A deep learning‐based attack on text CAPTCHAs by using object detection techniques

Abstract

Read online

Abstract Text‐based CAPTCHAs have been widely deployed by many popular websites, and many have been attacked. However, most previous cracks were based on classification algorithms that typically rely on a series of preprocessing operations or on many training samples, thus making such attacks complicated and costly. In this study, a simple, generic, fast and end‐to‐end attack based on advanced object detection technologies is introduced. The proposed attack combines a feature extraction module, a character location and recognition module and a coordinate matching module. The experiments show that the attack can break a wide range of real‐world text CAPTCHAs deployed by the 50 most popular websites on Alexa.com and that the method achieves a high attack accuracy with only 2000 samples at an attack speed of less than 0.10 s. The attack was also evaluated on four click‐based CAPTCHAs that cannot be attacked in the end‐to‐end manner used by previous attacks, and the results demonstrated that within one step, the proposed approach achieves high success rates on both click‐based CAPTCHAs and schemes based on large‐scale character sets, such as Chinese character sets.

Keywords

• Web sites
• feature extraction
• text analysis
• character sets
• human computer interaction
• deep learning (artificial intelligence)