CAPTCHA Security Enhancement Method Incorporating Multiple Style Migration and Adversarial Examples

doi:10.3969/j.issn.1671-1122.2022.10.018

Abstract

Abstract:

Completely automated public turing test to tell computers and humans apart(CAPTCHA) plays an important role in preventing automated attacks against Web services, but it is difficult to provide effective security protection when facing cracking tools with automatic recognition technology. If highly distorted and other brute force methods are used, it is difficult to recognize even by human eyes. This paper proposed a CAPTCHA security enhancement method incorporating multiple style migration and adversarial examples to defend unknown machine recognition by multiple style transfer while preserving the original content, and added noise to attack common models by adversarial examples to deceive neural networks. Experimental results on the text CAPTCHA dataset show that the generation algorithm proposed in this paper has a lower machine recognition rate and effectively improves the security of text CAPTCHA.

Key words: CAPTCHA, deep learning, image style transfer, adversarial examples, convolutional neural network

CLC Number:

TP309

ZHANG Zhi, LI Xin, YE Naifu, HU Kaixi. CAPTCHA Security Enhancement Method Incorporating Multiple Style Migration and Adversarial Examples[J]. Netinfo Security, 2022, 22(10): 129-135.

Figures/Tables 8

References 17

[1]	BURSZTEIN E, MARTIN M, MITCHELL J. Text-Based CAPTCHA Strengths and Weaknesses[C]// ACM. In Proceedings of the 18th ACM Conference on Computer and Communications Security. New York: ACM, 2011: 125-138.
[2]	SOUPIONIS Y, GRITZALIS D. Audio CAPTCHA: Existing Solutions Assessment and a New Implementation for VoIP Telephony[J]. Computers & Security, 2010, 29(5): 603-618.
[3]	BURSZTEIN E, MARTIN M, MITCHELL J. Text-Based CAPTCHA Strengths and Weaknesses[C]// ACM. Proceedings of the 18th ACM Conference on Computer and Communications Security. New York: ACM, 2011: 125-138.
[4]	DAS M S, RAO K R M, BALAJI P. Neural-Based Hit-Count Feature Extraction Method for Telugu Script Optical Character Recognition[J]. Innovations in Electronics and Communication Engineering, 2019(33): 479-486.
[5]	SCHMIDHUBER J. Deep Learning in Neural Networks: An Overview[J]. Neural Networks, 2015(61): 85-117.
[6]	GREGOR K, DANIHELKA I, GRAVES A, et al. DRAW: A Recurrent Neural Network for Image Generation[C]// ACM. Proceedings of the 32nd International Conference on International Conference on Machine Learning. New York: ACM, 2015: 1462-1471.
[7]	HE Kaiming, ZHANG Xiangyu, REN Shaoqing, et al. Deep Residual Learning for Image Recognition[C]// IEEE. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. New York: IEEE, 2016: 770-778.
[8]	LI Chuan, WAND M. Combining Markov Random Fields and Convolutional Neural Networks for Image Synthesis[C]// IEEE. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. New York: IEEE, 2016: 2479-2486.
[9]	LECUN Y, BOTTOU L, BENGIO Y, et al. Gradient-Based Learning Applied to Document Recognition[J]. Proceedings of the IEEE, 1998, 86(11): 2278-2324.
[10]	GATYS L A, ECKER A S, BETHGE M. Image Style Transfer Using Convolutional Neural Networks[C]// IEEE. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. New York: IEEE, 2016: 2414-2423.
[11]	KWON H, YOON H, PARK K. CAPTCHA Image Generation Using Style Transfer Learning in Deep Neural Network[C]// Springer. Proceedings of the 20th World Conference on Information Security Applications (WISA 2019). Berlin: Springer, 2019: 234-246.
[12]	HASAN W A. A Survey of Current Research on CAPTCHA[J]. International Journal of Computer Science and Applications, 2016, 7(3): 141-157.
[13]	OSADCHY M, HERNANDEZ-CASTRO J, GIBSON S, et al. No Bot Expects the DeepCAPTCHA! Introducing Immutable Adversarial Examples, with Applications to CAPTCHA Generation[J]. IEEE Transactions on Information Forensics and Security, 2017, 12(11): 2640-2653.
[14]	HU Wei, ZHAO Wenlong, CHEN Lu, et al. An Improved JSMA Algorithm against Sample Attack Based on Logits Vector[J]. Netinfo Security, 2022, 22(3): 62-69.
	胡卫, 赵文龙, 陈璐, 等. 基于Logits向量的JSMA对抗样本攻击改进算法[J]. 信息网络安全, 2022, 22(3): 62-69.
[15]	LEI Yu, LIU Jia, LI Jun, et al. Research and Implementation of a Image Steganography Method Based on Conditional Generative Adversarial Networks[J]. Netinfo Security, 2021, 21(11): 48-57.
	雷雨, 刘佳, 李军, 等. 一种基于条件生成对抗网络的图像隐写方法研究与实现[J]. 信息网络安全, 2021, 21(11): 48-57.
[16]	MA Jun, WANG Xiaowu, ZHU Yongchuan, et al. Study on the Verification Code Anti-Crawler Mechanism Based on the Generation of Adversarial Samples[J]. Applied Science and Technology, 2021, 48(6): 45-50.
	马军, 王效武, 朱永川, 等. 基于对抗样本生成的验证码反爬虫机制研究[J]. 应用科技, 2021, 48(6): 45-50.
[17]	SHEN Yanyu, ZHANG Sanfeng, CAO Jiuxin. An Adversarial Sample-Based Security Enhancement Method for CAPTCHA[J]. Cyberspace Security, 2020, 11(8): 11-16.
	沈言玉, 张三峰, 曹玖新. 一种基于对抗样本的验证码安全性增强方法[J]. 网络空间安全, 2020, 11(8): 11-16.

模型	准确率
VGG	99.74％
ResNet	97.04％
GoogLeNet	99.08％
DenseNet	98.66％

模型	原始准确率	对使用一种风格样式的文本验证码识别准确率	对使用两种风格样式的文本验证码识别准确率	经过对抗攻击扰动后文本验证码识别准确率
VGG	99.74％	73.17％	0.23％	0％
ResNet	97.04％	56.80％	0.09％	0％
GoogLeNet	99.08％	79.16％	1.80％	0％
DenseNet	98.66％	39.44％	0％	0％

识别模型生成模型	VGG	ResNet	GoogLeNet	DenseNet
VGG	2.810％	4.630％	4.710％	3.150％
ResNet	0％	0.280％	0.530％	0％
GoogLeNet	2.540％	6.600％	6.860％	4.590％
DenseNet	0.035％	0.390％	0.660％	0.055％