPTCHA code:
Accessibility-
Because CAPTCHAs rely on visual perception, users unable to view a CAPTCHA (for
example, due to a disability or because it is difficult to read) will be unable to perform the task
protected by a CAPTCHA. Therefore, sites implementing CAPTCHAs may provide an audio
version of the CAPTCHA in addition to the visual method. The official CAPTCHA site
recommends providing an audio CAPTCHA for accessibility reasons. This combination
represents the most accessible CAPTCHA currently known to exist. Attempts at more accessible
CAPTCHAs Even an audio and visual CAPTCHA will require manual intervention for some
users, such as those who have visual disabilities and also are deaf. There have been various
attempts at creating CAPTCHAs that are more accessible.
Attempts include the use of JavaScript, mathematical questions ("what is 1+1"), or "common
sense" questions ("what color is the sky on a clear day"). However they do not meet both the
criteria of being able to be automatically generated and not relying on the type of CAPTCHA
being new to the attacker.
Image Security
Images of text should be distorted randomly before being presented to the user. Many
implementations of CAPTCHAs use undistorted text, or text with only minor distortions. These
implementations are vulnerable to simple automated attacks. For example, the CAPTCHAs
shown below can all be broken using image processing techniques, mainly because they use a
consistent font.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 26
Script Security
Building a secure CAPTCHA is not easy. In addition to making the images unreadable by
computers, the system should ensure that there are no easy ways around it at the script level.
Common examples of insecurities in this respect include: (1) Systems that pass the answer to the
CAPTCHA in plain text as part of the web form. (2) Systems where a solution to the same
CAPTCHA can be used multiple times (this makes the CAPTCHA vulnerable to so-called
"replay attacks").
Security Even After Wide-Spread Adoption
There are various "CAPTCHAs" that would be insecure if a significant number of sites start
using them. An example of such a puzzle is asking text-based questions, such as a mathematical
question ("what is 1+1"). Since a parser could easily be written that would allow bots to bypass
this test, such "CAPTCHAs" rely on the fact that few sites use them, and thus that a bot author
has no incentive to program their bot to solve that challenge. True CAPTCHAs should be secure
even after a significant number of websites adopt them.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 27
Issues with CAPTCHAs
There are many issues with CAPTCHAs, primarily because they distort text and
images in such a way that, sometimes it gets difficult for even humans to read.
Usability issues with text based CAPTCHAs:
Are text CAPTCHAs like Gimpy, user–friendly? Some CAPTCHAs are inaccessible to visually
impaired, cognitively challenged people .Sometimes the text is distorted to such an extent, that
even humans have difficulty in understanding it. Some of the issues are listed in table:
When embedded in web pages, audio CAPTCHAs can also cause compatibility issues. For
example, many such schemes require JavaScript to be enabled. However, some users might
prefer to disable JavaScript in their browsers. Some other schemes can be even worse. For
example, we found that one audio scheme requires Adobe Flash support. With this scheme,
vision-impaired users will not even notice that such a CAPTCHA challenge exist in the page,
unless Flash is installed in their computers - apparently, no text alternative is attached to the
speaker-like Flash object, either.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 28
Applications
1. Online Polls: As mentioned before, bots can wreak havoc to any unprotected online
poll. They might create a large number of votes which would then falsely represent the
poll winner in spotlight. This also results in decreased faith in these polls. CAPTCHAs
can be used in websites that have embedded polls to protect them from being accessed
by bots, and hence bring up the reliability of the polls.
2. Protecting Web Registration: Several companies offer free email and other services.
Until recently, these service providers suffered from a serious problem – bots. These
bots would take advantage of the service and would sign up for a large number of
accounts. This often created problems in account management and also increased the
burden on their servers. CAPTCHAs can effectively be used to filter out the bots and
ensure that only human users are allowed to create accounts.
3. Preventing comment spam: Most bloggers are familiar with programs that submit
large number of automated posts that are done with the intention of increasing the search
engine ranks of that site. CAPTCHAs can be used before a post is submitted to ensure
that only human users can create posts. A CAPTCHA won't stop someone who is
determined to post a rude message or harass an administrator, but it will help prevent
bots from posting messages automatically.
4. Search engine bots: It is sometimes desirable to keep web pages unindexed to prevent
others from finding them easily. There is an html tag to prevent search engine bots from
reading web pages. The tag, however, doesn't guarantee that bots won't read a web page;
it only serves to say "no bots, please." Search engine bots, since they usually belong to
large companies, respect web pages that don't want to allow them in. However, in order
to truly guarantee that bots won't enter a web site, CAPTCHAs are needed.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 29
5. E-Ticketing: Ticket brokers like TicketMaster also use CAPTCHA applications. These
applications help prevent ticket scalpers from bombarding the service with massive
ticket purchases for big events. Without some sort of filter, it's possible for a scalper to
use a bot to place hundreds or thousands of ticket orders in a matter of seconds.
Legitimate customers become victims as events sell out minutes after tickets become
available. Scalpers then try to sell the tickets above face value.
6. Email spam: CAPTCHAs also present a plausible solution to the problem of spam
emails. All we have to do is to use a CAPTCHA challenge to verify that a indeed a
human has sent the email.
7. Preventing Dictionary Attacks: CAPTCHAs can also be used to prevent dictionary
attacks in password systems. The idea is simple: prevent a computer from being able to
iterate through the entire space of passwords by requiring it to solve a CAPTCHA after a
certain number of unsuccessful logins. This is better than the classic approach of locking
an account after a sequence of unsuccessful logins, since doing so allows an attacker to
lock accounts at will.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 30
Advantages:
• Distinguishes between a human and a machine.
• Makes online polls more genuine.
• Reduces spam and viruses
• Makes online shopping safer.
• Diminishes abuse of free email account services.
Disadvantages:
• Sometimes very difficult to read.
• Are not compatible with users with disabilities.
• Time-consuming to decipher.
• Technical difficulties with certain internet browsers.
• May greatly enhance Artificial Intelligence.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 31
FUTURE SCOPE
Since there is a possibility that audio CAPTCHAs can be solved, new audio
CAPTCHAs must be developed that the machine learning methods will be less
likely to solve. CAPTCHAs containing longer solutions and multiple speakers
tend to be more difficult to solve. Also, because the methods for breaking audio
CAPTCHAs depend on the amount of training data we have, having a large
vocabulary would make it more difficult to collect enough training data.
In designing a new audio CAPTCHA another matter of concern is the human pass
rate. To develop an audio CAPTCHA with an improved human pass rate, an
efficient way is to take advantage of the human mind‘s ability to understand
distorted audio through context clues.
Current CAPTCHA systems create a separation between their visual and audio
CAPTCHA. The audio CAPTCHA is essentially a distinct system with a
completely independent development and maintenance path. Alternatively, the
visual and audio CAPTCHA can be joined products into one single system i n
which the audio is directly related to the visual elements that are presented to the
user. This type of CAPTCHA will be more accessible for users with visual
impairments, as well as having possible benefits of easy adaptation for different
languages and cultures.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 32
CONCLUSION
In conclusion, browsing internet is not for the normal users only. The special
needs user need the internet like the normal user or may be more. The web sites are
provided to help users, give them more information or make their work easier,
but CAPTCHA makes reaching the web sites services more complicated. At
last, we need some way to tell CAPTCHA that special needs users are human not
bots. Sites with attractive resources and millions of users will always need
access control systems that limit the bad using of them. At that level, it is
reasonable to employ many concurrent approaches, including audio and visual
CAPTCHA, to do so. However, it must be noted that users with disabilities
can interact with a given resource in a reasonable amount of time.
Other Conclusions :
1. CAPTCHAS are any software that distinguishes human and machine.
2. Research in CAPTCHAS implies advancement in AI making computers
understand how human thinks.
3. Internet companies are making billions of dollars every year, their security
and services quality matters and so does the advancement in CAPTCHA
technology.
4. Different methods of CAPTCHAS are being studied but new ideas like
ReCAPTCHA using human time on internet is amazing.
CAPTCHA SEMINAR REPORT
Arpit Gupta [1000112031] Page 33
REFERENCES
 www.phpcaptcha.org
 www.captcha.net
 www.wikipedia.com
 H.Sameti, H. Shirali-Shahreza,?How Good Are Humans at Solving
CAPTCHAs. A Large Scale Evaluation?, Security and Pri vacy (SP), IEEE,
pp1.
 P. Desai, Patadia .A, ?A Better Approach to CAPTCHA?, IND ICON,
IEEE,pp.1

