analysis-of-captcha-systems/intro/intro.tex

47 lines
2.4 KiB
TeX
Raw Normal View History

2021-09-20 17:00:19 +05:30
\begin{abstract}
CAPTCHA systems were originally designed to protect against automated
bot-based Denial of Service (DoS) attacks and spam. But over time, these
systems have become ineffective due to overfocus on identifying humans from
bots than combating DoS attacks and spam. As a result, they have become
privacy invasive systems that pose accessibility challenges with reduced
effectiveness and accuracy.\ mCaptcha is a proof of work based,
non-interactive DoS protection system designed to overcome the limitations
of traditional CAPTCHA systems' limitations while offering superior
protection services. The mechanism is stateless, so it is able accurately
defend against attacks over anonymous networks like TOR and the
non-interactive nature makes it ideal users with auditory, cognitive and
visual disabilities.
\end{abstract}
\section{Introduction}\label{sec:intro}
Denial of Service (DoS) attacks and spam campaigns reduce the quality of service
for internet services. Different types of rate-limiters were employed to combat
such attacks. Today rate-limiters on the web are synonymous with CAPTCHAs.
CAPTCHA systems work on the premise that an automated bot user can inflict more
damage than a human user and attacks can be contained if they can accurately
differentiate a human from a bot. The rise of cheap human labor powered CAPTCHA
farms in third-world countries have given attackers a way to bypass CAPTCHA
systems. To combat this new threat, CAPTCHA implementers are constantly raising the
difficulty of the challenges. This universal raise in difficulty impacts bots
and unassuming alike. The web is becoming increasingly less accessible to users
with disabilities and non-English speaking users. Some CAPTCHA systems employ
multiple methods to in their process. Privacy invasive mechanisms like cookies
and IP tracking are popular methods that are used in conjunction with
traditional CAPTCHA mechanisms, both of which are ineffective against
anonymous networks like TOR and pose serious privacy risks to their users.
The rest of this paper, rates different CAPTCHA mechanisms and systems based on
parameters mentioned below and describe how mCaptcha overcomes some of
them.
% ==================================================
% Parameters
% ==================================================
\input{intro/params.tex}
% ==================================================
% Methods
% ==================================================
\input{intro/methods.tex}