Image based captcha
A brief overview of the most famous implementations.
<A
href = " gs264.sp.cs.cmu.edu/cgi-bin/esp-pix "> PIX CAPTCHA from Carnegie Mellon University - the so-called captcha using named images (naming images CAPTCHA) - the user sees several pictures and should choose the word which fits all the images shown. The main problem of this type of captchas is in errors when writing the word-answer and in the words-synonyms (for example: dog, dog, etc.) In this example, this is solved by selecting the answer option from the list prepared in advance.
KittenAuth by Oli Warner (Oli Warner) -
in order to prove their "humanity" the visitor must select images of all animals
a certain breed among the proposed. Unfortunately, a limited number of images allows
recreate a set of images manually.
Microsoft's Asirra - in general
similar to KittenAuth - the user must distinguish cats from dogs, but since it operates
a large number of ordered images (photographs of homeless animals from a specialized
site), then recreating the image database for the purpose of hacking is impossible. <A
href = " infolab.stanford.edu/~wangz/project/imsearch/IMAGINATION/ACM05/datta.pdf "> IMAGINATION
- captcha, which is passed in two steps. At the first stage, the user clicks on the picture, which
collected from several images and selects one of them. At the second stage the selected one is loaded.
image enlarged but very distorted. Also loaded versions of the names of what is shown in the picture,
and the user must select the correct answer from the list.
Why are captchas using images far from being as popular as text?
I will not touch on the comparative analysis of the possibility of hacking, some thoughts on this
can find <a
href = " research.microsoft.com/asirra/security.aspx "> here
and <a
href = " www.eecs.berkeley.edu/Pubs/TechRpts/2004/5256.html "> here.
I just want to express my point of view as a web developer. So why?
I want to note that this is by no means a critic, I am just trying to answer the question asked above.
I’ll add up the above: image-based captcha could be a good alternative
text, if it consisted of one small image that was created based on a limited
set of pictures.
Idea Look at the following two images
It's pretty easy to see that the right image is slightly distorted, and it's pretty easy to figure out exactly where.
In order to notice the distortion of the original image is practically not necessary. A man can easily cope
with such a task, without even knowing what exactly should be depicted - unless it is an expressionist picture :).
Implementation
Captcha, built on the basis of the above idea, for its solution requires the visitor to click on
distorted part of the image. The location of the click is marked with a red dot. Correct clicked - passed, no - not so.
Perhaps this type of captcha even
more user friendly than classic text captcha (one click instead of typing 5-6 letters).
Regarding security: image-based captcha can be cracked using techniques
similar to those used for breaking text captchas.
In the end, it is better to see once than read a hundred times. Here you can see what a working example of such a captcha looks like , and if you write on ASP.Net, then
here you can download the ready control .
<A
href = " gs264.sp.cs.cmu.edu/cgi-bin/esp-pix "> PIX CAPTCHA from Carnegie Mellon University - the so-called captcha using named images (naming images CAPTCHA) - the user sees several pictures and should choose the word which fits all the images shown. The main problem of this type of captchas is in errors when writing the word-answer and in the words-synonyms (for example: dog, dog, etc.) In this example, this is solved by selecting the answer option from the list prepared in advance.
KittenAuth by Oli Warner (Oli Warner) -
in order to prove their "humanity" the visitor must select images of all animals
a certain breed among the proposed. Unfortunately, a limited number of images allows
recreate a set of images manually.
Microsoft's Asirra - in general
similar to KittenAuth - the user must distinguish cats from dogs, but since it operates
a large number of ordered images (photographs of homeless animals from a specialized
site), then recreating the image database for the purpose of hacking is impossible. <A
href = " infolab.stanford.edu/~wangz/project/imsearch/IMAGINATION/ACM05/datta.pdf "> IMAGINATION
- captcha, which is passed in two steps. At the first stage, the user clicks on the picture, which
collected from several images and selects one of them. At the second stage the selected one is loaded.
image enlarged but very distorted. Also loaded versions of the names of what is shown in the picture,
and the user must select the correct answer from the list.
Why are captchas using images far from being as popular as text?
I will not touch on the comparative analysis of the possibility of hacking, some thoughts on this
can find <a
href = " research.microsoft.com/asirra/security.aspx "> here
and <a
href = " www.eecs.berkeley.edu/Pubs/TechRpts/2004/5256.html "> here.
I just want to express my point of view as a web developer. So why?
- They are too big. Captcha should not occupy a dominant position on the page.
This is just an additional element that serves to filter out bots when filling out forms or
receiving any data. - Traffic. Several pictures, each about 5-10 kilobytes,
together it is quite a lot, as for a single page. Visitors using channels from
low bandwidth (same dial-up) will be unpleasantly surprised. - Inconsistency of the general concept of the site. Captcha with cats (or dolphins) suitable for entertainment.
sites, but it will, for example, look weird on the website of the medical institution. You can, of course, pick up
several pictures on medical topics, but, by analogy with Asirra, it is difficult to find a site with a large
number of photos of homeless doctors :) - The laborious process of creating and streamlining the image base.
I want to note that this is by no means a critic, I am just trying to answer the question asked above.
I’ll add up the above: image-based captcha could be a good alternative
text, if it consisted of one small image that was created based on a limited
set of pictures.
Idea Look at the following two images
| <Img style = "border: black 1px solid" src = " habrastorage.org/getpro/habr/olpictures/892/7aa/7f2/8927aa7f2fd72d115a5f493bb1b33dd4.jpg "> | <Img style = "border: black 1px solid" src = " habrastorage.org/getpro/habr/olpictures/4a6/d27/ffc/4a6d27ffc2e29f458df5e2d79c57a101.jpg "> | |
| Original | Distorted |
It's pretty easy to see that the right image is slightly distorted, and it's pretty easy to figure out exactly where.
In order to notice the distortion of the original image is practically not necessary. A man can easily cope
with such a task, without even knowing what exactly should be depicted - unless it is an expressionist picture :).
Implementation
Captcha, built on the basis of the above idea, for its solution requires the visitor to click on
distorted part of the image. The location of the click is marked with a red dot. Correct clicked - passed, no - not so.
Perhaps this type of captcha even
more user friendly than classic text captcha (one click instead of typing 5-6 letters).
Regarding security: image-based captcha can be cracked using techniques
similar to those used for breaking text captchas.
In the end, it is better to see once than read a hundred times. Here you can see what a working example of such a captcha looks like , and if you write on ASP.Net, then
here you can download the ready control .
')
Source: https://habr.com/ru/post/17044/
All Articles