Weitere ähnliche Inhalte

Was ist angesagt?

CAPTCHA- Newly Attractive Presentation for Youth
CAPTCHA- Newly Attractive Presentation for YouthCAPTCHA- Newly Attractive Presentation for Youth
CAPTCHA- Newly Attractive Presentation for YouthWebCrazyLabs
 
Automated toll tax collection using rfid
Automated toll tax collection using rfidAutomated toll tax collection using rfid
Automated toll tax collection using rfidjeet patalia
 
Artificial intelligence - An Overview
Artificial intelligence - An OverviewArtificial intelligence - An Overview
Artificial intelligence - An OverviewGiri Dharan
 
Credit card fraud detection through machine learning
Credit card fraud detection through machine learningCredit card fraud detection through machine learning
Credit card fraud detection through machine learningdataalcott
 
Artificial Intelligence
Artificial IntelligenceArtificial Intelligence
Artificial IntelligenceGirish Naik
 
Artificial Intelligence
Artificial IntelligenceArtificial Intelligence
Artificial IntelligenceAbbas Hashmi
 
Chatbot Artificial Intelligence
Chatbot Artificial IntelligenceChatbot Artificial Intelligence
Chatbot Artificial IntelligenceMd. Mahedi Mahfuj
 
Lect#1 (Artificial Intelligence )
Lect#1 (Artificial Intelligence )Lect#1 (Artificial Intelligence )
Lect#1 (Artificial Intelligence )Zeeshan_Jadoon
 
Natural language processing (nlp)
Natural language processing (nlp)Natural language processing (nlp)
Natural language processing (nlp)Kuppusamy P
 

Was ist angesagt? (20)

Captcha ppt
Captcha pptCaptcha ppt
Captcha ppt
 
Captchas
CaptchasCaptchas
Captchas
 
CAPTCHA- Newly Attractive Presentation for Youth
CAPTCHA- Newly Attractive Presentation for YouthCAPTCHA- Newly Attractive Presentation for Youth
CAPTCHA- Newly Attractive Presentation for Youth
 
Artificial Intelligence
Artificial IntelligenceArtificial Intelligence
Artificial Intelligence
 
AI PPT
AI PPTAI PPT
AI PPT
 
Automated toll tax collection using rfid
Automated toll tax collection using rfidAutomated toll tax collection using rfid
Automated toll tax collection using rfid
 
Captcha1
Captcha1Captcha1
Captcha1
 
Artificial intelligence - An Overview
Artificial intelligence - An OverviewArtificial intelligence - An Overview
Artificial intelligence - An Overview
 
Captcha seminar
Captcha seminar Captcha seminar
Captcha seminar
 
Quantum computers
Quantum computersQuantum computers
Quantum computers
 
captcha.ppt
 captcha.ppt captcha.ppt
captcha.ppt
 
Credit card fraud detection through machine learning
Credit card fraud detection through machine learningCredit card fraud detection through machine learning
Credit card fraud detection through machine learning
 
Captcha
CaptchaCaptcha
Captcha
 
Artificial Intelligence
Artificial IntelligenceArtificial Intelligence
Artificial Intelligence
 
Artificial Intelligence
Artificial IntelligenceArtificial Intelligence
Artificial Intelligence
 
Chatbot Artificial Intelligence
Chatbot Artificial IntelligenceChatbot Artificial Intelligence
Chatbot Artificial Intelligence
 
Lect#1 (Artificial Intelligence )
Lect#1 (Artificial Intelligence )Lect#1 (Artificial Intelligence )
Lect#1 (Artificial Intelligence )
 
Natural language processing (nlp)
Natural language processing (nlp)Natural language processing (nlp)
Natural language processing (nlp)
 
AI Based Presentation.pptx
AI Based Presentation.pptxAI Based Presentation.pptx
AI Based Presentation.pptx
 
