Ricerc@Sapienza

To this date, CAPTCHAs have served as the first line of defense preventing unauthorized access by (malicious) bots to web-based services, while at the same time maintaining a trouble-free experience for human visitors. However, recent work in the literature has provided evidence of sophisticated bots that make use of advancements in machine learning (ML) to easily bypass existing CAPTCHA-based defenses. In this work, we take the first step to address this problem. We introduce CAPTURE, a novel CAPTCHA scheme based on adversarial examples.

This paper presents a novel strategy to implement a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). The aim of these tests is to easily and reliably distinguish between real human users and (malicious) bots. The approach underlying FATCHA is to exploit real time capture of human actions instead of human ability to recognize visual or auditory items. The latter approach explicitly requires proposing a challenge difficult for an automatic responder but easy for a human.