Filters








65 Hits in 3.9 sec

An examination of the interactive video CAPTCHA method to resist relay attack

Ryohei Tatsuda, Kentaro Aburada, Hisaaki Yamaba, Tetsuro Katayama, Masayuki Mukunoki, Mirang Park, Naonobu Okazaki
2018 IEICE Communications Express  
We constructed an experimental environment in which relay attack can be simulated, made a series of experiments in order to evaluate the performance of the proposed method.  ...  However, the attack technique called relay attack as a method to avoid the CAPTCHA has been devised.  ...  Because DCG-CAPTCHA is a CAPTCHA of an interactive and dynamic nature, it offers some level of resistance to relay attack due to network latency of the communication required to relay attack (e.g.  ... 
doi:10.1587/comex.2017xbl0192 fatcat:2rkbtmcl3neppnkqa3f3m2yn3a

Typer vs. CAPTCHA: Private information based CAPTCHA to defend against crowdsourcing human cheating [article]

Jianyi Zhang, Xiali Hei, Zhiqiang Wang
2019 arXiv   pre-print
A novel generation algorithm with a fuzzy matching method has been proposed to add the capability of human error tolerance and the difficulty of random guess attack.  ...  After pursuing a comprehensive analysis of the Typer phenomenon and the attacking mechanism of CAPTCHA, we present a new CAPTCHA design principle to distinguish human (Typer) from human (user).  ...  A novel generation algorithm for CAPTCHA has been proposed to add the capability of human error tolerance and the difficulty of random guess attack.  ... 
arXiv:1904.12542v1 fatcat:vwojzsvpyjc3jkumlhklt2mgoa

MOVTCHA: A CAPTCHA Based on Human Cognitive and Behavioral Features Analysis [chapter]

Asadullah Al Galib, Reihaneh Safavi-Naini
2015 Lecture Notes in Computer Science  
Our system is suitable for large scale applications since image selection, challenge generation and response evaluation are automated.  ...  The design of Movtcha takes into account the analysis of human behavior to minimize noise during cognitive feature estimation.  ...  This research is in part supported by Alberta Innovates Technology Futures and Telus Mobility Canada.  ... 
doi:10.1007/978-3-319-21966-0_21 fatcat:e2lmlkwdhjclpdk6erb7lxth6u

Survey of Text CAPTCHA Techniques and Attacks
English

Simran Sharma, Nidhi Seth
2015 International Journal of Engineering Trends and Technoloy  
The purpose of CAPTCHA is to block automated scripts that post spam content everywhere they can.  ...  There is a constant need to improve current CAPTCHAs and to develop new CAPTCHAs in order to safely secure against developing programs which can create thousands of e-mail accounts used for malicious purposes  ...  There is a limit to the distortion and noise that humans can tolerate in a challenge of a text CAPTCHA. Usability is always an important issue in designing a CAPTCHA.  ... 
doi:10.14445/22315381/ijett-v22p251 fatcat:5jo4xh5mvrezpdsxoli4miusge

CAPTCHA: A Security Review

Sudarshan Soni, Padma Bonde
2017 International Journal of Computer Applications  
Examination of the subsequent information shows that CAPTCHAs are frequently entangled for people, with sound CAPTCHAs being especially more risky.  ...  So, to an extent, the ROOT based CAPTCHA can resist segmentation and pixel attacks.  ... 
doi:10.5120/ijca2017914377 fatcat:ygh5c5oprzeo3mwah3kusj5vm4

Captcha as Graphical Passwords—A New Security Primitive Based on Hard AI Problems

Bin B. Zhu, Jeff Yan, Guanbo Bao, Maowei Yang, Ning Xu
2014 IEEE Transactions on Information Forensics and Security  
CaRP addresses a number of security problems altogether, such as online guessing attacks, relay attacks, and, if combined with dual-view technologies, shoulder-surfing attacks.  ...  Using hard AI problems for security is emerging as an exciting new paradigm, but has been underexplored.  ...  Relay Attacks Relay attacks may be executed in several ways.  ... 
doi:10.1109/tifs.2014.2312547 fatcat:nl3dwrfswbfadpo65krxfftake

Adaptive semi-private email aliases

Beng Heng Ng, Alexander Crowell, Atul Prakash
2012 Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security - ASIACCS '12  
The second aspect recently proved useful in allowing students in one of our freshmen courses to register easily and safely at Piazza.com, a discussion forum for courses, that, by default, requires students  ...  Email address leakages are the cause of several security problems including spam and privacy loss.  ...  Any opinions, findings, and conclusions or recommendations expressed in this paper are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.  ... 
doi:10.1145/2414456.2414496 dblp:conf/ccs/NgCP12 fatcat:hq4avevdyvamdaowpo4gw4qv6y

Web password recovery --- a necessary evil? [article]

