From Captcha to Captchæcker: Can we automate security and usability analysis of CAPCTHAs?
MSF Seminar
- When?
- Monday 8 October 2012, 16:00 to 17:00
- Where?
- 39 BB 02
- Open to:
- Public, Staff, Students
- Speaker:
- Dr Shujun Li
CAPTCHAs are everywhere these days. Security and usability evaluation of CAPTCHA schemes is still an art rather than a science in the sense that it has to be done on an ad hoc basis and many steps have to be done manually. In this talk, the following questions will be focused: can we automate the security and usability evaluation process and if so to what extent? A new concept called Captchæcker (= Captcha + Checker) is proposed to automate the usability evaluation part based on machine learning, and to semi-automate the security evaluation part based on a dataflow programming framework called Reconfigurable Multimedia Coding (RMC, formerly known as Reconfigurable Video Coding = RVC). Some preliminary research results will be described and future work is explained.
References
- Yousra Javed, Maliha Nazir, Muhammad Murtaza Khan, Syed Ali Khayam and Shujun Li, "Captchæcker: Reconfigurable CAPTCHAs Based on Automated Security and Usability Analysis," in Proceedings of 2011 4th Symposium on Configuration Analytics and Automation (SafeConfig 2011, October 31 - November 1, 2011, Arlington, VA, USA), IEEE, 2011
- Maliha Nazir, Yousra Javed, Muhammad Murtaza Khan, Syed Ali Khayam and Shujun Li, "Poster: Captchæcker – Automating Usability-Security Evaluation of Textual CAPTCHAs," in Proceedings of 7th Symposium On Usable Privacy and Security (SOUPS 2011, Carnegie Mellon University in Pittsburgh, PA, USA, July 20-22, 2011), ACM, 2011