SenCAPTCHA: A Mobile-First CAPTCHA Using Orientation Sensors: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies: Vol 4, No 2
- ️RuotiScott
- ️Mon Jun 15 2020
SenCAPTCHA: A Mobile-First CAPTCHA Using Orientation Sensors
Article No.: 43, Pages 1 - 26
Abstract
CAPTCHAs are used to distinguish between human- and computer-generated (i.e., bot) online traffic. As there is an ever-increasing amount of online traffic from mobile devices, it is necessary to design CAPTCHAs that work well on mobile devices. In this paper, we present SenCAPTCHA, a mobile-first CAPTCHA that leverages the device's orientation sensors. SenCAPTCHA works by showing users an image of an animal and asking them to tilt their device to guide a red ball into the center of that animal's eye. SenCAPTCHA is especially useful for devices with small screen sizes (e.g., smartphones, smartwatches). In this paper, we describe the design of SenCAPTCHA and demonstrate that it is resilient to various machine learning based attacks. We also report on two usability studies of SenCAPTCHA involving a total of 472 participants; our results show that SenCAPTCHA is viewed as an "enjoyable" CAPTCHA and that it is preferred by over half of the participants to other existing CAPTCHA systems.
Supplementary Material
Supplemental movie, appendix, image and software files for, SenCAPTCHA: A Mobile-First CAPTCHA Using Orientation Sensors
- Download
- 127.61 KB
References
[1]
Henry S Baird, Michael A Moll, and Sui-Yu Wang. 2005. ScatterType: a legible but hard-to-segment CAPTCHA. In Document Analysis and Recognition, 2005. Proceedings. Eighth International Conference on. IEEE, 935--939.
[2]
M.M. Bongard. 1970. Pattern Recognition. Spartan Books, Rochelle Park, NJ.
[3]
Darko Brodić, Alessia Amelio, and Radmila Janković. 2018. Exploring the influence of CAPTCHA types to the users response time by statistical analysis. Multimedia Tools and Applications 77, 10 (2018), 12293--12329.
[4]
John Brooke. 2013. SUS: a retrospective. Journal of usability studies 8, 2 (2013), 29--40.
[5]
John Brooke et al. 1996. SUS-A quick and dirty usability scale. Usability evaluation in industry 189, 194 (1996), 4--7.
[6]
Elie Bursztein. 2012. How we broke the NuCaptcha video scheme and what we proposed to fix it. See https://www.elie.net/blog/security/how-we-broke-the-nucaptcha-video-scheme-and-what-we-propose-to-fix-it/, Accessed March (2012).
[7]
Elie Bursztein, Jonathan Aigrain, Angelika Moscicki, and John C Mitchell. 2014. The End is Nigh: Generic Solving of Text-based CAPTCHAs. In WOOT.
[8]
Tsz-Yan Chan. 2003. Using a test-to-speech synthesizer to generate a reverse Turing test. In Tools with Artificial Intelligence, 2003. Proceedings. 15th IEEE International Conference on. IEEE, 226--232.
[9]
Monica Chew and J Doug Tygar. 2004. Image recognition captchas. In International Conference on Information Security. Springer, 268--279.
[10]
Sarika Choudhary, Ritika Saroha, Yatan Dahiya, and Sachin Choudhary. 2013. understanding CAPTCHA: Text and Audio Based Captcha with its Applications. International Journal of Advanced Research in Computer Science and Software Engineering 3, 6 (2013).
[11]
Mauro Conti, Claudio Guarisco, and Riccardo Spolaor. 2016. CAPTCHaStar! A novel CAPTCHA based on interactive shape discovery. In International Conference on Applied Cryptography and Network Security. Springer, 611--628.
[12]
Ritendra Datta, Jia Li, and James Z Wang. 2005. IMAGINATION: a robust image-based CAPTCHA generation system. In Proceedings of the 13th annual ACM international conference on Multimedia. ACM, 331--334.