Machine learning
Machine learningMachine learning
Machine learning
 

Ähnlich wie Advanced Captcha Report

Captcha Seminar report 2014 pdf
Captcha Seminar report 2014 pdfCaptcha Seminar report 2014 pdf
Captcha Seminar report 2014 pdfGanesh Dhage
 
Captcha Seminar report 2014
Captcha Seminar report 2014Captcha Seminar report 2014
Captcha Seminar report 2014Ganesh Dhage
 
IRJET- Different Implemented Captchas and Breaking Methods
IRJET- Different Implemented Captchas and Breaking MethodsIRJET- Different Implemented Captchas and Breaking Methods
IRJET- Different Implemented Captchas and Breaking MethodsIRJET Journal
 
CAPTCHA(Image Verification Code)
CAPTCHA(Image Verification Code)CAPTCHA(Image Verification Code)
CAPTCHA(Image Verification Code)Abhimanyu Sood
 
Security and User Experience: A Holistic Model for CAPTCHA Usability Issues
Security and User Experience: A Holistic Model for CAPTCHA Usability IssuesSecurity and User Experience: A Holistic Model for CAPTCHA Usability Issues
Security and User Experience: A Holistic Model for CAPTCHA Usability IssuesKarthikeyan Umapathy
 
Enhancing Web-Security with Stronger Captchas
Enhancing Web-Security with Stronger CaptchasEnhancing Web-Security with Stronger Captchas
Enhancing Web-Security with Stronger CaptchasEditor IJCATR
 
Captcha a security measure against spam attacks
Captcha  a security measure against spam attacksCaptcha  a security measure against spam attacks
Captcha a security measure against spam attackseSAT Journals
 
Video Captcha as a Graphical Password
Video Captcha as a Graphical PasswordVideo Captcha as a Graphical Password
Video Captcha as a Graphical PasswordIRJET Journal
 
IRJET-PLC and SCADA based Distribution and Substation Automation
IRJET-PLC and SCADA based Distribution and Substation AutomationIRJET-PLC and SCADA based Distribution and Substation Automation
IRJET-PLC and SCADA based Distribution and Substation AutomationIRJET Journal
 
Research trends on CAPTCHA: A systematic literature
Research trends on CAPTCHA: A systematic literature Research trends on CAPTCHA: A systematic literature
Research trends on CAPTCHA: A systematic literature IJECEIAES
 

Ähnlich wie Advanced Captcha Report (20)

Captcha Seminar report 2014 pdf
Captcha Seminar report 2014 pdfCaptcha Seminar report 2014 pdf
Captcha Seminar report 2014 pdf
 
Captcha Seminar report 2014
Captcha Seminar report 2014Captcha Seminar report 2014
Captcha Seminar report 2014
 
Seminar Report Mine
Seminar Report MineSeminar Report Mine
Seminar Report Mine
 
IRJET- Different Implemented Captchas and Breaking Methods
IRJET- Different Implemented Captchas and Breaking MethodsIRJET- Different Implemented Captchas and Breaking Methods
IRJET- Different Implemented Captchas and Breaking Methods
 
CAPTCHA(Image Verification Code)
CAPTCHA(Image Verification Code)CAPTCHA(Image Verification Code)
CAPTCHA(Image Verification Code)
 
Security and User Experience: A Holistic Model for CAPTCHA Usability Issues
Security and User Experience: A Holistic Model for CAPTCHA Usability IssuesSecurity and User Experience: A Holistic Model for CAPTCHA Usability Issues
Security and User Experience: A Holistic Model for CAPTCHA Usability Issues
 
captcha
captchacaptcha
captcha
 
urvashi jaiswal
urvashi jaiswalurvashi jaiswal
urvashi jaiswal
 
captcha
captcha captcha
captcha
 
Enhancing Web-Security with Stronger Captchas
Enhancing Web-Security with Stronger CaptchasEnhancing Web-Security with Stronger Captchas
Enhancing Web-Security with Stronger Captchas
 
Captcha a security measure against spam attacks
Captcha  a security measure against spam attacksCaptcha  a security measure against spam attacks
Captcha a security measure against spam attacks
 
A SURVEY ON CAPTCHA TECHNIQUE BASED ON DRAG AND DROP MOUSE ACTION
A SURVEY ON CAPTCHA TECHNIQUE BASED ON DRAG AND DROP MOUSE ACTIONA SURVEY ON CAPTCHA TECHNIQUE BASED ON DRAG AND DROP MOUSE ACTION
A SURVEY ON CAPTCHA TECHNIQUE BASED ON DRAG AND DROP MOUSE ACTION
 
Video Captcha as a Graphical Password
Video Captcha as a Graphical PasswordVideo Captcha as a Graphical Password
Video Captcha as a Graphical Password
 
IRJET-PLC and SCADA based Distribution and Substation Automation
IRJET-PLC and SCADA based Distribution and Substation AutomationIRJET-PLC and SCADA based Distribution and Substation Automation
IRJET-PLC and SCADA based Distribution and Substation Automation
 
Research trends on CAPTCHA: A systematic literature
Research trends on CAPTCHA: A systematic literature Research trends on CAPTCHA: A systematic literature
Research trends on CAPTCHA: A systematic literature
 
Captcha
CaptchaCaptcha
Captcha
 
CAPTCHA
CAPTCHACAPTCHA
CAPTCHA
 
Captcha
CaptchaCaptcha
Captcha
 
Captcha
CaptchaCaptcha
Captcha
 
Captchas
CaptchasCaptchas
Captchas
 

Kürzlich hochgeladen

Engineering Mechanics Chapter 5 Equilibrium of a Rigid Body
Engineering Mechanics  Chapter 5  Equilibrium of a Rigid BodyEngineering Mechanics  Chapter 5  Equilibrium of a Rigid Body
Engineering Mechanics Chapter 5 Equilibrium of a Rigid BodyAhmadHajasad2
 
Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...sahb78428
 
Gender Bias in Engineer, Honors 203 Project
Gender Bias in Engineer, Honors 203 ProjectGender Bias in Engineer, Honors 203 Project
Gender Bias in Engineer, Honors 203 Projectreemakb03
 
Modelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovationsModelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovationsYusuf Yıldız
 
A Seminar on Electric Vehicle Software Simulation
A Seminar on Electric Vehicle Software SimulationA Seminar on Electric Vehicle Software Simulation
A Seminar on Electric Vehicle Software SimulationMohsinKhanA
 
How to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdfHow to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdfRedhwan Qasem Shaddad
 
Nodal seismic construction requirements.pptx
Nodal seismic construction requirements.pptxNodal seismic construction requirements.pptx
Nodal seismic construction requirements.pptxwendy cai
 
Vertical- Machining - Center - VMC -LMW-Machine-Tool-Division.pptx
Vertical- Machining - Center - VMC -LMW-Machine-Tool-Division.pptxVertical- Machining - Center - VMC -LMW-Machine-Tool-Division.pptx
Vertical- Machining - Center - VMC -LMW-Machine-Tool-Division.pptxLMW Machine Tool Division
 
nvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptxnvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptxjasonsedano2
 
Design of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptxDesign of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptxYogeshKumarKJMIT
 
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...amrabdallah9
 
EPE3163_Hydro power stations_Unit2_Lect2.pptx
EPE3163_Hydro power stations_Unit2_Lect2.pptxEPE3163_Hydro power stations_Unit2_Lect2.pptx
EPE3163_Hydro power stations_Unit2_Lect2.pptxJoseeMusabyimana
 
Quasi-Stochastic Approximation: Algorithm Design Principles with Applications...
Quasi-Stochastic Approximation: Algorithm Design Principles with Applications...Quasi-Stochastic Approximation: Algorithm Design Principles with Applications...
Quasi-Stochastic Approximation: Algorithm Design Principles with Applications...Sean Meyn
 
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfRenewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfodunowoeminence2019
 
Technology Features of Apollo HDD Machine, Its Technical Specification with C...
Technology Features of Apollo HDD Machine, Its Technical Specification with C...Technology Features of Apollo HDD Machine, Its Technical Specification with C...
Technology Features of Apollo HDD Machine, Its Technical Specification with C...Apollo Techno Industries Pvt Ltd
 
Mohs Scale of Hardness, Hardness Scale.pptx
Mohs Scale of Hardness, Hardness Scale.pptxMohs Scale of Hardness, Hardness Scale.pptx
Mohs Scale of Hardness, Hardness Scale.pptxKISHAN KUMAR
 
Phase noise transfer functions.pptx
Phase noise transfer      functions.pptxPhase noise transfer      functions.pptx
Phase noise transfer functions.pptxSaiGouthamSunkara
 
Power System electrical and electronics .pptx
Power System electrical and electronics .pptxPower System electrical and electronics .pptx
Power System electrical and electronics .pptxMUKULKUMAR210
 

Kürzlich hochgeladen (20)

Engineering Mechanics Chapter 5 Equilibrium of a Rigid Body
Engineering Mechanics  Chapter 5  Equilibrium of a Rigid BodyEngineering Mechanics  Chapter 5  Equilibrium of a Rigid Body
Engineering Mechanics Chapter 5 Equilibrium of a Rigid Body
 
Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...Clutches and brkesSelect any 3 position random motion out of real world and d...
Clutches and brkesSelect any 3 position random motion out of real world and d...
 
Gender Bias in Engineer, Honors 203 Project
Gender Bias in Engineer, Honors 203 ProjectGender Bias in Engineer, Honors 203 Project
Gender Bias in Engineer, Honors 203 Project
 
Modelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovationsModelling Guide for Timber Structures - FPInnovations
Modelling Guide for Timber Structures - FPInnovations
 
A Seminar on Electric Vehicle Software Simulation
A Seminar on Electric Vehicle Software SimulationA Seminar on Electric Vehicle Software Simulation
A Seminar on Electric Vehicle Software Simulation
 
How to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdfHow to Write a Good Scientific Paper.pdf
How to Write a Good Scientific Paper.pdf
 
Nodal seismic construction requirements.pptx
Nodal seismic construction requirements.pptxNodal seismic construction requirements.pptx
Nodal seismic construction requirements.pptx
 
Vertical- Machining - Center - VMC -LMW-Machine-Tool-Division.pptx
Vertical- Machining - Center - VMC -LMW-Machine-Tool-Division.pptxVertical- Machining - Center - VMC -LMW-Machine-Tool-Division.pptx
Vertical- Machining - Center - VMC -LMW-Machine-Tool-Division.pptx
 
nvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptxnvidia AI-gtc 2024 partial slide deck.pptx
nvidia AI-gtc 2024 partial slide deck.pptx
 
Lecture 4 .pdf
Lecture 4                              .pdfLecture 4                              .pdf
Lecture 4 .pdf
 
Design of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptxDesign of Clutches and Brakes in Design of Machine Elements.pptx
Design of Clutches and Brakes in Design of Machine Elements.pptx
 
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
 
EPE3163_Hydro power stations_Unit2_Lect2.pptx
EPE3163_Hydro power stations_Unit2_Lect2.pptxEPE3163_Hydro power stations_Unit2_Lect2.pptx
EPE3163_Hydro power stations_Unit2_Lect2.pptx
 
Quasi-Stochastic Approximation: Algorithm Design Principles with Applications...
Quasi-Stochastic Approximation: Algorithm Design Principles with Applications...Quasi-Stochastic Approximation: Algorithm Design Principles with Applications...
Quasi-Stochastic Approximation: Algorithm Design Principles with Applications...
 
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdfRenewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
Renewable Energy & Entrepreneurship Workshop_21Feb2024.pdf
 
Technology Features of Apollo HDD Machine, Its Technical Specification with C...
Technology Features of Apollo HDD Machine, Its Technical Specification with C...Technology Features of Apollo HDD Machine, Its Technical Specification with C...
Technology Features of Apollo HDD Machine, Its Technical Specification with C...
 
