Accessibility vs Security: Breaking CAPTCHAs by exploiting their accessibility features by Gautam Krishnan

Apr 5, 2019

Introduction

Under the guidance of Prof. Jason Polakis, I had the opportunity to work on a web security project alongside Varshini Sampath and Saumya Solanki. In this work, we showed that how audio based CAPTCHAs, introduced as an accessible alternative for those unable to use the more common visual CAPTCHA can be exploited to nullify their purpose. This research was published in Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security (AISEC) and was also presented at Usenix ScAINet 2018.

Terminology

  1. CAPTCHA (will be referring to as “captchas” henceforth)— A program or system intended to distinguish humans from computers as a way to prevent spam. These are often found as garbled text that can only be recognized by humans and not by computers.
  2. Challenge/Problem — The test presented to a user to validate themselves as a human.
  3. Solver — An automated system built to ‘hack’ the challenge and present itself as a human. Will be referring to this process is called ‘solving’ or....

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023