[13]
Jeremy Elson, John R Douceur, Jon Howell, and Jared Saul. 2007. Asirra: a CAPTCHA that exploits interest-aligned manual image categorization. In ACM Conference on Computer and Communications Security, Vol. 7. Citeseer, 366--374.
[14]
Haichang Gao, Honggang Liu, Dan Yao, Xiyang Liu, and Uwe Aickelin. 2010. An audio CAPTCHA to distinguish humans from computers. In Electronic Commerce and Security (ISECS), 2010 Third International Symposium on. IEEE, 265--269.
[15]
Haichang Gao, Dan Yao, Honggang Liu, Xiyang Liu, and Liming Wang. 2010. A novel image based CAPTCHA using jigsaw puzzle. In Computational Science and Engineering (CSE), 2010 IEEE 13th International Conference on. IEEE, 351--356.
[16]
Barney G Glaser. 1965. The constant comparative method of qualitative analysis. Social problems 12, 4 (1965), 436--445.
[17]
Philippe Golle. 2008. Machine learning attacks against the Asirra CAPTCHA. In Proceedings of the 15th ACM conference on Computer and communications security. ACM, 535--542.
[18]
Ian J Goodfellow, Yaroslav Bulatov, Julian Ibarz, Sacha Arnoud, and Vinay Shet. 2013. Multi-digit number recognition from street view imagery using deep convolutional neural networks. arXiv preprint arXiv.1312.6082 (2013).
[19]
Rich Gossweiler, Maryam Kamvar, and Shumeet Baluja. 2009. What's up CAPTCHA?: a CAPTCHA based on image orientation. In Proceedings of the 18th international conference on World wide web. ACM, 841--850.
[20]
Jonathan Holman, Jonathan Lazar, Jinjuan Heidi Feng, and John D'Arcy. 2007. Developing usable CAPTCHAs for blind users. In Proceedings of the 9th international ACM SIGACCESS conference on Computers and accessibility. ACM, 245--246.
[21]
Chen-Chiung Hsieh and Zong-Yu Wu. 2013. Anti-SIFT images based CAPTCHA using versatile characters. In Information Science and Applications (ICISA), 2013 International Conference on. IEEE, 1--4.
[22]
Google Inc. 2018. Google reCAPTCHA. https://www.google.com/recaptcha/intro/
[23]
Leap Marketing Technologies Inc. 2010. Video-Based Captchas Now Available for Sites and Blogs. See www.prnewswire.com/news-releases/video-based-captchas-now-available-for-sites-and-blogs-97471319.html (2010).
[24]
Imperva Incapsula. 2016. Bot Traffic Report. https://www.incapsula.com/blog/bot-traffic-report-2016.html
[25]
Ramanpreet Kaur and Pooja Choudhary. 2015. A Novel CAPTCHA Design Approach using Boolean Algebra. In 2015 5th International Conference on IT Convergence and Security (ICITCS). Citeseer, 1--7.
[26]
Kurt Alfred Kluever and Richard Zanibbi. 2009. Balancing usability and security in a video CAPTCHA. In Proceedings of the 5th Symposium on Usable Privacy and Security. ACM, 14.
[27]
Greg Kochanski, Daniel P Lopresti, and Chilin Shih. 2002. A reverse turing test using speech. In INTERSPEECH.
[28]
Martin Koestinger, Paul Wohlhart, Peter M Roth, and Horst Bischof. 2011. Annotated facial landmarks in the wild: A large-scale, real-world database for facial landmark localization. In Computer Vision Workshops (ICCV Workshops), 2011 IEEE International Conference on. IEEE, 2144--2151.
[29]
Jonathan Lazar, Jinjuan Feng, Tim Brooks, Genna Melamed, Brian Wentz, Jon Holman, Abiodun Olalere, and Nnanna Ekedebe. 2012. The SoundsRight CAPTCHA: an improved approach to audio human interaction proofs for blind users. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, 2267--2276.
