Towards Understanding the Security of Modern Image Captchas and Underground Captcha-Solving Services

Haiqin Weng; Binbin Zhao; Shouling Ji; Jianhai Chen; Ting Wang; Qinming He; Raheem Beyah

doi:10.26599/BDMA.2019.9020001

| Sign up

PDF (5 MB)

Cite

EndNote(RIS) BibTeX

Collect

Submit Manuscript

Show Outline

Figures (14)

Fig. 1

Fig. 2

Fig. 3

Fig. 4

Fig. 5

Fig. 6

Fig. 7

Fig. 8

Fig. 9

Tables (10)

Table 1

Table 2

Table 3

Table 4

Table 5

Open Access

Towards Understanding the Security of Modern Image Captchas and Underground Captcha-Solving Services

Haiqin Weng, Binbin Zhao, Shouling Ji(), Jianhai Chen, Ting Wang, Qinming He, Raheem Beyah

∙ College of Computer Science and Technology, Zhejiang University, Hangzhou 310058, China.

∙ Department of Computer Science and Engineering, Lehigh University, Bethlehem, PA 19019, USA.

∙ School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, GA 30302, USA.

Show Author Information

Abstract

Image captchas have recently become very popular and are widely deployed across the Internet to defend against abusive programs. However, the ever-advancing capabilities of computer vision have gradually diminished the security of image captchas and made them vulnerable to attack. In this paper, we first classify the currently popular image captchas into three categories: selection-based captchas, slide-based captchas, and click-based captchas. Second, we propose simple yet powerful attack frameworks against each of these categories of image captchas. Third, we systematically evaluate our attack frameworks against $10$ popular real-world image captchas, including captchas from tencent.com, google.com, and 12306.cn. Fourth, we compare our attacks against nine online image recognition services and against human labors from eight underground captcha-solving services. Our evaluation results show that (1) each of the popular image captchas that we study is vulnerable to our attacks; (2) our attacks yield the highest captcha-breaking success rate compared with state-of-the-art methods in almost all scenarios; and (3) our attacks achieve almost as high a success rate as human labor while being much faster. Based on our evaluation, we identify some design flaws in these popular schemes, along with some best practices and design principles for more secure captchas. We also examine the underground market for captcha-solving services, identifying $152$ such services. We then seek to measure this underground market with data from these services. Our findings shed light on understanding the scale, impact, and commercial landscape of the underground market for captcha solving.

Keywords

image captchas captcha security captcha-solving service underground market

References

[1]

Von Ahn

, M.

Blum

, N. J.

Hopper

, and J.

Langford

, CAPTCHA: Using hard AI problems for security, in Proc. 2003 Int. Conf. the Theory and Applications of Cryptographic Techniques, Warsaw, Poland, 2003.

Crossref

[2]

Chew

and J. D.

Tygar

, Image recognition CAPTCHAs, in Proc. 7th Int. Conf. Information Security, Palo Alto, CA, USA, 2004.

Crossref

[3]

K. F.

Hwang

, C. C.

Huang

, and G. N.

You

, A spelling based CAPTCHA system by using click, in Proc. 2012 Int. Symp. Biometrics and Security Technologies, Taipei, China, 2012.

Crossref

[4]

N. J.

Hopper

and M.

Blum

, Secure human identification protocols, in Proc. 7th Int. Conf. the Theory and Application of Cryptology and Information Security, Gold Coast, Australia, 2001.

Crossref

[5]

Sivakorn

, I.

Polakis

, and A. D.

Keromytis

, I am robot: (Deep) learning to break semantic image CAPTCHAs, in Proc. 2016 IEEE European Symp. Security and Privacy, Saarbrucken, Germany, 2016.

Crossref

[6]

H. Q.

, H. N.

Sun

, J.

Helt

, and T. S.

Lee

, Learning to associate words and images using a large-scale graph, arXiv preprint arXiv: 1705.07768, 2017.

Google Scholar

[7]

Mori

and J.

