A Review on New Approaches to CAPTCHA for Enhancing Security and Usability
Article Sidebar
Main Article Content
Abstract
CAPTCHA systems, or Completely Automated Public Turing test to tell Computers and Humans Apart, are well-known as automated programs used to filter out real human users from bots. Unfortunately, ordinary CAPTCHAs, including the text-based ones and the image recognition challenges, are becoming easier for sophisticated machine learning systems to crack and more annoying for users to complete. This paper applies new methods of CAPTCHA security customization by focusing on improvement of usability. Paper analyzes emerging methods such as behavioral biometrics, game-based CAPTCHAs, and AI-driven adaptive CAPTCHAs. In addition, it examines the effectiveness of these methods in counteracting different types of automated attacks and their impacts on user experience. The paper ends by offering some thoughts about the future of CAPTCHA technology, arguing that research should aim at a combination of security and usability for users. So, the intension of the paper is to examine the new approaches and compare them with each other and what should be the impact on the security system. There are so many tricks or hacks through which security can be breached. So, for that reason an ideal system is required to maintain the security.
Article Details
References
Kumar, “Emerging trends in CAPTCHA design: A review of novel approaches for strengthening security and enhancing usability,” Unpublished manuscript, 2023.
Dayanand, W. J. a. K. J. (2023). Machine Learning-Based CAPTCHA defenses for mobile and IoT devices. ijaec.rpress.co.in. https://doi.org/10.8845/4w94jk96
Brand, I. (2024, July 5). Assessing the future of CAPTCHA in cyber defense. Indonesia Brand. https://www.indonesiabrand.co.id/blog/assessing-the-future-of-captcha-in-cyber-defense/?utm_source=chatgpt.com
Bursztein, E., Bethard, S., Fabry, C., Mitchell, J. C., & Jurafsky, D. (2011). How good are humans at solving CAPTCHAs? A large scale evaluation. “IEEE Symposium on Security and Privacy”, 399-413.
Goodfellow, I. J., Bulatov, Y., Ibarz, J., Arnoud, S., & Shet, V. (2014). Multi-digit number recognition from street view imagery using deep convolutional neural networks. “arXiv preprint arXiv:1312.6082”.
Tam, J., Simsa, J., Hyde, S., & von Ahn, L. (2008). Breaking audio CAPTCHAs. “Advances in Neural Information Processing Systems”, 1625-1632.
Acién, A., Morales, A., Fierrez, J., Vera-Rodríguez, R., & Delgado-Mohatar, Ó. (2021). BeCAPTCHA: Behavioral bot detection using touchscreen and mobile sensors benchmarked on HuMIdb. Engineering Applications of Artificial Intelligence, 98, 104058. https://doi.org/10.1016/j.engappai.2020.104058
Bailey, K. O., Okolica, J. S., & Peterson, G. L. (2014). User identification and authentication using multi-modal behavioral biometrics. “Computers & Security”, 43, 77-89.
Monrose, F., & Rubin, A. D. (2000). Keystroke dynamics as a biometric for authentication. “Future Generation Computer Systems”, 16(4), 351-359.
Frank, M., Biedert, R., Ma, E., Martinovic, I., & Song, D. (2013). Touchalytics: On the applicability of touchscreen input as a behavioral biometric for continuous authentication. “IEEE Transactions on Information Forensics and Security”, 8(1), 136-148.
Gao, H., Wang, W., Qi, J., Wang, X., Liu, X., & Yan, J. (2016). The robustness of hollow CAPTCHAs. “Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security”, 1070-1081.
Bursztein, E., Martin, M., & Mitchell, J. C. (2014). Text-based CAPTCHA strengths and weaknesses. “ACM Transactions on Information and System Security (TISSEC)”, 16(1), 1-32.
Chellapilla, K., Larson, K., Simard, P. Y., & Czerwinski, M. (2005). Designing human friendly human interaction proofs (HIPs). “Proceedings of the SIGCHI Conference on Human Factors in Computing Systems”, 711-720.
Zhu, B. B., Yan, J., Li, Q., Yang, C., Liu, J., Xu, N., ... & Wang, Z. (2010). Attacks and design of image recognition CAPTCHAs. “Proceedings of the 17th ACM Conference on Computer and Communications Security”, 187-200.