Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2023 Feb 20;23(4):2338.
doi: 10.3390/s23042338.

New Cognitive Deep-Learning CAPTCHA

Nghia Dinh Trong  1 Thien Ho Huong  2 Vinh Truong Hoang  2
Affiliations

New Cognitive Deep-Learning CAPTCHA

Nghia Dinh Trong et al. Sensors (Basel). .

Abstract

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart), or HIP (Human Interactive Proof), has long been utilized to avoid bots manipulating web services. Over the years, various CAPTCHAs have been presented, primarily to enhance security and usability against new bots and cybercriminals carrying out destructive actions. Nevertheless, automated attacks supported by ML (Machine Learning), CNN (Convolutional Neural Network), and DNN (Deep Neural Network) have successfully broken all common conventional schemes, including text- and image-based CAPTCHAs. CNN/DNN have recently been shown to be extremely vulnerable to adversarial examples, which can consistently deceive neural networks by introducing noise that humans are incapable of detecting. In this study, the authors improve the security for CAPTCHA design by combining text-based, image-based, and cognitive CAPTCHA characteristics and applying adversarial examples and neural style transfer. Comprehend usability and security assessments are performed to evaluate the efficacy of the improvement in CAPTCHA. The results show that the proposed CAPTCHA outperforms standard CAPTCHAs in terms of security while remaining usable. Our work makes two major contributions: first, we show that the combination of deep learning and cognition can significantly improve the security of image-based and text-based CAPTCHAs; and second, we suggest a promising direction for designing CAPTCHAs with the concept of the proposed CAPTCHA.

Keywords: CAPTCHA; cognitive; deep learning; security.

PubMed Disclaimer

Conflict of interest statement

The authors declare no conflict of interest.

Figures

Figure 1
Figure 1
zxCAPTCHA design.
Figure 2
Figure 2
Logic CAPTCHA architecture.
Figure 3
Figure 3
Overall network architecture.
Figure 4
Figure 4
Loss network VGG-16.
Figure 5
Figure 5
Style-transfer network.
Figure 6
Figure 6
Style-prediction network.
Figure 7
Figure 7
GA optimization steps.
Figure 8
Figure 8
Text-based CAPTCHA generation.
Figure 9
Figure 9
Grid-based CAPTCHA generation.
Figure 10
Figure 10
Cognitive-based types.
Figure 11
Figure 11
Security evaluation.
Figure 12
Figure 12
Usability evaluation.
Figure 13
Figure 13
Real example of zxCAPTCHA.
Figure 14
Figure 14
User distribution, (a) by genders, (b) by ages, and (c) by education.
Figure 14
Figure 14
User distribution, (a) by genders, (b) by ages, and (c) by education.
Figure 15
Figure 15
Relay attack steps.
See this image and copyright information in PMC

References

    1. Inayat U., Zia M.F., Mahmood S., Khalid H.M., Benbouzid M. Learning-Based Methods for Cyber Attacks Detection in IoT Systems: A Survey on Methods, Analysis, and Future Prospects. Electronics. 2022;11:1502. doi: 10.3390/electronics11091502. - DOI
    1. von Ahn L., Blum M., Hopper N.J., Langford J. Eurocrypt. Springer; Berlin/Heidelberg, Germany: 2003. CAPTCHA: Using Hard AI Problems for Security.
    1. Szegedy C., Zaremba W., Sutskever I., Bruna J., Erhan D., Goodfellow I.J., Fergus R. Intriguing properties of neural networks. arXiv. 20131312.6199
    1. Gatys L., Ecker A., Bethge M. A Neural Algorithm of Artistic Style. arXiv. 2015 doi: 10.1167/16.12.326.1508.06576 - DOI
    1. Gao H., Tang M., Liu Y., Zhang P., Liu X. Research on the Security of Microsoft’s Two-Layer Captcha. IEEE Trans. Inf. Secur. 2017;12:1671–1685. doi: 10.1109/TIFS.2017.2682704. - DOI

LinkOut - more resources