Malik

, Recognizing objects in adversarial clutter: Breaking a visual CAPTCHA, in Proc. 2003 IEEE Computer Society Conf. Computer Vision and Pattern Recognition, Madison, WI, USA, 2003.

[8]

Chellapilla

and P. Y.

Simard

, Using machine learning to break visual Human Interaction Proofs (HIPs), in Proc. 17th Int. Conf. Neural Information Processing Systems, Vancouver, Canada, 2004.

Crossref

[9]

Bursztein

, J.

Aigrain

, A.

Moscicki

, and J. C.

Mitchell

, A low-cost attack on a Microsoft CAPTCHA, in Proc. 15th ACM Conf. Computer and Communications Security, Alexandria, VA, USA, 2008.

[10]

Bursztein

, M.

Martin

, and J. C.

Mitchell

, Text-based CAPTCHA strengths and weaknesses, in Proc. 18th ACM Conf. Computer and Communications Security, Chicago, IL, USA, 2011.

Crossref

[11]

Bursztein

, J.

Aigrain

, A.

Moscicki

, and J. C.

Mitchell

, The end is nigh: Generic solving of text-based CAPTCHAs, in Proc. 8th USENIX Conf. Offensive Technologies, San Diego, CA, USA, 2004.

[12]

H. C.

Gao

, J.

Yan

, F.

Cao

, Z. Y.

Zhang

, L.

Lei

, M. Y.

Tang

, P.

Zhang

, X.

Zhou

, X. Q.

Wang

, and J. W.

, A simple generic attack on text captchas, in Proc. 23rd Annu. Network and Distributed System Security Symp., San Diego, CA, USA, 2016.

Crossref

[13]

Golle

, Machine learning attacks against the asirra CAPTCHA, in Proc. 15th ACM Conf. Computer and Communications Security, Alexandria, VA, USA, 2008.

Crossref

[14]

Lorenzi

, J.

Vaidya

, E.

Uzun

, S.

Sural

, and V.

Atluri

, Attacking image based CAPTCHAs using image recognition techniques, in Proc. 8th Int. Conf. Information Systems Security, Guwahati, India, 2012.

Crossref

[15]

Krizhevsky

, I.

Sutskever

, and G. E.

Hinton

, ImageNet classification with deep convolutional neural networks, in Proc. 25th Int. Conf. Neural Information Processing Systems, Lake Tahoe, NV, USA, 2012.

[16]

Girshick

, J.

Donahue

, T.

Darrell

, and J.

Malik

, Rich feature hierarchies for accurate object detection and semantic segmentation, in Proc. 2014 IEEE Conf. Computer Vision and Pattern Recognition, Columbus, OH, USA, 2014.

Crossref

[17]

S. Q.

Ren

, K. M.

, R.

Girshick

, and J.

Sun

, Faster R-CNN: Towards real-time object detection with region proposal networks, in Proc. 28th Int. Conf. Neural Information Processing Systems, Montreal, Canada, 2015.

[18]

Redmon

, S.

Divvala

, R.

Girshick

, and A.

Farhadi

, You only look once: Unified, real-time object detection, in Proc. 2016 IEEE Conf. Computer Vision and Pattern Recognition, Las Vegas, NV, USA, 2016.

Crossref

[19]

Liu

, D.

Anguelov

, D.

Erhan

, C.

Szegedy

, S.

Reed

, C. Y.

, and A. C.

Berg

, SSD: Single shot multibox detector, in Proc. 14th European Conf. Computer Vision, Amsterdam, Netherlands, 2016.

Crossref

[20]

K. M.

, X. Y.

Zhang

, S. Q.

Ren

, and J.

Sun

, Delving deep into rectifiers: Surpassing human-level performance on ImageNet classification, in Proc. 2015 IEEE Int. Conf. Computer Vision, Santiago, Chile, 2015.

Crossref

[21]

Elson

, J. R.

Douceur

, J.

Howell

, and J.

Saul

, Asirra: A CAPTCHA that exploits interest-aligned manual image categorization, in Proc. 14th ACM Conf. Computer and Communications Security, Alexandria, VA, USA, 2007.