Lecture 2 .pptx
Lecture 2                            .pptxLecture 2                            .pptx
Lecture 2 .pptx
 
Mohs Scale of Hardness, Hardness Scale.pptx
Mohs Scale of Hardness, Hardness Scale.pptxMohs Scale of Hardness, Hardness Scale.pptx
Mohs Scale of Hardness, Hardness Scale.pptx
 
Phase noise transfer functions.pptx
Phase noise transfer      functions.pptxPhase noise transfer      functions.pptx
Phase noise transfer functions.pptx
 
Power System electrical and electronics .pptx
Power System electrical and electronics .pptxPower System electrical and electronics .pptx
Power System electrical and electronics .pptx
 

Advanced Captcha Report

  • 1. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 1 PREFACE As an integral part of the curriculum, I ARPIT GUPTA student of Integral University, Lucknow, pursuing B.TECH in need to get exposed to the actual knowledge Computer Science & Engineering environment the better understanding of the various new technologies developed for the betterment of the future. A well-planned, properly executed and evaluated seminar topic helps a lot on inculcating a professional attitude. It provides a linkage between the student and the teacher to develop an awareness of CSE approach to problem solving, based on a broad understanding of process and mode operations of the technology. I consider myself fortunate enough that I had an opportunity to collect information about, “CAPTCHA” and write about this topic.
  • 2. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 2 CERTIFICATE This is to certify that B.Tech Seminar Report entitled “CAPTCHA” is a bonafide record of work carried out by Arpit Gupta student of 4th Year (7th Semester), Computer Science & Engineering. This report is submitted to the Department of Computer Science & Engineering in partial fulfillment of requirement for the award of Bachelor’s degree in Computer Science& Engineering during the session 2013-2014. Mr. Parvez Mahmood Khan Head of Department (CSE) Mr. Kamlesh Chandra Maurya Assistant Professor (Department of Computer Science) Mr. Avadhesh Kumar Assistant Professor (Department of Computer Science)
  • 3. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 3 PRONOUNCEMENT The seminar report on the topic “CAPTCHA” was given in our supervision. This is a written testimony of the excellent presentation given by Arpit Gupta in seminar hall for the partial fulfillment of Bachelor’s degree in Computer Science & Engineering of Integral University. The seminar was given wonderfully and applauded by the audience present in the seminar hall. All of them were comprehensively with the topic. We congratulate her for her wonderful work and wish success in future.
  • 4. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 4 ACKNOWLEDGEMENT I would like to express my sincere gratitude from the core of my heart to Mr. Kamlesh Chandra Maurya and Mr. Avadhesh Kumar, my seminar coordinators and all my friends and colleagues for their tremendous help and cooperation in completion of this seminar report. I have put great efforts in making this seminar report. I have tried my level best to be accurate at all points and have included each and every point regarding “CAPTCHA”. My efforts have also been in the direction to make my seminar report look attractive and presentable. I hope my hard work will be appreciated by all. Arpit Gupta B.Tech, 4th Year Computer Science & Engineering Roll No: 1000112031
  • 5. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 5 STUDENT DECLARATION I, Arpit Gupta hereby declare that the work which is being presented in the file, “CAPTCHA”, is in partial fulfillment of the requirement of the seminar that has been given by me, as a scheduled program of my B.TECH education. This is an authentic record of my own carried out under the supervision of Mr. Kamlesh Chandra Maurya and Mr. Avadhesh Kumar. ARPIT GUPTA
  • 6. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 6 TABLE OF CONTENT CONTENT PAGE NUMBERS 1) Abstract………………………………………………………………………..7 2) Introduction…………………………………………………………………...8 3) Background……………………………………………………………………9 4) Captchas and Turing Test…………….……………………………………………………………..10 5) Why Captcha was needed………………………………………………………………………..11 6) Captcha Logic……………………………………………………………….12 7) How to generate……………………………………………………………..13 8) Types of Captcha……………………………………………………………15 9) Guidelines for Captcha implementation……………………………………………………………...25 10) Applications……………………………………………………………..…..28 11) Advantages…………………………………………………………………..30 12) Disadvantages……………………………………………………………….30 13) Future Scope………………………………………………………………...31 14) Conclusion…………………………………………………………………..32 15) References…………………………………………………………………...33
  • 7. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 7 ABSTRACT CAPTCHA (completely automated public turing test to tell computers and humans apart), a technique used by a computer to tell if it is interacting with a human or another computer. Because computing is becoming pervasive, and computerized tasks and services are commonplace, the need for increased levels of security has led to the development of this way for computers to ensure that they are dealing with humans in situations where human interaction is essential to security. Activities such as online commerce transactions, search engine submissions, Web polls, Web registrations, free e-mail service registration and other automated services are subject to software programs, or bots, that mimic the behavior of humans in order to skew the results of the automated task or perform malicious activities, such as gathering e-mail addresses for spamming or ordering hundreds of tickets to a concert. In order to validate the digital transaction, using the CAPTCHA system the user is presented with a distorted word typically placed on top of a distorted background. The user must type the word into a field in order to complete the process. Computers have a difficult time decoding the distorted words while humans can easily decipher the text.
  • 8. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 8 INTRODUCTION A CAPTCHA is a program that protects websites against bots by generating and grading tests that humans can pass but current computer programs cannot. For example, humans can read distorted text as the one shown below, but current computer programs can't: A CAPTCHA or Captcha is a type of challenge-response test used in computing to ensure that the response is not generated by a computer. The process usually involves one computer (a server) asking a user to complete a simple test which the computer is able to generate and grade. Because other computers are unable to solve the CAPTCHA, any user entering a correct solution is presumed to be human. Thus, it is sometimes described as a reverse Turing test, because it is administered by a machine and targeted to a human, in contrast to the standard Turing test that is typically administered by a human and targeted to a machine. A common type of CAPTCHA requires that the user type letters or digits from a distorted image that appears on the screen. The term "CAPTCHA" (based upon the word capture) was coined in 2000 by Luis von Ahn, Manuel Blum, Nicholas J. Hopper (all of Carnegie Mellon University), and John Langford (then of IBM). It is a contrived acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart." Carnegie Mellon University attempted to trademark the term, but the trademark application was abandoned on 21 April 2008. Currently, CAPTCHA creators recommend use of reCAPTCHA as the official implementation.
