Internet services are increasingly abused by malicious scripts that try to mimic human users. Reverse Turing tests are challenges used to differentiate humans from computers. Visual reverse Turing tests use visual challenges, such as distorted character recognition tasks, that are easily solved by humans, while remaining too hard for automatic scripts. In this project, we demonstrate that the computational and development cost of a script breaking through some currently deployed visual reverse Turing tests is low, thus making them ineffective in protecting these services. We several case studies of successful attacks on character-based tests that are currently used to protect public web services. Our attacks utilize image processing techniques and also exploit flaws in the test deployment.

Resources:

• Here is a posterabout CAPACHAs that was shown atCyber Security Week (CSAW)