[22]

Misra

and K.

Gaj

, Face recognition CAPTCHAs, in Proc. 2006 Advanced Int. Conf. Telecommunications and Int. Conf. Internet and Web Applications and Services, Guadelope, French, 2006.

Crossref

[23]

Kim

, J.

Yang

, and K.

Wohn

, AgeCAPTCHA: An image-based CAPTCHA that annotates images of human faces with their age groups, KSII Trans. Internet Inf. Syst., vol. 8, no. 3, pp. 1071-1092, 2014.

Crossref Google Scholar

[24]

Uzun

, S. P. H.

Chung

, I.

Essa

, and W.

Lee

, rtCaptcha: A real-time CAPTCHA based liveness detection system, in Proc. 25th Annu. Network and Distributed System Security Symp., San Diego, CA, USA, 2018.

Crossref

[25]

Lorenzi

, J.

Vaidya

, S.

Sural

, and V.

Atluri

, Web services based attacks against image CAPTCHAs, in Proc. 9th Int. Conf. Information Systems Security, Kolkata, India, 2013.

Crossref

[26]

LeCun

, B.

Boser

, J. S.

Denker

, D.

Henderson

, R. E.

Howard

, W. E.

Hubbard

, and L. D.

Jackel

, Backpropagation applied to handwritten zip code recognition, Neural Comput., vol. 1, no. 4, pp. 541-551, 1989.

Crossref Google Scholar

[27]

Girshick

, Fast R-CNN, in Proc. 2015 IEEE Int. Conf. Computer Vision, Santiago, Chile, 2015.

Crossref

[28]

Motoyama

, K.

Levchenko

, C.

Kanich

, D.

McCoy

, G. M.

Voelker

, and S.

Savage

, Re: CAPTCHAs: Understanding CAPTCHA-solving services in an economic context, in Proc. 19th USENIX Conf. Security, Washington, DC, USA, 2010.

[29]

Shin

, M.

Gupta

, and S. A.

Myers

, The nuts and bolts of a forum spam automator, in Proc. 4th USENIX Conf. Large-Scale Exploits and Emergent Threats, Boston, MA, USA, 2011.

[30]

Deng

, W.

Dong

, R.

Socher

, L. J.

, K.

, and F. F.

, ImageNet: A large-scale hierarchical image database, in Proc. 2009 IEEE Conf. Computer Vision and Pattern Recognition, Miami, FL, USA, 2009.

Crossref

[31]

I. J.

Goodfellow

, J.

Shlens

, and C.

Szegedy

, Explaining and harnessing adversarial examples, arXiv preprint arXiv: 1412.6572, 2014.

Google Scholar

[32]

X. J.

Liao

, S.

Alrwais

, K.

Yuan

, L. Y.

Xing

, X. F.

Wang

, S.

Hao

, and R.

Beyah

, Lurking malice in the cloud: Understanding and detecting cloud repository as a malicious service, in Proc. 2016 ACM SIGSAC Conf. Computer and Communications Security, Vienna, Austria, 2016.

Crossref

[33]

Polakis

, P.

Ilia

, F.

Maggi

, M.

Lancini

, G.

Kontaxis

, S.

Zanero

, S.

Ioannidis

, and A. D.

Keromytis

, Faces in the distorting mirror: Revisiting photo-based social authentication, in Proc. 2014 ACM SIGSAC Conf. Computer and Communications Security, Scottsdale, AZ, USA, 2014.

Crossref

Big Data Mining and Analytics

Volume 2 Issue 2,
June 2019

Pages 118-144

DOI: 10.26599/BDMA.2019.9020001

Cite this article:

Weng H, Zhao B, Ji S, et al. Towards Understanding the Security of Modern Image Captchas and Underground Captcha-Solving Services. Big Data Mining and Analytics, 2019, 2(2): 118-144. https://doi.org/10.26599/BDMA.2019.9020001

Return

10.26599/BDMA.2019.9020001.T001Table 1Summary of evaluation.

