{"title":"CAPTCHA: A robust approach to resist online password guessing attacks","authors":"Rohini B. Varne, R. Mane","doi":"10.1109/EIC.2015.7230731","DOIUrl":null,"url":null,"abstract":"Brute force and Dictionary attacks have become an inevitable security threat to web applications today. Common measures taken to prevent online password guessing attacks like account locking mechanism are ineffective if an attacker has access to a number of compromised machines from a botnet. The main goal is to design a web application that restricts such attacks and at the same time enable convenient login to valid users. CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) is an effective challengeresponse test to achieve this goal because of its usability and robustness. These are the tests that cannot be solved by current computer programs or bots, but are easily solvable by humans. This ensures that the account is being accessed by a human and not by an automated program. The proposed system implements a secure CAPTCHA that withstands segmentation attacks and also provides various difficulty levels in CAPTCHA design. Classification of CAPTCHA and its robustness is discussed","PeriodicalId":101532,"journal":{"name":"2014 International Conference on Advances in Communication and Computing Technologies (ICACACT 2014)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2015-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference on Advances in Communication and Computing Technologies (ICACACT 2014)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EIC.2015.7230731","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Brute force and Dictionary attacks have become an inevitable security threat to web applications today. Common measures taken to prevent online password guessing attacks like account locking mechanism are ineffective if an attacker has access to a number of compromised machines from a botnet. The main goal is to design a web application that restricts such attacks and at the same time enable convenient login to valid users. CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) is an effective challengeresponse test to achieve this goal because of its usability and robustness. These are the tests that cannot be solved by current computer programs or bots, but are easily solvable by humans. This ensures that the account is being accessed by a human and not by an automated program. The proposed system implements a secure CAPTCHA that withstands segmentation attacks and also provides various difficulty levels in CAPTCHA design. Classification of CAPTCHA and its robustness is discussed
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
