1 / 8

By Huy Truong & Kathleen Stoeckle Mar 18, 2009

COMPUTER MALWARE FINAL PROJECT PROPOSAL THE WAR AGAINST CAPTCHA WITH IMPLEMENTATION OF THE WORLD’S MOST ACCURATE CAPTCHA BREAKER. By Huy Truong & Kathleen Stoeckle Mar 18, 2009. Introduction. The first virus was written in 1971. The computer boom also caused a boom in viruses and malware.

cody
Download Presentation

By Huy Truong & Kathleen Stoeckle Mar 18, 2009

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. COMPUTER MALWARE FINAL PROJECT PROPOSALTHE WAR AGAINST CAPTCHAWITH IMPLEMENTATION OF THE WORLD’S MOST ACCURATE CAPTCHA BREAKER By Huy Truong & Kathleen StoeckleMar 18, 2009

  2. Introduction • The first virus was written in 1971. • The computer boom also caused a boom in viruses and malware. • Computer bots: programs that perform automated tasks. • Malicious functions: • Propagate spam email • Mass registration on websites • Brute force attacks on passwords

  3. Overview of CAPTCHA • Completely Automated Public Turing Test to Tell Computers and Humans Apart • Coined by Luis von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford • Function: Generate tests to distinguish humans from malicious programs. • Most prevalently used type of CAPTCHA: Text-based scheme.

  4. Overview of CAPTCHA, continued • A good CAPTCHA must be: • Legible by humans • Unrecognizable to pattern recognization algorithms. • CAPTCHAs are NOT foolproof.

  5. Proposed Survey • Survey the history and current technologies of CAPTCHA breaker • Analyze academic papers and other publications that related to CAPTCHA breakers • There are three main approaches in breaking CAPTCHA, including [3]: • exploiting bugs of several CAPTCHA implementations • defeating CAPTCHA by improving character recognition algorithm • using a human CAPTCHA solver  • Analyze and study representative techniques for each approach. • Survey the details of these techniques including: • How does the technique work? • What are the targeted CATPCHA implementations? • What are the breakthrough technologies? • Does the technique work and how effective is it? • Has it been used to attack established websites? • How did the CATPCHA developers mitigate the attack?

  6. Proposed Implementation • Our second goal for the final project is to implement one of the surveyed techniques. • The software will be demonstrated at the Final Project demonstration. • A summary of the implementation will be included in the papers which describe: • What we implemented? • Collected data and results • Lesson and learn from the experiences • Ideas to improve the implementation and future works

  7. Project Timeline • Mar 18, 2009 • Submit the final project proposal paper and presentation • Mar 27, 2009 • Research the War against CATPCHA landscape • Pick the techniques to analyze & Select a technique to implement • Apr 3, 2009 • Complete the outline for the survey & the survey overview • Detail design for the technique implementation • Apr 10, 2009 • Complete the write up for two out of three approaches • Develop CAPTCHA test site & start on the implementation • Apr 17, 2009 • Complete the write up for all three approaches • Complete Implement and test the selected CAPTCHA technique • Apr 22, 2009 • Write up the implementation experience • Have a paper review and proofread • Perform test on the software and collect statistics data • Apr 24, 2009 • Develop the presentation and demonstration

  8. References • Thomas M. Chen, Statistical Methods in Computer Security, The Evolution of Viruses and Worms, http://vx.netlux.org/lib/atc01.html • Jeff Yan, Ahmad Salah El Ahmad, A Low-Cost Attack on a Microsoft CAPTCHA, http://homepages.cs.ncl.ac.uk/jeff.yan/msn_draft.pdf • Wikipedia, CAPTCHA, http://en.wikipedia.org/wiki/Captcha

More Related