{"title":"一种新的基于主机与移动终端协商的电子商务动态验证码","authors":"Yang Guangming, Ni Jingyu, Tan Zhenhua","doi":"10.1109/ICICTA.2015.21","DOIUrl":null,"url":null,"abstract":"In electronic commerce, the supply of peculiar commodity is not adequate to users' requirements. Many users are inclined to use malicious software to order scarce commodities instead of legal purchasing processes. To solve this problem, designers of E-commerce websites use CAPTCHA to distinguish if the purchase request is applied by human rather than software. It does not work because malicious software (malware) can identify various CAPTCHA by specific function. So websites attempt to use more complex CAPTCHA to resist malware, however, users cannot identify it either. As a result, using CAPTCHA is not a perfect method to deal with distinguishing problems. In this paper, we propose a novel dynamic authentication CAPTCHA to enhance security and overcome limitations existing in static scheme. Our system can distinguish human from software by the negotiation between host and mobile terminal. The security analysis shows that the method we proposed can resist known types of attacks efficiently.","PeriodicalId":231694,"journal":{"name":"2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2015-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A New Dynamic Authentication Captcha Based on Negotiation Between Host and Mobile Terminal for Electronic Commerce\",\"authors\":\"Yang Guangming, Ni Jingyu, Tan Zhenhua\",\"doi\":\"10.1109/ICICTA.2015.21\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In electronic commerce, the supply of peculiar commodity is not adequate to users' requirements. Many users are inclined to use malicious software to order scarce commodities instead of legal purchasing processes. To solve this problem, designers of E-commerce websites use CAPTCHA to distinguish if the purchase request is applied by human rather than software. It does not work because malicious software (malware) can identify various CAPTCHA by specific function. So websites attempt to use more complex CAPTCHA to resist malware, however, users cannot identify it either. As a result, using CAPTCHA is not a perfect method to deal with distinguishing problems. In this paper, we propose a novel dynamic authentication CAPTCHA to enhance security and overcome limitations existing in static scheme. Our system can distinguish human from software by the negotiation between host and mobile terminal. The security analysis shows that the method we proposed can resist known types of attacks efficiently.\",\"PeriodicalId\":231694,\"journal\":{\"name\":\"2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-06-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICICTA.2015.21\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 8th International Conference on Intelligent Computation Technology and Automation (ICICTA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICICTA.2015.21","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A New Dynamic Authentication Captcha Based on Negotiation Between Host and Mobile Terminal for Electronic Commerce
In electronic commerce, the supply of peculiar commodity is not adequate to users' requirements. Many users are inclined to use malicious software to order scarce commodities instead of legal purchasing processes. To solve this problem, designers of E-commerce websites use CAPTCHA to distinguish if the purchase request is applied by human rather than software. It does not work because malicious software (malware) can identify various CAPTCHA by specific function. So websites attempt to use more complex CAPTCHA to resist malware, however, users cannot identify it either. As a result, using CAPTCHA is not a perfect method to deal with distinguishing problems. In this paper, we propose a novel dynamic authentication CAPTCHA to enhance security and overcome limitations existing in static scheme. Our system can distinguish human from software by the negotiation between host and mobile terminal. The security analysis shows that the method we proposed can resist known types of attacks efficiently.