  • 9. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 9 Background: The need for CAPTCHAs rose to keep out the website/search engine abuse by bots. In 1997, AltaVista sought ways to block and discourage the automatic submissions of URLs into their search engines. Andrei Broder, Chief Scientist of AltaVista, and his colleagues developed a filter. Their method was to generate a printed text randomly that only humans could read and not machine readers. Their approach was so effective that in an year, “spam-add-ons’” were reduced by 95% and a patent was issued in 2001. In 2000, Yahoo’s popular Messenger chat service was hit by bots which pointed advertising links to annoying human users of chat rooms. Yahoo, along with Carnegie Mellon University, developed a CAPTCHA called EZ-GIMPY, which chose a dictionary word randomly and distorted it with a wide variety of image occlusions and asked the user to input the distorted word. In November 1999, slashdot.com released an online poll asking which was the best graduate school in computer science (a dangerous question to ask over the web!). As is the case with most online polls, IP addresses of voters were recorded in order to prevent single users from voting more than once. However, students at Carnegie Mellon found a way to stuff the ballots by using programs that voted for CMU thousands of times. CMU's score started growing rapidly. The next day, students at MIT wrote their own voting program and the poll became a contest between voting “bots". MIT finished with 21,156 votes, Carnegie Mellon with 21,032 and every other school with less than 1,000. Can the result of any online poll be trusted? Not unless the poll requires that only humans can vote.
  • 10. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 10 CAPTCHAS AND THE TURING TEST: CAPTCHA technology has its foundation in an experiment called the Turing Test. Alan Turing, sometimes called the father of modern computing, proposed the test as a way to examine whether or not machines can think -- or appear to think -- like humans. The classic test is a game of imitation. In this game, an interrogator asks two participants a series of questions. One of the participants is a machine and the other is a human. The interrogator can't see or hear the participants and has no way of knowing which is which. If the interrogator is unable to figure out which participant is a machine based on the responses, the machine passes the Turing Test. Of course, with a CAPTCHA, the goal is to create a test that humans can pass easily but machines can't. It's also important that the CAPTCHA application is able to present different CAPTCHAs to different users. If a visual CAPTCHA presented a static image that was the same for every user, it wouldn't take long before a spammer spotted the form, deciphered the letters, and programmed an application to type in the correct answer automatically. Most, but not all, CAPTCHAs rely on a visual test. Computers lack the sophistication that human beings have when it comes to processing visual data. We can look at an image and pick out patterns more easily than a computer. The human mind sometimes perceives patterns even when none exist, a quirk we call pareidol ia. Ever see a shape in the clouds or a face on the moon? That's your brain trying to associate random information into patterns and shapes. But not all CAPTCHAs rely on visual patterns. In fact, it's important to have an alternative to a visual CAPTCHA. Otherwise, the Web site administrator runs the risk of franchising any Web user who has a visual impairment. One alternative to a visual test isan audible one. An audio CAPTCHA usually presents the user with a series of spoken letters or numbers. It's not unusual for the program to distort the speaker's voice, and it's also common for the program to include background noise in the recording. This helps thwart voice recognition programs.
  • 11. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 11 Why CAPTCHA was needed???  To prevent the following :-  Multiple votes in online polls.  Worms and Spam e-mails.  Search engine BOTs.  Preventing dictionary attacks(password cracking).  Tampering with rankings on recommendation systems (e.g. e-bay, amazon etc.)
  • 12. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 12 CAPTCHA Logic: 1. The CAPTCHA image (or question) is generated. There are different ways to do this. The classic approach is to generate some random text, apply some random effects to it and convert it into an image. 2. Step 2 is not really sequential. During step 1, the original text (pre-altered) is persisted somewhere, as this is the correct answer to the question. There are different ways to persist the answer, as a server- side session variable, cookie, file, or database entry. 3. The generated CAPTCHA is presented to the user, who is prompted to answer it. 4. The back-end script checks the answer supplied by the user by comparing it with the persisted (correct) answer. If the value is empty or incorrect, we go back to step 1: a new CAPTCHA is generated. Users should never get a second shot at answering the same CAPTCHA. 5. If the answer supplied by the user is correct, the form post is successful and processing can continue. If applicable, the generated CAPTCHA image is deleted.
  • 13. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 13 Picks a random string of letters: o m a g Renders it to a distorted image:- HOW TO GENERATE
  • 14. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 14 ..... and generates a test TYPE THE CHARACTERS THAT APPEAR IN THE IMAGE
  • 15. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 15 Types of CAPTCHAs CAPTCHAs are classified based on what is distorted and presented as a challenge to the user. They are:  Text CAPTCHAs: These are simple to implement. The simplest yet novel approach is to present the user with some questions which only a human user can solve. Examples of such questions are: 1. What is twenty minus three? 2. What is the third letter in UNIVERSITY? 3. Which of Yellow, Thursday and Richard is a colour? 4. If yesterday was a Sunday, what is today? Such questions are very easy for a human user to solve, but it’s very difficult to program a computer to solve them. These are also friendly to people with visual disability – such as those with colour blindness. Properties-  Typically relay on sophisticated distortion of text images rendering them unrecognizable to the state of the art of the pattern recognition programs but recognizable by humans.  Very effective, needs a large question bank.  Cognitively challenged users find it hard . Other text CAPTCHAs involves text distortions and the user is asked to identify the text hidden. The various implementations are:
  • 16. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 16 Gimpy: Gimpy is a very reliable text CAPTCHA built by CMU in collaboration with Yahoo for their Messenger service. Gimpy is based on the human ability to read extremely distorted text and the inability of computer programs to do the same. Gimpy works by choosing ten words randomly from a dictionary, and displaying them in a distorted and overlapped manner. User has to recognize at least 3 words. Gimpy then asks the users to enter a subset of the words in the image. The human user is capable of identifying the words correctly, whereas a computer program cannot. Gimpy CAPTCHA
  • 17. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 17 Ez – Gimpy: This is a simplified version of the Gimpy CAPTCHA, adopted by Yahoo in their signup page. Ez – Gimpy randomly picks a single word from a dictionary and applies distortion to the text. The user is then asked to identify the text correctly.  A modified version of Gimpy.  Used in Yahoo Messenger Service.  It contains only one random character string.  The word is random and not picked from the dictionary, so not prone to dictionary attack.  Its not a good implementation of CAPTCHA. Yahoo’s Ez – Gimpy CAPTCHA
