To this date, CAPTCHAs have served as the first line of defense preventing unauthorized access by (malicious) bots to web-based services, while at the same time maintaining a trouble-free experience for human visitors. However, recent work in the literature has provided evidence of sophisticated bots that make use of advancements in machine learning (ML) to easily bypass existing CAPTCHA-based defenses. In this work, we take the first step to address this problem. We introduce CAPTURE, a novel CAPTCHA scheme based on adversarial examples. While typically adversarial examples are used to lead an ML model astray, to the best of our knowledge, CAPTURE is the first work to make a “good use“ of such mechanisms. Our empirical evaluations show that CAPTURE can produce CAPTCHAs that are easy to solve by humans while at the same time, effectively thwarting ML-based bot solvers.
Capture the Bot: Using Adversarial Examples to Improve CAPTCHA Robustness to Bot Attacks / Hitaj, D.; Hitaj, B.; Jajodia, S.; Mancini, L. V.. - In: IEEE INTELLIGENT SYSTEMS. - ISSN 1541-1672. - 36:(2021), pp. 104-112. [10.1109/MIS.2020.3036156]
Capture the Bot: Using Adversarial Examples to Improve CAPTCHA Robustness to Bot Attacks
Hitaj D.;Hitaj B.;Mancini L. V.
2021
Abstract
To this date, CAPTCHAs have served as the first line of defense preventing unauthorized access by (malicious) bots to web-based services, while at the same time maintaining a trouble-free experience for human visitors. However, recent work in the literature has provided evidence of sophisticated bots that make use of advancements in machine learning (ML) to easily bypass existing CAPTCHA-based defenses. In this work, we take the first step to address this problem. We introduce CAPTURE, a novel CAPTCHA scheme based on adversarial examples. While typically adversarial examples are used to lead an ML model astray, to the best of our knowledge, CAPTURE is the first work to make a “good use“ of such mechanisms. Our empirical evaluations show that CAPTURE can produce CAPTCHAs that are easy to solve by humans while at the same time, effectively thwarting ML-based bot solvers.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.