Using Automatic Speech Recognition for Attacking Acoustic CAPTCHAs: The Trade-off between Usability and Security

Presentation pdf 2.4MB

Acoustic CAPTCHAs are designated to help blind users navigating the web but hindering bots. In this work we successfully defeat reCAPTCHA with a significantly higher success rate than reported in previous studies. Furthermore, we propose a CAPTCHA that exploits specific capabilities of the human auditory system, rendering the task hard for current machines. We show that the proposed CAPTCHA exhibits a far better trade-off between human usability and security than the current quasi-standard of reCAPTCHA.

Author(s):

Hendrik Meutzner    
Horst Görtz Institute for IT-Security (HGI), Ruhr-University Bochum
Germany

Viet Hung Nguyen    
Horst Görtz Institute for IT-Security (HGI), Ruhr-University Bochum
Germany

Thorsten Holz    
Horst Görtz Institute for IT-Security (HGI), Ruhr-University Bochum
Germany

Dorothea Kolossa    
Horst Görtz Institute for IT-Security (HGI), Ruhr-University Bochum
Germany