Baecher P, Fischlin M, Gordon L, Langenberg R, Lützow M, Schröder D (2010)
Publication Status: Published
Publication Type: Conference contribution, Conference Contribution
Publication year: 2010
Pages Range: 353-365
Event location: Berlin
ISBN: 9783885792642
URI: https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=84855346060&origin=inward
A CAPTCHA is a program that generates challenges that are easy to solve for humans but difficult to solve for computers. The most common CAPTCHAs today are text-based ones where a short word is embedded in a cluttered image. In this paper, we survey the state-of-the-art of currently deployed CAPTCHAs, especially of some popular German sites. Surprisingly, despite their importance and the large-scale deployment, most of the CAPTCHAs like the ones of the "Umweltprämie", the Bundesfinanzagentur, and the Sparda-Bank are rather weak. Our results show that these CAPTCHAs are subject to automated attacks solving up to 80% of the puzzles. Furthermore, we suggest design criteria for "good" CAPTCHAs and for the system using them. In light of this we revisit the popular reCAPTCHA system and latest developments about its security. Finally, we discuss some alternative approaches for CAPTCHAs.
APA:
Baecher, P., Fischlin, M., Gordon, L., Langenberg, R., Lützow, M., & Schröder, D. (2010). CAPTCHAs: The good, the bad, and the ugly. In Proceedings of the Sicherheit 2010 - Sicherheit, Schutz und Zuverlassigkeit Beitrage der 5. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI) - 5th Annual Conference of the Department of Security of the Society for Informatics (pp. 353-365). Berlin.
MLA:
Baecher, Paul, et al. "CAPTCHAs: The good, the bad, and the ugly." Proceedings of the Sicherheit 2010 - Sicherheit, Schutz und Zuverlassigkeit Beitrage der 5. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI) - 5th Annual Conference of the Department of Security of the Society for Informatics, Berlin 2010. 353-365.
BibTeX: Download