  • 18. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 18 BaffleText: This was developed by Henry Baird at University of California at Berkeley. This is a variation of the Gimpy. This doesn’t contain dictionary words, but it picks up random alphabets to create a nonsense but pronounceable text. Distortions are then added to this text and the user is challenged to guess the right word. This technique overcomes the drawback of Gimpy CAPTCHA because, Gimpy uses dictionary words and hence, clever bots could be designed to check the dictionary for the matching word by brute-force. finans ourses BaffleText examples
  • 19. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 19 MSN Captcha: Microsoft uses a different CAPTCHA for services provided under MSN umbrella. These are popularly called MSN Passport CAPTCHAs. They use eight characters (upper case) and digits. Foreground is dark blue, and background is grey. Warping is used to distort the characters, to produce a ripple effect, which makes computer recognition very difficult. Its very strongly implemented and hasn’t been broken. It is segmentation –resistant. XTNM5YRE L9D28229B MSN Passport CAPTCHA
  • 20. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 20 Some Text Based CAPTCHAs
  • 21. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 21  Graphic CAPTCHAs: Graphic CAPTCHAs are challenges that involve pictures or objects that have some sort of similarity that the users have to guess. They are visual puzzles, similar to Mensa tests. Computer generates the puzzles and grades the answers, but is itself unable to solve it.  Bongo: Bongo. Another example of a CAPTCHA is the program we call BONGO. BONGO is named after M.M. Bongard, who published a book of pattern recognition problems in the 1970s . BONGO asks the user to solve a visual pattern recognition problem. It displays two series of blocks, the left and the right. The blocks in the left series differ from those in the right, and the user must find the characteristic that sets them apart. A possible left and right series is shown in Figure 2.5 Fig 2.5 Bongo CAPTCHA These two sets are different because everything on the left is drawn with thick lines and those on the right are in thin lines. After seeing the two blocks, the user is presented with a set of four single blocks and is asked to determine to which group the each block belongs to. The user passes the test if s/he determines correctly to which set the blocks belong to. We have to be careful to see that the user is not confused by a large number of choices.
  • 22. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 22 PIX: PIX is a program that has a large database of labeled images. All of these images are pictures of concrete objects (a horse, a table, a house, a flower). The program picks an object at random, finds six images of that object from its database, presents them to the user and then asks the question “what are these pictures of?” Current computer programs should not be able to answer this question, so PIX should be a CAPTCHA. However, PIX, as stated, is not a CAPTCHA: it is very easy to write a program that can answer the question “what are these pictures of?” Remember that all the code and data of a CAPTCHA should be publicly available; in particular, the image database that PIX uses should be public. Hence, writing a program that can answer the question “what are these pictures of?” is easy: search the database for the images presented and find their label. Fortunately, this can be fixed. One way for PIX to become a CAPTCHA is to randomly distort the images before presenting them to the user, so that computer programs cannot easily search the database for the undistorted image. Ex:- Pick the common characteristic among the following four pictures
  • 23. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 23 Some Graphics Based CAPTCHAs
  • 24. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 24 Audio CAPTCHAs: The final example we offer is based on sound. The program picks a word or a sequence of numbers at random, renders the word or the numbers into a sound clip and distorts the sound clip; it then presents the distorted sound clip to the user and asks users to enter its contents. This CAPTCHA is based on the difference in ability between humans and computers in recognizing spoken language. Nancy Chan of the City University in Hong Kong was the first to implement a sound-based system of this type. The idea is that a human is able to efficiently disregard the distortion and interpret the characters being read out while software would struggle with the distortion being applied, and need to be effective at speech to text translation in order to be successful. This is a crude way to filter humans and it is not so popular because the user has to understand the language and the accent in which the sound clip is recorded.
  • 25. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 25 Guidelines for CAPTCHA implementation: If your website needs protection from abuse, it is recommended that you use a CAPTCHA. There are many CAPTCHA implementations, some better than others. The following guidelines are strongly recommended for any CAPTCHA code: Accessibility- Because CAPTCHAs rely on visual perception, users unable to view a CAPTCHA (for example, due to a disability or because it is difficult to read) will be unable to perform the task protected by a CAPTCHA. Therefore, sites implementing CAPTCHAs may provide an audio version of the CAPTCHA in addition to the visual method. The official CAPTCHA site recommends providing an audio CAPTCHA for accessibility reasons. This combination represents the most accessible CAPTCHA currently known to exist. Attempts at more accessible CAPTCHAs Even an audio and visual CAPTCHA will require manual intervention for some users, such as those who have visual disabilities and also are deaf. There have been various attempts at creating CAPTCHAs that are more accessible. Attempts include the use of JavaScript, mathematical questions ("what is 1+1"), or "common sense" questions ("what color is the sky on a clear day"). However they do not meet both the criteria of being able to be automatically generated and not relying on the type of CAPTCHA being new to the attacker. Image Security Images of text should be distorted randomly before being presented to the user. Many implementations of CAPTCHAs use undistorted text, or text with only minor distortions. These implementations are vulnerable to simple automated attacks. For example, the CAPTCHAs shown below can all be broken using image processing techniques, mainly because they use a consistent font.
  • 26. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 26 Script Security Building a secure CAPTCHA is not easy. In addition to making the images unreadable by computers, the system should ensure that there are no easy ways around it at the script level. Common examples of insecurities in this respect include: (1) Systems that pass the answer to the CAPTCHA in plain text as part of the web form. (2) Systems where a solution to the same CAPTCHA can be used multiple times (this makes the CAPTCHA vulnerable to so-called "replay attacks"). Security Even After Wide-Spread Adoption There are various "CAPTCHAs" that would be insecure if a significant number of sites start using them. An example of such a puzzle is asking text-based questions, such as a mathematical question ("what is 1+1"). Since a parser could easily be written that would allow bots to bypass this test, such "CAPTCHAs" rely on the fact that few sites use them, and thus that a bot author has no incentive to program their bot to solve that challenge. True CAPTCHAs should be secure even after a significant number of websites adopt them.
