Automatic crack of Yahoo CAPTCHA

Authors

  • Choudhary N Department of Computer Engineering, Pimpri Chinchwad College of Engineering, Savitribai Phule Pune University, India
  • Deshmukh S Department of Computer Engineering, Pimpri Chinchwad College of Engineering, Savitribai Phule Pune University, India

Keywords:

Breaking Yahoo CAPTCHA, Animation Based, Text Based, OCR

Abstract

CAPTCHA is a security mechanism used to prevent bots from using the services of the website intended for humans. Till date, a number of CAPTCHA schemes have been successfully broken which made the design of CAPTCHAs an interesting area of research. Schemes of CAPTCHAs can be categorized as text based, image based, animation based, natural language based, option based and audio based. This paper explains some of the strengths and weaknesses of the CAPTCHA currently used by Yahoo and steps to crack it automatically. The CAPTCHA is an animation based text CAPTCHA. It is cracked by first removing the noise in the background and finally applying our own developed Optical Character Recognition (OCR) program which is specialized for reading characters in Yahoo CAPTCHA only. The automatic crack program has a successful rate of 63%.

References

L.von Ahn, M. Blum, N. J. Hopper and J. Langford, “CAPTCHA: using hard AI problems for security”, Springer, vol. 2656, 2003, pp. 294-311.

J.Yan and A. S. E. Ahmad. “Breaking visual CAPTCHAs with naive pattern recognition algorithms”, IEEE Computer Society, 2007, pp. 279-91.

K.Chellapilla, K. Larson, P. Y. Simard and M. Czerwinski, “Designing human friendly human interaction proofs (HIPs)”, ACM, 2005, pp. 711-720.

J.Yan and A. S. E. Ahmad, “A low-cost attack on a Microsoft CAPTCHA”, ACM conference on computer and communications security,ACM, 2008, pp. 543-554.

A.S.E. Ahmad, J. Yan and W. Y. Ng, “CAPTCHA design: color, usability, and security”, IEEE Internet Computing, 2012, pp. 44-51.

Y.Nakaguro, M. N. Dailey, S. Marukatat and S. S. Makhanov, “Defeating line-noise CAPTCHAs with multiple quadratic snakes”, Computers & Security, Elsevier, 2013, pp. 91-110.

G.Mori and J. Malik, “Recognizing objects in adversarial clutter: breaking a visual CAPTCHA”, IEEE Computer Society, 2003, pp. 134-144.

J.Yan and A. S. E. Ahmad, “CAPTCHA security: a case study”, IEEE Security and Privacy, 2009, pp. 22-28.

J.Yan and A. S. E. Ahmad, “CAPTCHA robustness: a security engineering perspective”, IEEE Computer Society, 2011, pp. 54-60.

G.Moy, N. Jones, C. Harkless and R. Potter, “Distortion estimation techniques in solving visual CAPTCHAs”, IEEE Computer Society conference on Computer Vision and Pattern Recognition, 2004, pp. 23-28.

S.Li, S. A. H. Shah, M. A. U. Khan, S. A. Khayam, A. R. Sadeghi, R. Schmitz, “Breaking e-banking CAPTCHAs”, Proceedings of the 26th Annual Computer Security Applications Conference, 2010, pp. 171-180.

P.Baecher, N. Buscher, M. Fischlin and B. Milde, “Breaking reCAPTCHA: a holistic approach via shape recognition”, IFIP advances in information and communication technology, 2011, pp. 56-67.

C.Cruz-Perez, O. Starostenko, F. Uceda-Ponga, V. A. Aquino and L. Reyes-Cabrera, “Breaking reCAPTCHAs with unpredictable collapse: heuristic character segmentation and recognition”, Springer, 2012, pp. 155-165.

H.Gao, W. Wang, J. Qi, X. Wang, X. Liu, J. Yan, “The robustness of hollow CAPTCHAs”, ACM conference on computer and communications, 2013, pp. 1075-1086.

B.B. Zhu, J. Yan, Q. Li, C. Yang, J. Liu, N. Xu, M. Yi and K. Cai, “Attacks and design of image recognition CAPTCHAs”, ACM conference on computer and communications security, 2010, pp. 187-200.

C.J. Hernandez-Castro, A. Ribagorda, “Pitfalls in CAPTCHA design and implementation: the math CAPTCHA, a case study”, Computers and Security, Elsevier Advanced Technology, 2010, pp. 141-157.

J.Tam, J. Simsa, S. Hyde, L. von Ahn, “Breaking audio CAPTCHAs”, Advances in Neural Information Processing Systems 21, 2008, pp. 1625-1632.

E.Bursztein, R. Beauxis, H. Paskov, D. Perito, C. Fabry, J. C. Mitchell, “The failure of noise-based non-continuous audio CAPTCHAs”, IEEE symposium on security and privacy, 2011, pp. 19-31.

Downloads

Published

2015-05-30

How to Cite

[1]
N. Choudhary and S. Deshmukh, “Automatic crack of Yahoo CAPTCHA”, Int. J. Comp. Sci. Eng., vol. 3, no. 5, pp. 192–195, May 2015.

Issue

Vol. 3 No. 5 (2015): IJCSE May Edition

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.