A team of researchers has built an AI tool that is capable of reading text captcha schemes which are used to protect the majority of popular websites from cyber attacks.
 |
| Third party image reference |
The tool uses an algorithm that is based on deep learning methods and is the most effective solver of captcha and authentication systems till date. It can also spell the end for this widely used security method.
Text-based captcha is basically a mix of letter and numbers alongside security features like occluding lines, to determine the difference between humans and malicious programmes.
The whole system relies on users finding it easy to decipher the words compared to machines. The tool, developed by Lancaster University in the UK, Northwest University in the US and Peking University in China offers a high accuracy rate compared to previous captcha attack systems.
The tool can solve versions of captcha where previous systems gave up. Moreover, the new tool is swift and can solve a captcha within 0.05 of a second through a desktop PC, researchers claim.
The researchers have trained the AI tool by showing it a large number of training captchas that are indistinguishable from genuine captchas. Once the solver is shown all the captchas, it is then tested against the real captchas.
The researchers were able to reduce the effort and time required to manually tag captchas using a machine-learned automatic captcha generator, and teach their software. It only needs up to 500 genuine captchas for training. Previous versions of the captcha solver were restricted to a particular variation of the captcha.
Machine learning attack systems are difficult to built and requires a lot of manual tagging of captchas to train the system. Since the new solver needs a bit of human assistance, it will be able to rebuilt to target new or modified captcha schemes. This could be both good and bad, depending on how the new tool is put to use.
Tags:
security