[30]
James R Lewis. 1991. Psychometric evaluation of an after-scenario questionnaire for computer usability studies: the ASQ. ACM Sigchi Bulletin 23, 1 (1991), 78--81.
[31]
Mark D Lillibridge, Martin Abadi, Krishna Bharat, and Andrei Z Broder. 2001. Method for selectively restricting access to computer systems. US Patent 6,195,698.
[32]
David G Lowe. 2004. Distinctive image features from scale-invariant keypoints. International journal of computer vision 60, 2 (2004), 91--110.
[33]
Nicholas J. Hopper Luis von Ahn, Manuel Blum and John Langford. 2000. The CAPTCHA Web Page. http://www.captcha.net
[34]
Peter Matthews, Andrew Mantel, and Cliff C Zou. 2010. Scene tagging: image-based CAPTCHA using image composition and object relationships. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security. ACM, 345--350.
[35]
D Mujumdar and S Polisetti. 2011. A platform to monetize usable & secure CAPTCHAs for desktop and mobile devices (PICATCHA). Retrieved Dec 20 (2011), 2014.
[36]
Drew Phillips. 2019. Securimage. https://www.phpcaptcha.org
[37]
Lawrence R Rabiner and Biing-Hwang Juang. 1993. Fundamentals of speech recognition. (1993).
[38]
Maheen Rashid, Xiuye Gu, and Yong Jae Lee. 2017. Interspecies Knowledge Transfer for Facial Keypoint Detection. arXiv preprint arXiv:1704.04023 (2017).
[39]
Gerardo Reynaga, Sonia Chiasson, and Paul C van Oorschot. 2015. Exploring the usability of captchas on smartphones: Comparisons and recommendations. In NDSS Workshop on Usable Security USEC.
[40]
Scott Ruoti, Brent Roberts, and Kent Seamons. 2015. Authentication melee: A usability analysis of seven web authentication systems. In Proceedings of the 24th International Conference on World Wide Web. International World Wide Web Conferences Steering Committee, 916--926.
[41]
Hiroaki Sakoe and Seibi Chiba. 1978. Dynamic programming algorithm optimization for spoken word recognition. IEEE transactions on acoustics, speech, and signal processing 26, 1 (1978), 43--49.
[42]
Jeff Sauro and James R Lewis. 2016. Quantifying the user experience: Practical statistics for user research. Morgan Kaufmann.
[43]
Suphannee Sivakorn, Iasonas Polakis, and Angelos D Keromytis. 2016. I am robot:(deep) learning to break semantic image captchas. In Security and Privacy (EuroS&P), 2016 IEEE European Symposium on. IEEE, 388--403.
[44]
Suphannee Sivakorn, Jason Polakis, and Angelos D Keromytis. 2016. I'm not a human: Breaking the Google reCAPTCHA. Black Hat (2016).
[45]
Oleg Starostenko, Claudia Cruz-Perez, Fernando Uceda-Ponga, and Vicente Alarcon-Aquino. 2015. Breaking text-based CAPTCHAs with variable word and character orientation. Pattern Recognition 48, 4 (2015), 1101--1112.
[46]
Pranal C Tayade and Mahip M Bartere. 2015. Comprehensive study on performance analysis of various CAPTCHA systems. International Journal of Current Engineering and Technology 5, 1 (2015).
[47]
Thomas S Tullis and Jacqueline N Stetson. 2004. A comparison of questionnaires for assessing website usability. In Usability professional association conference, Vol. 1. Minneapolis, USA.
[48]
Luis Von Ahn. 2008. Human computation. In 2008 IEEE 24th international conference on data engineering. IEEE, 1--2.
[49]
Luis Von Ahn, Manuel Blum, and John Langford. 2004. Telling humans and computers apart automatically. Commun. ACM 47, 2 (2004), 56--60.
