Fully automatic Turing test (English: CAPTCHA) to distinguish between computers and humans, also known as verification code

The Turing Test (English: CAPTCHA for short ), also known as verification code , is a public fully automatic program to distinguish whether the user is a machine or a human. In a CAPTCHA test, a computer acting as a server automatically generates a question for the user to answer. This question can be generated and judged by a computer, but only a human can answer it. Since machines cannot answer CAPTCHA questions, users who answer the questions can be considered human beings.

Early Captcha "smwm", generated by the EZ-Gimpy program, using distorted letters and background color gradients

A more modern CAPTCHA that does not use distorted backgrounds and letters, but adds a curved line to make image segmentation more difficult.

Another way to increase the difficulty of image segmentation is to crowd symbols with each other, but it also makes it harder for real users to recognize

The verification method that requires the user to identify the picture, this picture is a simulation of the verification interface of the 12306 website

Introduction

The term CAPTCHA was first proposed in 2002 by Louis von Ahn, Manuel Blum, Nicholas J. Hopper of Carnegie Mellon University and John Langford of IBM. Carnegie Mellon University attempted to apply for the term to be registered as a trademark, but the application was rejected on April 21, 2008. A commonly used CAPTCHA test is to let the user input a text or number displayed on a distorted picture. The distortion is to prevent the text or number on the picture from being automatically recognized by a computer program such as optical character recognition and lose its effect . Because the test is a computer testing a human, rather than a human testing a computer as in the standard Turing test , CAPTCHA is sometimes called a reverse Turing test.

For people with disabilities who cannot see the image, the alternative method is to use voice to read out the alphanumeric characters. In order to prevent voice recognition and analysis of the voice, the content of the voice will have noise or voice change that can still be accepted by humans.

According to the definition of the CAPTCHA test, the algorithm that generates the captcha picture must be disclosed, even though the algorithm may be protected by patents. This is done to demonstrate that cracking requires solving a different AI problem, rather than just discovering the original (secret) algorithm, which can be obtained, for example, by reverse engineering .

use

CAPTCHA technology is widely used in website message boards and account registration. In order to prevent people from using computer programs to post a large number of advertisements or other spam messages on message boards, many websites will place CAPTCHAs to require posters to enter the letters and numbers or arithmetic problems displayed on the picture to complete the post. And some transaction systems on the Internet (such as: booking system, online banking) will also have a CAPTCHA mechanism in order to avoid being cracked by computer programs to brute force a large number of transaction attempts.

Related technologies are:

• reCAPTCHA : It uses CAPTCHA technology to help digitize classics.
• SolveMedia, captcha.tw and other ad networks use captcha to display ads.

to crack

Some captcha systems that were or are in use have been cracked. This includes an early version of Yahoo's captcha EZ-Gimpy, captchas used by PayPal, LiveJournal, and phpBB, captchas used by many financial institutions (mainly banks), and captchas used by many other websites.

A Russian hacker group cracked Yahoo 's CAPTCHA in 2006 using an automatic identification software. The accuracy rate is about 15%, but the attacker can try 100,000 times a day, relatively cheap. In 2008, Google 's CAPTCHA was also cracked by Russian hackers. The attacker uses two different computers to adjust the cracking process, perhaps using the second computer to learn the first one's cracking of the CAPTCHA, or to monitor the success.

There is also a similar distributed manual identification method, which is mostly used to prevent the automatic running program from being intercepted by the anti-automation mechanism, such as the automatic plug-in of the game, etc., that is, by forwarding the data such as pictures that need to be verified to the terminal on duty, and other humans do it for them. After identifying the answer, the answer is forwarded back to the verification sender to answer. The cracking of the Gmail mailbox registration verification system may be through this method. There are already specialized companies that provide specialized personnel identification services.

There are also some methods that use a combination of new algorithms and AI for cracking.

references

Related multimedia resources on Wikimedia Commons : Captcha

1. ^  . 時代雜誌. [2008-06-12]. （原始内容存档于2009-04-30）. The Carnegie Mellon team came back with the CAPTCHA. (It stands for "completely automated public Turing test to tell computers and humans apart"; no, the acronym doesn't really fit.) The point of the CAPTCHA is that reading those swirly letters is something that computers aren't very good at.
2. ^  . USPTO. 2008-04-21 [2008-12-21]. ( Archived from  the original on 2012-04-23).
3. ^   . captcha.tw. ( Original content archived on 2013-10-14).
4. ^  Greg, Mori,; Malik, Jitendra. . Simon Fraser University. Retrieved 2008-12-21. ( Archived from  the original on 2019-03-23).
5. ^   Kluever, Kurt. . Kloover.com. 2008-05-12 Retrieved 2008-12-21. (Original content archived on 2018-07-12).
6. ^   Li, Shujun; Syed Amier Haider Shah, Muhammad Asad Usman Khan, Syed Ali Khayam, Ahmad-Reza Sadeghi and Roland Schmitz. . . New York, NY, USA: ACM: 171–180. 2010 [2012-05-20] .  doi:10.1145/1920261.1920288 . (Original content archived on 2016-03-13).
7. ^   Kluever, Kurt. . Kloover.com. 2008-02-28 [2008-12-21]. (Original content archived on 2017-12-21).
8. ^   Hocevar, Sam. . Sam.zoy.org. Retrieved 2008-12-21. ( Archived from the original on 2005-09-11).
9. ^   Sergei, Kruglov. . Captcha.ru. Retrieved 2008-12-21. (Original content archived 2021-04-17).
10. ^   . 0x000000 - THE HACKER WEBZINE. 2006 [2008-02-27]. ( Original archived on 2013-07-19).
11. ^   . Websense Security Labs. 2008-02-22 [2008-02-27]. ( Archived from the original on 2008-02-28).
12. ^   Analysis of verification code manual cracking insider! What is a coding task  ( page archive backup , stored in) coding task (captcha human bypass project)
13. ^   Archive about coding insider  , archive date 2016-03-05.
14. ^   ( page archive backup , stored at) Brad Taylor said that spammers used the original "human flesh cracking", that is, paid to hire a large number of cheap laborers from the third world, and asked them to manually crack the CAPTCHA system one by one .
15. ^   . ( Original content archived on 2016-03-04).
16. ^   Ye Wang, etc. An optimized system to solve text-based CAPTCHA  ( page archive backup , stored in)[Ye Wang, etc. An optimized system to solve text-based CAPTCHA]

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.