Semi-supervised deep learning approach to break common CAPTCHAs

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F21%3APU140411" target="_blank" >RIV/00216305:26220/21:PU140411 - isvavai.cz</a>

Výsledek na webu

<a href="https://link.springer.com/article/10.1007%2Fs00521-021-05957-0" target="_blank" >https://link.springer.com/article/10.1007%2Fs00521-021-05957-0</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1007/s00521-021-05957-0" target="_blank" >10.1007/s00521-021-05957-0</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Semi-supervised deep learning approach to break common CAPTCHAs

Popis výsledku v původním jazyce

Manual data annotation is a time consuming activity. A novel strategy for automatic training of the CAPTCHA breaking system with no manual dataset creation is presented in this paper. We demonstrate the feasibility of the attack against a text-based CAPTCHA scheme utilizing similar network infrastructure used for Denial of Service attacks. The main goal of our research is to present a possible vulnerability in CAPTCHA systems when combining the brute-force attack with transfer learning. The classification step utilizes a simple convolutional neural network with 15 layers. Training stage uses automatically prepared dataset created without any human intervention and transfer learning for fine-tuning the deep neural network classifier. The designed system for breaking text-based CAPTCHAs achieved 80% classification accuracy after 6 fine-tuning steps for a 5 digit text-based CAPTCHA system. The results presented in this paper suggest, that even the simple attack with a large number of attacking computers can be an effective alternative to current CAPTCHA breaking systems.

Název v anglickém jazyce

Semi-supervised deep learning approach to break common CAPTCHAs

Popis výsledku anglicky

Manual data annotation is a time consuming activity. A novel strategy for automatic training of the CAPTCHA breaking system with no manual dataset creation is presented in this paper. We demonstrate the feasibility of the attack against a text-based CAPTCHA scheme utilizing similar network infrastructure used for Denial of Service attacks. The main goal of our research is to present a possible vulnerability in CAPTCHA systems when combining the brute-force attack with transfer learning. The classification step utilizes a simple convolutional neural network with 15 layers. Training stage uses automatically prepared dataset created without any human intervention and transfer learning for fine-tuning the deep neural network classifier. The designed system for breaking text-based CAPTCHAs achieved 80% classification accuracy after 6 fine-tuning steps for a 5 digit text-based CAPTCHA system. The results presented in this paper suggest, that even the simple attack with a large number of attacking computers can be an effective alternative to current CAPTCHA breaking systems.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2021

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

NEURAL COMPUTING & APPLICATIONS

ISSN

0941-0643

e-ISSN

1433-3058

Svazek periodika

33

Číslo periodika v rámci svazku

20

Stát vydavatele periodika

GB - Spojené království Velké Británie a Severního Irska

Počet stran výsledku

11

Strana od-do

13333-13343

Kód UT WoS článku

000639371700001

EID výsledku v databázi Scopus

2-s2.0-85104497839