Breaking Visual CAPTCHAs with Naive Pattern Recognition Algorithms

  1. Lookup NU author(s)
  2. Dr Jeff Yan
  3. Ahmad El Ahmad
Author(s)Yan J, Salah El Ahmad A
Publication type Conference Proceedings (inc. Abstract)
Conference NameProceedings of the 23rd Annual Computer Security Applications Conference (ACSAC)
Conference LocationMiami Beach, Florida
Year of Conference2007
Source Publication Date10-14 December 2007
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
Visual CAPTCHAs have been widely used across the Internet to defend against undesirable or malicious bot programs. In this paper, we document how we have broken most such visual schemes provided at, a publicly available web service for CAPTCHA generation. These schemes were effectively resistant to attacks conducted using a high-quality Optical Character Recognition program, but were broken with a near 100% success rate by our novel attacks. In contrast to early work that relied on sophisticated computer vision or machine learning algorithms, we used simple pattern recognition algorithms but exploited fatal design errors that we discovered in each scheme. Surprisingly, our simple attacks can also break many other schemes deployed on the Internet at the time of writing: their design had similar errors. We also discuss defence against our attacks and new insights on the design of visual CAPTCHA schemes.
ActionsLink to this publication
Library holdingsSearch Newcastle University Library for this item