	Selection-based captcha	Slide-based captcha	Click-based captcha
Example
Captcha provider	12306.com	geetest.com	geetest.com
	google.com	tencent.com	tencent.com
	facebook.com	163.com	163.com
Attack	Sivakorn et al.^[5]	This paper	This paper
	Ya et al.^[6]
	This paper
Application Programming Interface (API)	GoogleAPI	$-$	BaiduOCR
	TencentAPI		GoogleOCR
	AliAPI		TencentOCR
	MirosoftAPI		AliOCR
			Face++OCR
Captcha-solving service	ruokuai
	yundama
	hyocr	ruokuai	ruokuai
	2captcha	hyocr	yundama
	AntiCaptcha	dama2	dama2
	Decaptcha
	imagetyperz

10.26599/BDMA.2019.9020001.T002Table 2Summary of real-world image captchas.

Type	Scheme	Provider	Scale
Selection-based captcha	ReCaptcha 2015	ReCaptcha	$O (million)$ users
	ReCaptcha 2018	ReCaptcha	$O (million)$ users
	China Railway	12306.cn	$O (billion)$ users
	Facebook	Facebook	$-$
Slide-based captcha	GEE SlidePuzzle	GEETest	$O (2 \times 10^{5})$ sites
	Tencent SlidePuzzle	Tencent	$O (billion)$ users
	Netease SlidePuzzle	Netease	$O (billion)$ users
Click-based captcha	GEE TouClick	GEETest	$O (2 \times 10^{5})$ sites
	Tencent TouClick	Tencent	$O (billion)$ users
	Netease TouClick	Neteast	$O (billion)$ users

10.26599/BDMA.2019.9020001.T003Table 3Statistics of the four schemes.

Scheme	Number of categories	Category
ReCaptcha 2015	$22$	artichoke, avocado, banana, beer, bread, cabbage, cake, cat, coffee, dog, guinea pig, hamburger, ice cream, pasta, pizza, rice dish, rose, sandwich, soup, steak, sushi, wine
ReCaptcha 2018	$7$	house, road, sky, street sign, telephone pole, tree, vehicle
Facebook	$12$	bicycle, cat, chair, cloud, dog, fireworks, flower, guitar, lion, tiger, waterfall, wristwatch
China Railway	$80$	Chinese knot, dashboard, bus card, refrigerator, band Aid, embroidery, paper cut, seal, tape measure, double-sided adhesive, whistle, beer, helmet, corkscrew, palm print, typewriter, cuff, mop, wall clock, ventilator, pencil case, calendar, notebook, portfolio, cotton swab, cherry, woolen, sandbags, salad, poster, seaweed, seagull, funnel, candlestick, hot-water bottle, archway, lion, coral, electronic scales, wire, rice cooker, plate, basketball, jujube, red bean, red wine, mung bean, tennis racket, tiger, earplug, aircraft carrier, fly swatter, tea table, tea cup, pill, pineapple, steamer, french fries, ant, bee, candle, lizard, stapler, plum, palette treadmill, street light, chili sauce, pyramid, clock, bell, spatula, gong, pennant, rain boots, firecrackers, campanula, pressure cooker, blackboard, dragon boat

10.26599/BDMA.2019.9020001.T004Table 4Labeled datasets.

Dataset	Number of image categories	Number of images per category	Number of images	Source	Usage
$D_{1}$	$22$	$1500$	$33 000$	ImageNet, baidu.com, google.com	ReCaptcha 2015
$D_{2}$	$10$	$1500$	$15 000$	ImageNet, baidu.com, google.com	ReCaptcha 2018
$D_{3}$	$12$	$1500$	$18 000$	ImageNet, baidu.com, google.com	Facebook
$D_{4}$	$80$	$1500$	$120 000$	ImageNet, baidu.com, google.com	China Railway
$D_{5}$	$80$	about 750	$60 000$	12306.cn	China Railway
$D_{6}$	3755	about 1400	$5 257 000$	Synthetic character generator (github.com/AstarLight)	GEE, Tencent, Netease TouClick
$D_{7}$	$-$	$-$	$2000$	geetest.com	Gee TouClick
$D_{8}$	$-$	$-$	$2000$	open.captcha.qq.com	Tencent TouClick

10.26599/BDMA.2019.9020001.T005Table 5Summary of pre-trained deep models.