[50]
Luis Von Ahn, Benjamin Maurer, Colin McMillen, David Abraham, and Manuel Blum. 2008. recaptcha: Human-based character recognition via web security measures. Science 321, 5895 (2008), 1465--1468.
[51]
Yi Xu, Gerardo Reynaga, Sonia Chiasson, Jan-Michael Frahm, Fabian Monrose, and Paul C van Oorschot. 2012. Security and Usability Challenges of Moving-Object CAPTCHAs: Decoding Codewords in Motion. In USENIX security symposium. 49--64.
[52]
Heng Yang, Renqiao Zhang, and Peter Robinson. 2016. Human and sheep facial landmarks localisation by triplet interpolated features. In Applications of Computer Vision (WACV), 2016 IEEE Winter Conference on. IEEE, 1--8.
Information & Contributors
Information
Published In
Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies Volume 4, Issue 2
June 2020
771 pages
Copyright © 2020 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 15 June 2020
Published in IMWUT Volume 4, Issue 2
Permissions
Request permissions for this article.
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- Downloads (Last 12 months)219
- Downloads (Last 6 weeks)26
Reflects downloads up to 18 Feb 2025
Other Metrics
Citations
- Trong NHuong THoang V(2023)New Cognitive Deep-Learning CAPTCHASensors10.3390/s2304233823:4(2338)Online publication date: 20-Feb-2023
- Wang PGao HGuo XXiao CQi FYan Z(2023)An Experimental Investigation of Text-based CAPTCHA Attacks and Their RobustnessACM Computing Surveys10.1145/355975455:9(1-38)Online publication date: 16-Jan-2023
- Theron GLiundi TChowanda AAnderies (2023)CNN Image Classification Model Comparison Between Single-Label and Multi-Label CAPTCHA Dataset2023 8th International Conference on Electrical, Electronics and Information Engineering (ICEEIE)10.1109/ICEEIE59078.2023.10334798(1-6)Online publication date: 28-Sep-2023
- Zhang JTsai MKitchat KSun MSakai KKu WSurasak TThaipisutikul T(2023)A secure annuli CAPTCHA systemComputers & Security10.1016/j.cose.2022.103025125(103025)Online publication date: Feb-2023
- Ray PBera AGiri DBhattacharjee D(2023)Style matching CAPTCHA: match neural transferred styles to thwart intelligent attacksMultimedia Systems10.1007/s00530-023-01075-029:4(1865-1895)Online publication date: 1-Aug-2023
- Ma XYe ZPatil S(2022)Do Regional Variations Affect the CAPTCHA User Experience? A Comparison of CAPTCHAs in China and the United StatesProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3561146(1-9)Online publication date: 10-Oct-2022
- Fadlullah ZMao BKato N(2022)Balancing QoS and Security in the Edge: Existing Practices, Challenges, and 6G Opportunities With Machine LearningIEEE Communications Surveys & Tutorials10.1109/COMST.2022.319169724:4(2419-2448)Online publication date: Dec-2023
- Di Nardo Di Maio RGuerar MMigliardi M(2021)ascCAPTCHA: an Invisible Sensor CAPTCHA for PCs Based on Acoustic Side Channel2021 44th International Convention on Information, Communication and Electronic Technology (MIPRO)10.23919/MIPRO52101.2021.9597134(482-487)Online publication date: 27-Sep-2021
- Li XChen YPatibanda RMueller F(2021)vrCAPTCHA: Exploring CAPTCHA Designs in Virtual RealityExtended Abstracts of the 2021 CHI Conference on Human Factors in Computing Systems10.1145/3411763.3451985(1-4)Online publication date: 8-May-2021
- Leguesse YColombo CVella MHernandez-Castro J(2021)PoPL: Proof-of-Presence and Locality, or How to Secure Financial Transactions on Your SmartphoneIEEE Access10.1109/ACCESS.2021.31373609(168600-168612)Online publication date: 2021
- Show More Cited By
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.