To this date, CAPTCHAs have served as the first line of defense preventing unauthorized access by (malicious) bots to web-based services, while at the same time maintaining a trouble-free experience for human visitors. However, recent work in the literature has provided evidence of sophisticated bots that make use of advancements in machine learning (ML) to easily bypass existing CAPTCHA-based defenses. In this work, we take the first step to address this problem. We introduce CAPTURE, a novel CAPTCHA scheme based on adversarial examples. While typically adversarial examples are used to lead an ML model astray, to the best of our knowledge, CAPTURE is the first work to make a “good use“ of such mechanisms. Our empirical evaluations show that CAPTURE can produce CAPTCHAs that are easy to solve by humans while at the same time, effectively thwarting ML-based bot solvers.

Capture the Bot: Using Adversarial Examples to Improve CAPTCHA Robustness to Bot Attacks / Hitaj, D.; Hitaj, B.; Jajodia, S.; Mancini, L. V.. - In: IEEE INTELLIGENT SYSTEMS. - ISSN 1541-1672. - 36:(2021), pp. 104-112. [10.1109/MIS.2020.3036156]

Capture the Bot: Using Adversarial Examples to Improve CAPTCHA Robustness to Bot Attacks

Hitaj D.;Hitaj B.;Mancini L. V.
2021

Abstract

To this date, CAPTCHAs have served as the first line of defense preventing unauthorized access by (malicious) bots to web-based services, while at the same time maintaining a trouble-free experience for human visitors. However, recent work in the literature has provided evidence of sophisticated bots that make use of advancements in machine learning (ML) to easily bypass existing CAPTCHA-based defenses. In this work, we take the first step to address this problem. We introduce CAPTURE, a novel CAPTCHA scheme based on adversarial examples. While typically adversarial examples are used to lead an ML model astray, to the best of our knowledge, CAPTURE is the first work to make a “good use“ of such mechanisms. Our empirical evaluations show that CAPTURE can produce CAPTCHAs that are easy to solve by humans while at the same time, effectively thwarting ML-based bot solvers.
2021
Adversarial Examples; CAPTCHA; CAPTCHAs; Encoding; Machine Learning; Machine learning; Neural networks; Perturbation methods; Security; Security and Privacy; Task analysis
01 Pubblicazione su rivista::01a Articolo in rivista
Capture the Bot: Using Adversarial Examples to Improve CAPTCHA Robustness to Bot Attacks / Hitaj, D.; Hitaj, B.; Jajodia, S.; Mancini, L. V.. - In: IEEE INTELLIGENT SYSTEMS. - ISSN 1541-1672. - 36:(2021), pp. 104-112. [10.1109/MIS.2020.3036156]
File allegati a questo prodotto
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1487076
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 11
  • ???jsp.display-item.citation.isi??? 6
social impact