Model name	Model type	Accuracy	Training time (h)	Usage
${CNN}_{1}$	CNN	$0.9597$	$18$	Recognize images for ReCaptcha 2015
${CNN}_{2}$	CNN	$0.9177$	$8$	Recognize images for ReCaptcha 2018
${CNN}_{3}$	CNN	$0.9727$	$9$	Recognize images for Facebook
${CNN}_{4}$	CNN	$0.9327$	$93$	Recognize phrases for China Railway
${CNN}_{5}$	CNN	$0.9661$	$25$	Recognize images for China Railway
${CNN}_{6}$	CNN	$0.9986$	$17$	Recognize distorted characters
${Fast-RCNN}_{1}$	R-CNN	$0.9201$	$7$	Localize objects for GEE TouClick
${Fast-RCNN}_{2}$	R-CNN	$0.9712$	$12$	Localize objects for Tencent TouClick

10.26599/BDMA.2019.9020001.T006Table 6Attack results on selection-based image captchas. "-" stands for not given.

Method		ReCaptcha 2015		ReCaptcha 2018		Facebook		China Railway
Method		Success rate	Speed (s)	Success rate	Speed (s)	Success rate	Speed (s)	Success rate	Speed (s)
Our method		$0.88$	$1.26$	$0.79$	$4.92$	$0.86$	$1.41$	$0.90$	$4.14$
Prior art	Ya et al.^[6]	$0.14$	$0.59$	$-$	$-$	$0.09$	$0.47$	$0.52$	$6.62$
Prior art	Sivakorn et al.^[5]	$0.71$	$20.80$	$-$	$-$	$0.83$	$25.30$	$0.37$	$20.60$
Image recognition service	TencentAPI	$0.19$	$13.64$	$0.06$	$20.19$	$0.25$	$15.32$	$0.03$	$14.97$
	GoogleAPI	$0.62$	$16.13$	$0.49$	$23.31$	$0.73$	$19.53$	$0.07$	$17.82$
	AliAPI	$0.37$	$14.27$	$0.11$	$18.40$	$0.35$	$13.04$	$0.16$	$12.65$
	MirosoftAPI	$0.21$	$19.95$	$0.08$	$25.42$	$0.44$	$21.09$	$0.02$	$17.01$
Captcha-solving service	ruokuai	$0.81$	$4.54$	$0.91$	$6.97$	$0.88$	$4.21$	$0.86$	$5.57$
	yundama	$0.89$	$4.36$	$-$	$-$	$0.77$	$5.18$	$0.88$	$5.29$
	hyocr	$-$	$-$	$0.85$	$7.05$	$-$	$-$	$-$	$-$
	2captcha	$0.86$	$8.35$	$0.88$	$4.27$	$0.90$	$7.98$	$0.79$	$11.37$
	AntiCaptcha	$0.84$	$6.43$	$0.92$	$5.69$	$0.93$	$8.71$	$0.65$	$9.94$
	DeCaptcha	$0.41$	$23.16$	$0.62$	$31.12$	$0.46$	$25.24$	$-$	$-$
	imagetyperz	$-$	$-$	$0.95$	$41.68$	$-$	$-$	$-$	$-$

Note: Speed is defined as the time of solving a captcha challenge.

10.26599/BDMA.2019.9020001.T007Table 7Attack results on slide-based image captchas.