  • 27. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 27 Issues with CAPTCHAs There are many issues with CAPTCHAs, primarily because they distort text and images in such a way that, sometimes it gets difficult for even humans to read. Usability issues with text based CAPTCHAs: Are text CAPTCHAs like Gimpy, user–friendly? Some CAPTCHAs are inaccessible to visually impaired, cognitively challenged people .Sometimes the text is distorted to such an extent, that even humans have difficulty in understanding it. Some of the issues are listed in table: When embedded in web pages, audio CAPTCHAs can also cause compatibility issues. For example, many such schemes require JavaScript to be enabled. However, some users might prefer to disable JavaScript in their browsers. Some other schemes can be even worse. For example, we found that one audio scheme requires Adobe Flash support. With this scheme, vision-impaired users will not even notice that such a CAPTCHA challenge exist in the page, unless Flash is installed in their computers - apparently, no text alternative is attached to the speaker-like Flash object, either.
  • 28. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 28 Applications 1. Online Polls: As mentioned before, bots can wreak havoc to any unprotected online poll. They might create a large number of votes which would then falsely represent the poll winner in spotlight. This also results in decreased faith in these polls. CAPTCHAs can be used in websites that have embedded polls to protect them from being accessed by bots, and hence bring up the reliability of the polls. 2. Protecting Web Registration: Several companies offer free email and other services. Until recently, these service providers suffered from a serious problem – bots. These bots would take advantage of the service and would sign up for a large number of accounts. This often created problems in account management and also increased the burden on their servers. CAPTCHAs can effectively be used to filter out the bots and ensure that only human users are allowed to create accounts. 3. Preventing comment spam: Most bloggers are familiar with programs that submit large number of automated posts that are done with the intention of increasing the search engine ranks of that site. CAPTCHAs can be used before a post is submitted to ensure that only human users can create posts. A CAPTCHA won't stop someone who is determined to post a rude message or harass an administrator, but it will help prevent bots from posting messages automatically. 4. Search engine bots: It is sometimes desirable to keep web pages unindexed to prevent others from finding them easily. There is an html tag to prevent search engine bots from reading web pages. The tag, however, doesn't guarantee that bots won't read a web page; it only serves to say "no bots, please." Search engine bots, since they usually belong to large companies, respect web pages that don't want to allow them in. However, in order to truly guarantee that bots won't enter a web site, CAPTCHAs are needed.
  • 29. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 29 5. E-Ticketing: Ticket brokers like TicketMaster also use CAPTCHA applications. These applications help prevent ticket scalpers from bombarding the service with massive ticket purchases for big events. Without some sort of filter, it's possible for a scalper to use a bot to place hundreds or thousands of ticket orders in a matter of seconds. Legitimate customers become victims as events sell out minutes after tickets become available. Scalpers then try to sell the tickets above face value. 6. Email spam: CAPTCHAs also present a plausible solution to the problem of spam emails. All we have to do is to use a CAPTCHA challenge to verify that a indeed a human has sent the email. 7. Preventing Dictionary Attacks: CAPTCHAs can also be used to prevent dictionary attacks in password systems. The idea is simple: prevent a computer from being able to iterate through the entire space of passwords by requiring it to solve a CAPTCHA after a certain number of unsuccessful logins. This is better than the classic approach of locking an account after a sequence of unsuccessful logins, since doing so allows an attacker to lock accounts at will.
  • 30. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 30 Advantages: • Distinguishes between a human and a machine. • Makes online polls more genuine. • Reduces spam and viruses • Makes online shopping safer. • Diminishes abuse of free email account services. Disadvantages: • Sometimes very difficult to read. • Are not compatible with users with disabilities. • Time-consuming to decipher. • Technical difficulties with certain internet browsers. • May greatly enhance Artificial Intelligence.
  • 31. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 31 FUTURE SCOPE Since there is a possibility that audio CAPTCHAs can be solved, new audio CAPTCHAs must be developed that the machine learning methods will be less likely to solve. CAPTCHAs containing longer solutions and multiple speakers tend to be more difficult to solve. Also, because the methods for breaking audio CAPTCHAs depend on the amount of training data we have, having a large vocabulary would make it more difficult to collect enough training data. In designing a new audio CAPTCHA another matter of concern is the human pass rate. To develop an audio CAPTCHA with an improved human pass rate, an efficient way is to take advantage of the human mind‘s ability to understand distorted audio through context clues. Current CAPTCHA systems create a separation between their visual and audio CAPTCHA. The audio CAPTCHA is essentially a distinct system with a completely independent development and maintenance path. Alternatively, the visual and audio CAPTCHA can be joined products into one single system i n which the audio is directly related to the visual elements that are presented to the user. This type of CAPTCHA will be more accessible for users with visual impairments, as well as having possible benefits of easy adaptation for different languages and cultures.
  • 32. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 32 CONCLUSION In conclusion, browsing internet is not for the normal users only. The special needs user need the internet like the normal user or may be more. The web sites are provided to help users, give them more information or make their work easier, but CAPTCHA makes reaching the web sites services more complicated. At last, we need some way to tell CAPTCHA that special needs users are human not bots. Sites with attractive resources and millions of users will always need access control systems that limit the bad using of them. At that level, it is reasonable to employ many concurrent approaches, including audio and visual CAPTCHA, to do so. However, it must be noted that users with disabilities can interact with a given resource in a reasonable amount of time. Other Conclusions : 1. CAPTCHAS are any software that distinguishes human and machine. 2. Research in CAPTCHAS implies advancement in AI making computers understand how human thinks. 3. Internet companies are making billions of dollars every year, their security and services quality matters and so does the advancement in CAPTCHA technology. 4. Different methods of CAPTCHAS are being studied but new ideas like ReCAPTCHA using human time on internet is amazing.
  • 33. CAPTCHA SEMINAR REPORT Arpit Gupta [1000112031] Page 33 REFERENCES  www.phpcaptcha.org  www.captcha.net  www.wikipedia.com  H.Sameti, H. Shirali-Shahreza,?How Good Are Humans at Solving CAPTCHAs. A Large Scale Evaluation?, Security and Pri vacy (SP), IEEE, pp1.  P. Desai, Patadia .A, ?A Better Approach to CAPTCHA?, IND ICON, IEEE,pp.1