Paper Info
Title
On the security and usability of dynamic cognitive game CAPTCHAs.
Abstract
Existing CAPTCHA solutions are a major source of user frustration on the Internet today, frequently forcing companies to lose customers and business. Game CAPTCHAs are a promising approach which may make CAPTCHA solving a fun activity for the user. One category of such CAPTCHAs - called Dynamic Cognitive Game (DCG) CAPTCHA - challenges the user to perform a game-like cognitive (or recognition) task interacting with a series of dynamic images. Specifically, it takes the form of many objects floating around within the images, and the user's task is to match the objects corresponding to specific target(s), and drag/drop them to the target region(s). In this paper, we pursue a comprehensive analysis of DCG CAPTCHAs. We design and implement such CAPTCHAs, and dissect them across four broad but overlapping dimensions: (1) usability, (2) fully automated attacks, (3) human-solving relay attacks, and (4) hybrid attacks that combine the strengths of automated and relay attacks. Our study shows that DCG CAPTCHAs are highly usable, even on mobile devices and offer some resilience to relay attacks, but they are vulnerable to our proposed automated and hybrid attacks.
Year
DOI
Venue
2017
10.3233/JCS-16847
JOURNAL OF COMPUTER SECURITY
Keywords
Field
DocType
CAPTCHA,web-security,relay attack,hybrid attack,visual processing
Computer science,Usability,Human–computer interaction,Cognitive walkthrough,CAPTCHA,Cognition,Multimedia
Journal
Volume
Issue
ISSN
25
3
0926-227X
Citations 
PageRank 
References 
2
0.40
18
Authors
7
Name
Order
Citations
PageRank
Manar Mohamed1495.90
Song Gao2313.56
Niharika Sachdeva31129.86
Nitesh Saxena4120482.45
Chengcui Zhang578984.56
ponnurangam kumaraguru6127187.21
P. C. van Oorschot74230414.39