Yet Another Text Captcha Solver: A Generative Adversarial Network Based Approach

目的

Identification text verification code

摘要

Despite several attacks have been proposed, text-based CAPTCHAs are still being widely used as a security mechanism. One of the reasons for the pervasive use of text captchas is that many of the prior attacks are scheme-specific and require a labor-intensive and time-consuming process to construct. This means that a change in the captcha security features like a noisier background can simply invalid an earlier attack. This paper presents a generic, yet effec-tive text captcha solver based on the generative adversarial network. Unlike prior machine-learning-based approaches that need a large volume of manually-labeled real captchas to learn an effective solver, our approach requires significantly fewer real captchas but yields much better performance. This is achieved by first learning a captcha synthesizer to automatically generate synthetic captchas to learn a base solver, and then fine-tuning the base solver on a small set of real captchas using transfer learning. We evaluate our ap- proach by applying it to 33 captcha schemes, including 11 schemes that are currently being used by 32 of the top-50 popular websites including Microsoft, Wikipedia, eBay and Google. Our approach is the most capable attack on text captchas seen to date. It outperforms four state-of-the-art text-captcha solvers by not only delivering a significant higher accuracy on all testing schemes, but also success-fully attacking schemes where others have zero chance. We show that our approach is highly efficient as it can solve a captcha within 0.05 second using a desktop GPU. We demonstrate that our attack is generally applicable because it can bypass the advanced security features employed by most modern text captcha schemes. We hope the results of our work can encourage the community to revisit the design and practical use of text captchas.

background

1. Text-based captchas are extensively used to distinguish humans from automated computer programs.
2. captchas six widely used security features:
   • Character overlapping
   • Occluding line
   • Solid and hollow fonts
   • Character rotating, distortion or waving
   • Different font sizes and colors
   • Noisy background
3. to build an effective CNN-based captcha solver would require over
   2.3 million unique training images

方法

• GAN
• Transfer learning
• Our attack is based on the recently proposed GAN architecture [22]. A GAN consists of two models: a generative network for creating synthetic examples and a discriminative network to distinguish the synthesized examples from the real ones. We use backpropaga- tion [28] to train both networks, so that over the training iterations, the generator produces better synthetic samples, while the discrim- inator becomes more skilled at flagging synthetic samples.
• If the discriminator can successfully distinguish a large number of synthetic captchas from the real ones, the grid search method is employed to adjust the parameter values for synthesizing another batch of captchas.
• This process continues until the discriminator can distinguish less than 5% of the synthetic captchas from the real ones
• Specifically, we adapt the Pix2Pix image-to-image translation framework [14]. This algorithm was developed to transform an image from one style to another
• Captcha Solvers：a classical CNN called LeNet-5（has five convolutional layers, five polling layers followed by two fully- connected layers（3 × 3 filter for the convolutional layer a max-pooling filter））
• We use a Bayesian based parameter tuner [20] to automatically choose the hyperparameters for training the base solver
• Overall, applying transfer learn- ing to the second or third CL onward leads to the best performance.

模型

1. Step 1. Captcha synthesis. The first step is to generate captchas that are visually similar to the target captchas. Our GAN-based captcha generator consists of two parts: a captcha generator that tries to produce captchas which are as similar as possible to the target captchas, and a discriminator that tries to identify the syn- thetic captchas from the real ones. This generation-discrimination process terminates when the discriminator fails to identify a large portion of the synthetic captchas. Once training has terminated, we can then use the trained generator (referred as captcha synthesizer) to automatically generate an unbounded number of captchas (for which the characters of each synthetic captcha are known). This is detailed in Section 4.1.
2. Step 2. Preprocessing. Before presenting a captcha image to a solver, we use a pre-processing model to remove the captcha se- curity features and standardize the font style (e.g., filling hollow characters and standardizing gaps between characters). The pre- processing model is based on a specific GAN called Pix2Pix [14]. It is trained from synthetic captchas for which we also have the corresponding clean captchas (i.e., captcha images without secu- rity features). The trained model can then be used for any unseen captchas of the target captcha scheme. This is detailed in Section 4.2.
3. Step 3. Training the base solver. With the captcha synthesizer and the pre-processing model in place, we then generate a large number of synthetic captchas together with their labels (i.e., corre- sponding characters) and use this dataset to learn a base solver for a target captcha scheme. Our captcha solver is a convolutional neural network (CNN). The trained solver takes in a pre-processed captcha image and outputs the corresponding characters. This process is described in more details at Section 4.3.
4. Step 4. Fine-tuning the base solver. In the last step, we apply transfer learning to refine the base solver by using a small set of manually labeled captchas that are collected from the target website. Transfer learning allows us to leverage knowledge learned from synthetic captchas to reduce the cost of collecting and labeling captchas, and to further improve performance of the base model. This is described in Section 4.3.

数据集

各个主流网站搜集并标记1500验证码，500训练，1000测试
合成器生成200,000验证码做求解器数据集
预处理用20000训练
求解器用200000训练

solver use Keras

训练环境

• trainging：cloud server with a 2.4GHz Intel Xeon CPU, four NVIDIA Tesla P40 GPUs and 256GB of RAM, running Centos 7 operating system with Linux kernel 3.10.
• training time：five hours
• testing：The trained solver is then run and tested on a workstation with a 3.2GHz Intel Xeon CPU, a NVIDIA Titan GPU and 64GB of RAM

效果

limitation

tips

• CAPTCHAs（Completely Automated Public Turing Test To Tell Computers and Humans Apart，全自动区分计算机和人类的图灵测试即通用验证码