COMPUTER MALWARE FINAL PROJECT PROPOSAL THE WAR AGAINST CAPTCHA WITH IMPLEMENTATION OF THE WORLDS MOST ACCURATE CAPTCHA BREAKER By Huy Truong & Kathleen.

Slides:

Advertisements

Similar presentations

Copyright, The Malware Menagerie Roger Clarke, Xamax Consultancy, Canberra Visiting Professor in Cyberspace Law & Policy at U.N.S.W., eCommerce.

Advertisements

Who: Jake Munson Company: Idaho Power Website: Location: Kuna, ID Attack of the spam bots.

- A Powerful Computing Technology Department of Computer Science Wayne State University 1.

Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs.

Cryptanalysis of a Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

A Survey of Botnet Size Measurement PRESENTED: KAI-HSIANG YANG ( 楊凱翔 ) DATE: 2013/11/04 1/24.

CAPTCHA: Using Hard AI Problems for Security 12 Jun 2007 Ohad Barak (a.k.a. jo) Luis Von Ahn, EuroCrypt 2003.

CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart A Computer Program that can generate and grade test that: Most Humans.

A Low-cost Attack on a Microsoft CAPTCHA Yan Qiang,

CAPTCHA Presented by: Sari Louis SPAM Group: Marc Gagnon, Sari Louis, Steve White University of Illinois Spring 2006.

Breaking an Animated CAPTCHA Scheme

CAPTCHA Presented By Sayani Chandra (Roll )

Jeff Yan School of Computing Science Newcastle University, UK (Joint work with Ahmad Salah El Ahmad) Usability of CAPTCHAs Or “usability issues in CAPTCHA.

CAPTCHA & THE ESP GAME SHAH JAYESH CS575SPRING 2008.

1 CAPTCHA Challenges for Massively Multiplayer Online Games 2010 International Conference on Cyberworlds Authors: Yang-Wai Chow, Willy Susilo, Hua-Yu Zhou.

Human Computation CSC4170 Web Intelligence and Social Computing Tutorial 7 Tutor: Tom Chao Zhou

PROJECT IN COMPUTER SECURITY MONITORING BOTNETS FROM WITHIN FINAL PRESENTATION – SPRING 2012 Students: Shir Degani, Yuval Degani Supervisor: Amichai Shulman.

IS1500: Introduction to Web Development

To Protect What Matters!! Protection Against Computer Virus Unit portfolio presentation by Saira Imtiaz.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Final Project Outline (16/11/2009) Dr. Ahmad BinTouq URL:

Matthias Neubauer CAPTCHA What humans can do, But computers can not.

Mrs. Beth Cueni Carnegie Mellon

CAPTCHA 1 Are you Human? (Sorry, I had to ask). CAPTCHA 2 Agenda What is CAPTCHA? Types of CAPTCHA Where to use CAPTCHAs? Guidelines when making a CAPTCHA.

Recognizing some of the modern CAPTCHAs Dmitry Nikulin LCME, Saint-Petersburg, 2011.

intelligence study and design of intelligent agentsis the intelligence of machines and the branch of computer science that aims to create it. AI textbooks.

Part 2  Access Control 1 CAPTCHA Part 2  Access Control 2 Turing Test Proposed by Alan Turing in 1950 Human asks questions to another human and a computer,

Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.

Exploration Seminar 3 Human Computation Roy McElmurry.

Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.

To Protect What Matters!! Protection Against Computer Virus Unit portfolio presentation by Saira Imtiaz.

Preventing Automated Use of STMP Reservation System Using CAPTCHA.

Password Security & Software Encryption n John Barthmaier n October 21, 2009.

Program Reviews Introduction to Process and Product April 18, 2006.

David Evans Nate Paul Anh Nguyen-Tuong CS851: Malware University of Virginia Computer Science Malware Seminar Fall 2004.

Presented By: Abirami Poonkundran Authors: Jeff Yan, Ahmad El Ahmad.

Biometrics Authentication Bruce Maggs. 2 Biometric Identifiers Fingerprints, palm prints Palm veins Hand shape Facial image DNA Iris, retinal images Odor.

Designing Human Friendly Human Interaction Proofs (HIPs) Kumar Chellapilla, Kevin Larson, Patrice Simard and Mary Czerwinski Microsoft Research Presented.

Progress presentation

Application Layer Attack. DDoS DDoS – Distributed Denial of Service Why would any one want to do this? In some cases, for bringing down service of competitors,

Understand Malware LESSON Security Fundamentals.

Introduction1-1 Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  circuit switching,

CAP Malware and Software Vulnerability Analysis Term Project Proposal - Spring 2009 Professor: Dr. Zou Team members: Andrew Mantel & Peter Matthews.

