356 research outputs found
CAPTCHA Accessibility Study of Online Forums
The rise of online forums has benefited disabled users, who take advantage of better communications and more inclusion into society. However, even with accessibility laws that are supposed to provide disabled people the same equal access as non-disabled users, sites have erected technical barriers, such as CAPTCHAs, that prevent users from taking full advantage of site capability. This study analyzes 150 online forums to determine if sites use CAPTCHAs, and what types are used. Each variety presents accessibility problems to disabled users and the results of the research show that most sites use text-based CAPTCHAs, but rarely provide alternatives that would help users with visual disabilities. The research presents alternatives that site designers may wish to consider in order to allow more disabled users to access their sites
Foundations, Properties, and Security Applications of Puzzles: A Survey
Cryptographic algorithms have been used not only to create robust ciphertexts
but also to generate cryptograms that, contrary to the classic goal of
cryptography, are meant to be broken. These cryptograms, generally called
puzzles, require the use of a certain amount of resources to be solved, hence
introducing a cost that is often regarded as a time delay---though it could
involve other metrics as well, such as bandwidth. These powerful features have
made puzzles the core of many security protocols, acquiring increasing
importance in the IT security landscape. The concept of a puzzle has
subsequently been extended to other types of schemes that do not use
cryptographic functions, such as CAPTCHAs, which are used to discriminate
humans from machines. Overall, puzzles have experienced a renewed interest with
the advent of Bitcoin, which uses a CPU-intensive puzzle as proof of work. In
this paper, we provide a comprehensive study of the most important puzzle
construction schemes available in the literature, categorizing them according
to several attributes, such as resource type, verification type, and
applications. We have redefined the term puzzle by collecting and integrating
the scattered notions used in different works, to cover all the existing
applications. Moreover, we provide an overview of the possible applications,
identifying key requirements and different design approaches. Finally, we
highlight the features and limitations of each approach, providing a useful
guide for the future development of new puzzle schemes.Comment: This article has been accepted for publication in ACM Computing
Survey
GOTCHA Password Hackers!
We introduce GOTCHAs (Generating panOptic Turing Tests to Tell Computers and
Humans Apart) as a way of preventing automated offline dictionary attacks
against user selected passwords. A GOTCHA is a randomized puzzle generation
protocol, which involves interaction between a computer and a human.
Informally, a GOTCHA should satisfy two key properties: (1) The puzzles are
easy for the human to solve. (2) The puzzles are hard for a computer to solve
even if it has the random bits used by the computer to generate the final
puzzle --- unlike a CAPTCHA. Our main theorem demonstrates that GOTCHAs can be
used to mitigate the threat of offline dictionary attacks against passwords by
ensuring that a password cracker must receive constant feedback from a human
being while mounting an attack. Finally, we provide a candidate construction of
GOTCHAs based on Inkblot images. Our construction relies on the usability
assumption that users can recognize the phrases that they originally used to
describe each Inkblot image --- a much weaker usability assumption than
previous password systems based on Inkblots which required users to recall
their phrase exactly. We conduct a user study to evaluate the usability of our
GOTCHA construction. We also generate a GOTCHA challenge where we encourage
artificial intelligence and security researchers to try to crack several
passwords protected with our scheme.Comment: 2013 ACM Workshop on Artificial Intelligence and Security (AISec
Approximate Bayesian Image Interpretation using Generative Probabilistic Graphics Programs
The idea of computer vision as the Bayesian inverse problem to computer
graphics has a long history and an appealing elegance, but it has proved
difficult to directly implement. Instead, most vision tasks are approached via
complex bottom-up processing pipelines. Here we show that it is possible to
write short, simple probabilistic graphics programs that define flexible
generative models and to automatically invert them to interpret real-world
images. Generative probabilistic graphics programs consist of a stochastic
scene generator, a renderer based on graphics software, a stochastic likelihood
model linking the renderer's output and the data, and latent variables that
adjust the fidelity of the renderer and the tolerance of the likelihood model.
Representations and algorithms from computer graphics, originally designed to
produce high-quality images, are instead used as the deterministic backbone for
highly approximate and stochastic generative models. This formulation combines
probabilistic programming, computer graphics, and approximate Bayesian
computation, and depends only on general-purpose, automatic inference
techniques. We describe two applications: reading sequences of degraded and
adversarially obscured alphanumeric characters, and inferring 3D road models
from vehicle-mounted camera images. Each of the probabilistic graphics programs
we present relies on under 20 lines of probabilistic code, and supports
accurate, approximately Bayesian inferences about ambiguous real-world images.Comment: The first two authors contributed equally to this wor
A Framework for Devanagari Script-based Captcha
Human Interactive Proofs (HIPs) are automatic reverse Turing tests designed
to distinguish between various groups of users. Completely Automatic Public
Turing test to tell Computers and Humans Apart (CAPTCHA) is a HIP system that
distinguish between humans and malicious computer programs. Many CAPTCHAs have
been proposed in the literature that text-graphical based, audio-based,
puzzle-based and mathematical questions-based. The design and implementation of
CAPTCHAs fall in the realm of Artificial Intelligence. We aim to utilize
CAPTCHAs as a tool to improve the security of Internet based applications. In
this paper we present a framework for a text-based CAPTCHA based on Devanagari
script which can exploit the difference in the reading proficiency between
humans and computer programs. Our selection of Devanagari script-based CAPTCHA
is based on the fact that it is used by a large number of Indian languages
including Hindi which is the third most spoken language. There is potential for
an exponential rise in the applications that are likely to be developed in that
script thereby making it easy to secure Indian language based applications.Comment: 10 pages, 8 Figures, CCSEA 2011 - First International Conference,
Chennai, July 15-17, 201
Investing in commitment : persistence in a joint action is enhanced by the perception of a partner's effort
Can the perception that one’s partner is investing effort generate a sense of commitment to a joint action? To test this, we developed a 2-player version of the classic snake game which became increasingly boring over the course of each round. This enabled us to operationalize commitment in terms of how long participants persisted before pressing a ‘finish’ button to conclude each round. Our results from three experiments reveal that participants persisted longer when they perceived what they believed to be cues of their partner’s effortful contribution (Experiment 1). Crucially, this effect was not observed when they knew their partner to be an algorithm (Experiment 2), nor when it was their own effort that had been invested (Experiment 3). These results support the hypothesis that the perception of a partner’s effort elicits a sense of commitment, leading to increased persistence in the face of a temptation to disengage
- …