Type: Classification Essays
Sample donated: Kristen Foster
Last updated: December 29, 2019
In solving hard AI problems, captcha separates humans withbots. Mainly there are two types of visual captcha: text Captcha andImage-Recognition Captcha (IRC). Text captcha deals with character recognition,it depends on the difficulty of character segmentation, which iscomputationally expensive and combinatorially hard and IRC deals with onrecognition of non-character objects, but non-character objects recognition isgood when compared to character recognition. IRCs mainly depends on difficultyin identification or classification of object, combined with objectsegmentation. Asirra 27 is scheme from IRC which depends on binary objectclassification: where a user asked to find all the cats from a panel of 12images of cats and dogs.
Asirra prone to machine-learning attacks. IRCs whichbased on object identification or classification of objects are insecure 25.Multi-label classification problems are considered difficult than binaryclassification problems. Captcha can overcome relay attacks where captchachallenges relayed to human solvers and the answers were given back to thetarget application Figure 4: CaptchaCaptcha in AuthenticationTo counteronline dictionary attacks, use both captcha and password in user authenticationprotocol known as Captcha-based Password Authentication (CbPA) protocol 11.The CbPA-protocol asks the user to input user ID and password then it asks forCaptcha challenge if the user provides correct captcha, a valid browser cookieis received.
If the user enters invalid User ID and password, before beingdenied it asks to solve a captcha. Improved CbPA-protocol 18 stores cookiesonly on user-trusted computers and it prompts captcha challenge only when thefailed attempts exceeded a threshold. Further improved and threshold limitvaries from user trusted and untrusted machines, for trusted machines thethreshold is small and for untrusted machines threshold is large 19.To address spywareuser used captcha with recognition-based graphical passwords, where below everyimage a text captcha is placed and the user clicks on own pass-image from decoyimages and solves the captcha during authentication 32.
These user clicks orspecific locations are selected while creating the password.In the aboveschemes, Captcha is an independent entity, which means either text or graphicalpassword is used at a time. But a CaRP is both a Captcha and a graphicalpassword scheme, which are combined to a single entity. PGRP ProtocolThe proposed PGRP scheme is more restrictiveagainst attackers than commonly used countermeasures. At the same time, PGRPrequires answering fewer ATTs for all legitimate users, including those whooccasionally require multiple attempts to recall a password. Presented a loginprotocol based on ATTs to protect against online password guessing attacks. Itreduces the number of ATTs that legitimate users must correctly answer so thata user with a valid browser cookie will rarely be prompted to answer an ATT6.
Adeterministic capacity (AskATT) of the entered client qualifications isutilized to choose whether to ask the client an ATT. To enhance the security ofthe PS convention, A protected non-deterministic keyed hash capacity asAskATT() so that each username is connected with one key that ought to bechanged at whatever point the relating secret key is changed. The proposedcapacity requires additional server-side stockpiling per username and no lessthan one cryptographic hash operation for each login endeavor.
In this proposedwork, we have coordinated sound mark to help in reviewing the secret key. Inday by day life, we see different illustrations of reviewing an item by thesound identified with that question enters User ID and select one soundrecurrence which he needs to be played at login time, a resistance worth isadditionally chosen with will choose that the client is genuine or a faker 6.