Text-based CAPTCHA Strengths and Weaknesses

Warning: the attack techniques and design guidelines described in this paper are obsolete due to the invention of generalized techniques to break text captchas as described in this paper.


We carry out a systematic study of existing visual CAPTCHAs based on distorted characters that are augmented with anti-segmentation techniques. Applying a systematic evaluation methodology to 15 current CAPTCHA schemes from popular web sites, we find that 13 are vulnerable to automated attacks. Based on this evaluation, we identify a series of recommendations for CAPTCHA designers and attackers, and possible future directions for producing more reliable human/computer distinguishers.

Computer and Communications Security (CCS) 2011
captcha - offensive technologies - study - web security - machine learning - captcha

Discuss this paper on your favorite social network.


Keep in touch with Elie's blog

Enter your email to receive new blog posts in your inbox

Elie Bursztein © 2016
About Me

Recent entries