Method		GEE SlidePuzzle		Tencent SlidePuzzle		Netease SlidePuzzle
Method		Success rate	Speed (s)	Success rate	Speed (s)	Success rate	Speed (s)
Our method	Sigmod	$0.96$	$5.30$	$1.00$	$4.01$	$0.98$	$1.98$
	Softmax	$0.59$	$5.27$	$0.95$	$4.18$	$0.72$	$2.15$
	Tanh	$0.00$	$5.16$	$1.00$	$4.06$	$0.98$	$2.24$
	ReLu	$0.54$	$5.68$	$0.99$	$4.27$	$0.54$	$5.68$
	Random	$0.16$	$5.33$	$0.97$	$4.33$	$0.81$	$2.35$
	Direct moving	$0.00$	$2.37$	$1.00$	$0.88$	$0.00$	$1.71$
Captcha-solving services	ruokuai	$0.88$	$8.82$	$0.96$	$7.94$	$0.91$	$6.06$
	hyocr	$0.93$	$9.69$	$0.92$	$5.73$	$0.87$	$7.71$
	dama2	$0.91$	$11.03$	$0.97$	$6.13$	$0.95$	$8.17$

10.26599/BDMA.2019.9020001.T008Table 8Attack results on click-based image captchas.

Method		GEE TouClick		Tencent TouClick		Netease TouClick
Method		Success rate	Speed (s)	Success rate	Speed (s)	Success rate	Speed (s)
Our method		$0.46$	$4.63$	$0.74$	$4.78$	$0.69$	$4.13$
Image recognition services	BaiduOCR	$0.04$	$6.55$	$0.36$	$6.14$	$0.12$	$5.70$
	GoogleOCR	$0.05$	$13.37$	$0.27$	$11.22$	$0.03$	$12.15$
	TencentOCR	$0.02$	$6.09$	$0.51$	$6.53$	$0.07$	$6.41$
	AliOCR	$0.03$	$7.54$	$0.13$	$6.60$	$0.03$	$7.17$
	Face++OCR	$0.08$	$7.96$	$0.30$	$8.79$	$0.05$	$8.38$
Captcha-solving services	ruokuai	$0.81$	$9.47$	$0.91$	$7.09$	$0.89$	$8.04$
	yundama	$0.89$	$8.86$	$0.86$	$7.37$	$0.87$	$7.28$
	dama2	$0.85$	$9.98$	$0.90$	$6.84$	$0.94$	$9.11$

10.26599/BDMA.2019.9020001.T009Table 9Captcha solving services.

Captcha type	Representative scheme	Representative service
Text captcha	SinaWeibo^①, ReCaptcha	ruokuai, 2captcha
Image captcha	China Railway, ReCaptcha	ruokuai, AntiCaptcha
Audio captcha	ReCaptcha	ruokuai
Game captcha	FunCaptcha^②	AntiCaptcha, jsdati^③
Math captcha	Bilibili^④	ruokuai, jsdati

Notes: ① SinaWeibo, https://weibo.com.

② FunCaptcha, https://www.funcaptcha.com/.

③ jsdati, https://www.jsdati.com/.

④ Bilibili, https://live.bilibili.com.

10.26599/BDMA.2019.9020001.T010Table 10Economic analysis on captcha-solving services. PPC = price per 1000 captchas, RPD = requests per day.

Name	Number of labors	Speed (s)	PPC ($)	Number of RPD	Daily income ($)
ruokuai	about $15 000$	$1 - 4$	$0.8 - 7.9$	about $0.9$ billion	about $3.6$ million
yundama	about $8000$	$0 - 3$	$1.6 - 7.9$	$-$	about $1.85$ million
hyocr	about $1000$	$0 - 4$	$1.27 - 5.56$	$-$	about $0.29$ million
dama2	about $8000$	$0 - 3$	$0.63 - 29.37$	$-$	about $1.62$ million
2captcha	about $2050$	$12 - 50$	$0.97$ $-$ $2.99$	$-$	about $0.012$ million
AntiCaptcha	about $4500$	about $8.3$	$0.63 - 2.20$	$-$	about $0.10$ million
DeCatpcha	$-$	$-$	about $2$	$-$	$-$
imagetyperz	about $1500$	$9 - 45$	$1 \sim 2.5$	$-$	about $0.01$ million