Fatma Al Maqbali, Chris J Mitchell
2018 arXiv   pre-print
To this end, a model for web password recovery is given, and existing techniques are documented and analysed within the context of this model.  ...  This leads naturally to a set of recommendations governing how such systems should be implemented to maximise security. A range of issues for further research are also highlighted.  ...  The CAPTCHA prevents automated attacks on password recovery, and appears a reasonable step to include.  ... 
arXiv:1801.06730v2 fatcat:t2j5q25iargbfgaj7fxqewrch4

DDoS Attack and Defense: Review of Some Traditional and Current Techniques [article]

Muhammad Aamir, Mustafa Ali Zaidi
2014 arXiv   pre-print
Traditional architecture of Internet is vulnerable to DDoS attacks and an ongoing cycle of attack & defense is observed.  ...  The study conducted in this paper can be helpful for readers and researchers to recognize better techniques of defense in current times against DDoS attacks and contribute with more research on the topic  ...  In figure 15 , an example of CAPTCHA test is shown. The CAPTCHA test is an effective technique against HTTP flood and SYN flood attacks.  ... 
arXiv:1401.6317v2 fatcat:z244btg2lvetvnh4fqwgiwb4te

Security Analysis of Malicious Socialbots on the Web

Yazan Boshmaf
2015 Zenodo  
We implemented a prototypical SbN consisting of 100 socialbots and operated it on Facebook for 8 weeks.  ...  To achieve these goals, we first studied social infiltration as an organized campaign operated by a socialbot network (SbN)—a group of programmable socialbots that are coordinated by an attacker in a botnet-like  ...  Acknowledgments First and foremost, I would like to thank my kind advisors, Konstantin Beznosov and Matei Ripeanu, for giving me the opportunity to venture into different topics and disciplines, and for  ... 
doi:10.5281/zenodo.3264693 fatcat:q3rntvj5gjdzhnhykysnuauihe

A Survey on DDoS Attack and Defense Strategies: From Traditional Schemes to Current Techniques

Muhammad AAMIR, Mustafa Ali ZAIDI
2013 Interdisciplinary Information Sciences  
Traditional architecture of Internet is vulnerable to DDoS attacks and an ongoing cycle of attack & defense is observed.  ...  Some of them work on IRC (Internet Relay Chat) where handlers and zombies do not know identities of each other and the communication among them is done indirectly.  ...  In Fig. 7 , an example of CAPTCHA test is shown. CAPTCHA test is an effective technique against HTTP flood and SYN flood attacks.  ... 
doi:10.4036/iis.2013.173 fatcat:pgvcutvfajejpmgatezon5ftdq

The Effect of DNS on Tor's Anonymity [article]

Benjamin Greschbach, Tobias Pulls, Laura M. Roberts, Philipp Winter, Nick Feamster
2016 arXiv   pre-print
We then show that an adversary who can mount a DefecTor attack can often determine the website that a Tor user is visiting with perfect precision, particularly for less popular websites where the set of  ...  The TCP connections of a typical client application, however, are often accompanied by DNS requests and responses. This additional traffic presents more opportunities for correlation attacks.  ...  This leads to the goal of finding an optimum that provides strong protection while also keeping the overhead tolerable for Tor users.  ... 
arXiv:1609.08187v2 fatcat:uhd4x6rpgnawbk64v6dxfqkdny

Rethinking Business Model in Cloud Computing: Concept and Example

Ping DU, Akihiro NAKAO
2011 IEICE transactions on information and systems  
We design and prototype such a charging model in a CoreLab testbed infrastructure and show an example application. key words: cloud computing, denial-of-quota attacks, pay-as-you-admit  ...  In this paper, we address this issue and claim that cloud should enable users to pay only for their admitted traffic.  ...  Completely Automated Public Turing test to tell Computers and Humans Apart) [17] , which is reported to be more secure than conventional CAPTCHAs.  ... 
doi:10.1587/transinf.e94.d.2119 fatcat:nbkc4enab5hvfo4yoasv4bznpq

A Comprehensive Survey of Voice over IP Security Research

Angelos D. Keromytis
2012 IEEE Communications Surveys and Tutorials  
Finally, we argue for further work on understanding cross-protocol and cross-mechanism vulnerabilities (emergent properties), which are the byproduct of a highly complex system-of-systems and an indication  ...  We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation.  ...  Wang [47] describes an end-point audio CAPTCHA system for countering SPIT, meant to be installed and used by users and system administrators.  ... 
doi:10.1109/surv.2011.031611.00112 fatcat:qxpbre5q2zhwhkjeb63t2bkr2a

A survey on the use of graphical passwords in security

Haichang Gao, Wei Jia, Fei Ye, Licheng Ma
2013 Journal of Software  
In this paper, we focus on the security aspects of existing graphical password schemes, which not only gives a simple introduction of attack methods but also intends to provide an in-depth analysis with  ...  Then we review the known attack methods, categorize them into two kinds, and summarize the security reported in some user studies of those schemes.  ...  This research was supported by the National Natural Science Foundation of China (60903198) and the Fundamental Research Funds for the Central Universities.  ... 
doi:10.4304/jsw.8.7.1678-1698 fatcat:ssobdkvc3bfd3edvr6wb6fuhva
« Previous Showing results 1 — 15 out of 65 results