By: Steven Baker.  What is a CAPTCHA?  History of CAPTCHA  Applications of CAPTCHAs  Accessibility  Examples of CAPTCHAs  reCAPTCHA  Vulnerabilities.

Separating man from machine since 2000….. ?. Agenda  Definition  History  Need  Types  Constructing CAPTCHAs  Breaking CAPTCHAs  Applications 

Threats To Data 30 Threats To Data 30. Threats To Data 30 We’re now going to look at a range of different threats to people’s data: Opportunity Threats.

CAPTCHA What humans can do, But computers can not.

Usability of CAPTCHAs Or usability issues in CAPTCHA design Authors: Jeff Yan and Ahmad Salah El Ahmad Presented By: Kim Giglia CSC /19/2008.

SUBMITTED TO:-SUBMITTED BY:- Ms.Kavita KhannaShruty Ahuja H.O.D(CSE DEPARTMENT)02/MT/10 PDM,BAHADURGARHCE(2 ND SEM)

Billy Vivian Dr. Oblitey COSC  What is CAPTCHA?  History  Uses  Artificial Intelligence Relationship  reCAPTCHA  Works Cited.

CAPTCHA Presented by: Md.R ahim 08B21A Agenda Definition Background Motivation Applications Types of CAPTCHAs Breaking CAPTCHAs Proposed Approach.

SANDEEP MEHTA (ECE, IV Year). CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart Invented at CMU by Luis von Ahn, Manuel.

A lustrum of malware network communication: Evolution & insights

Administrative Details

Presented b by COD & Chicago Computers

Lesson 3 Safe Computing.

3.6 Fundamentals of cyber security

Are you Human?.

Breaking Visual CAPTCHAs with Naïve Pattern Recognition Algorithms

Understand Core Security Principles

Mrs. Beth Cueni Carnegie Mellon

A novel probabilistic language-based CAPTCHA system

590 Web Scraping – Handling Images

Of Mice and Men Unit Plan Grade 10

Programming for Computer Games

Operating Systems Protections

Presented By Vibhute J.B. Class : M.Sc. (CS)

Introduction to Internet Worm

Week 7 - Wednesday CS363.

Presentation transcript:

COMPUTER MALWARE FINAL PROJECT PROPOSAL THE WAR AGAINST CAPTCHA WITH IMPLEMENTATION OF THE WORLDS MOST ACCURATE CAPTCHA BREAKER By Huy Truong & Kathleen Stoeckle Mar 18, 2009

Introduction The first virus was written in The computer boom also caused a boom in viruses and malware. Computer bots: programs that perform automated tasks. Malicious functions: Propagate spam Mass registration on websites Brute force attacks on passwords

Overview of CAPTCHA Completely Automated Public Turing Test to Tell Computers and Humans Apart Coined by Luis von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford Function: Generate tests to distinguish humans from malicious programs. Most prevalently used type of CAPTCHA: Text- based scheme.

Overview of CAPTCHA, continued A good CAPTCHA must be: Legible by humans Unrecognizable to pattern recognization algorithms. CAPTCHAs are NOT foolproof.

Proposed Survey Survey the history and current technologies of CAPTCHA breaker Analyze academic papers and other publications that related to CAPTCHA breakers There are three main approaches in breaking CAPTCHA, including [3]: exploiting bugs of several CAPTCHA implementations defeating CAPTCHA by improving character recognition algorithm using a human CAPTCHA solver Analyze and study representative techniques for each approach. Survey the details of these techniques including: How does the technique work? What are the targeted CATPCHA implementations? What are the breakthrough technologies? Does the technique work and how effective is it? Has it been used to attack established websites? How did the CATPCHA developers mitigate the attack?

Proposed Implementation Our second goal for the final project is to implement one of the surveyed techniques. The software will be demonstrated at the Final Project demonstration. A summary of the implementation will be included in the papers which describe: What we implemented? Collected data and results Lesson and learn from the experiences Ideas to improve the implementation and future works

Project Timeline Mar 18, 2009 Submit the final project proposal paper and presentation Mar 27, 2009 Research the War against CATPCHA landscape Pick the techniques to analyze & Select a technique to implement Apr 3, 2009 Complete the outline for the survey & the survey overview Detail design for the technique implementation Apr 10, 2009 Complete the write up for two out of three approaches Develop CAPTCHA test site & start on the implementation Apr 17, 2009 Complete the write up for all three approaches Complete Implement and test the selected CAPTCHA technique Apr 22, 2009 Write up the implementation experience Have a paper review and proofread Perform test on the software and collect statistics data Apr 24, 2009 Develop the presentation and demonstration

References Thomas M. Chen, Statistical Methods in Computer Security, The Evolution of Viruses and Worms, Jeff Yan, Ahmad Salah El Ahmad, A Low-Cost Attack on a Microsoft CAPTCHA, df df Wikipedia, CAPTCHA,