Ye, G, Tang, Z, Fang, D et al. (6 more authors) (2020) Using Generative Adversarial Networks to Break and Protect Text Captchas. ACM Transactions on Privacy and Security, 23 (2). 7. ISSN 2471-2566
Abstract
Text-based CAPTCHAs remains a popular scheme for distinguishing between a legitimate human user and an automated program. This article presents a novel genetic text captcha solver based on the generative adversarial network. As a departure from prior text captcha solvers that require a labor-intensive and time-consuming process to construct, our scheme needs significantly fewer real captchas but yields better performance in solving captchas. Our approach works by first learning a synthesizer to automatically generate synthetic captchas to construct a base solver. It then improves and fine-tunes the base solver using a small number of labeled real captchas. As a result, our attack requires only a small set of manually labeled captchas, which reduces the cost of launching an attack on a captcha scheme. We evaluate our scheme by applying it to 33 captcha schemes, of which 11 are currently used by 32 of the top-50 popular websites. Experimental results demonstrate that our scheme significantly outperforms four prior captcha solvers and can solve captcha schemes where others fail. As a countermeasure, we propose to add imperceptible perturbations onto a captcha image. We demonstrate that our countermeasure can greatly reduce the success rate of the attack.
Metadata
Item Type: | Article |
---|---|
Authors/Creators: |
|
Copyright, Publisher and Additional Information: | © 2020 Association for Computing Machinery. This is an author produced version of an article published in ACM Transactions on Privacy and Security. Uploaded in accordance with the publisher's self-archiving policy. |
Keywords: | Text captchas, generative adversarial networks, transfer learning, security, authentication |
Dates: |
|
Institution: | The University of Leeds |
Academic Units: | The University of Leeds > Faculty of Engineering & Physical Sciences (Leeds) > School of Computing (Leeds) |
Depositing User: | Symplectic Publications |
Date Deposited: | 06 Feb 2020 10:24 |
Last Modified: | 29 Apr 2020 21:08 |
Status: | Published |
Publisher: | Association for Computing Machinery |
Identification Number: | 10.1145/3378446 |
Open Archives Initiative ID (OAI ID): | oai:eprints.whiterose.ac.uk:156512 |