introduction and rating parameters

This commit is contained in:
Aravinth Manivannan 2021-09-20 15:49:45 +05:30
commit 7c91387d8a
Signed by: realaravinth
GPG key ID: AD9F0F08E855ED88
3 changed files with 122 additions and 0 deletions

6
.gitignore vendored Normal file
View file

@ -0,0 +1,6 @@
paper.aux
paper.bbl
paper.blg
paper.dvi
paper.log
paper.pdf

15
init.sh Executable file
View file

@ -0,0 +1,15 @@
#!/bin/bash
install() {
export TEXMFDIST=/usr/share/texmf-dist
readonly tlmgr="$TEXMFDIST/scripts/texlive/tlmgr.pl --usermode"
$tlmgr install ieeetran
$tlmgr install ieeetrantools
$tlmgr install blindtext
}
clean() {
rm -rf paper.aux paper.fdb_latexmk paper.fls paper.log paper.pdf
}
clean

101
paper.tex Normal file
View file

@ -0,0 +1,101 @@
\documentclass[conference]{IEEEtran}
\usepackage[english]{babel} % To obtain English text with the blindtext package
\usepackage{blindtext}
\begin{document}
\title{Analysis of bot detection and spam prevention systems}
% TODO get author names from Prof. Sibi
\author {
\IEEEauthorblockN{Aravinth Manivannan, Sibi Chakkaravarth S, TODO}
\IEEEauthorblockA{SENSE, VIT AP, AP, India - pincode\\
foo@example.com
}
}
\maketitle
\begin{abstract}
CAPTCHA systems were originally designed to protect against automated
bot-based Denial of Service(DoS) attacks and spam. But over time, these
systems have become ineffective due to overfocus on identifying humans from
bots than combating DoS attacks and spam. As a result, they have become
privacy invasive systems that pose accessibility challenges with reduced
effectiveness and accuracy. mCaptcha is a proof of work based,
non-interactive DoS protection system designed to overcome the limitations
of traditional CAPTCHA systems' limitations while offering superior
protection services. The mechanism is stateless, so it is able accurately
defend against attacks over anonymous networks like TOR and the
non-interactive nature makes it ideal users with auditory, cognitive and
visual disabilities.
\end{abstract}
\section{Introduction}
\label{sec:intro}
Denial of Service(DoS) attacks and spam campaigns reduce the quality of service
for internet services. Different types of rate-limiters were employed to combat
such attacks. Today rate-limiters on the web are synonymous with CAPTCHAs.
CAPTCHA systems work on the premise that an automated bot user can inflict more
damage than a human user and attacks can be contained if they can accurately
differentiate a human from a bot. The rise of cheap human labor powered CAPTCHA
farms in third-world countries have given attackers a way to bypass CAPTCHA
systems. To combat this new threat, CAPTCHA implementers are constantly raising the
difficulty of the challenges. This universal raise in difficulty impacts bots
and unassuming alike. The web is becoming increasingly less accessible to users
with disabilities and non-English speaking users. Some CAPTCHA systems employ
multiple methods to in their process. Privacy invasive mechanisms like cookies
and IP tracking are popular methods that are used in conjunction with
traditional CAPTCHA mechanisms, both of which are ineffective against
anonymous networks like TOR and pose serious privacy risks to their users.
The rest of this paper, rates different CAPTCHA mechanisms and systems based on
parameters mentioned below and describe how mCaptcha overcomes some of
them.
\subsection{CAPTCHA rating parameters}
CAPTCHA systems use a variety of methods in their decision process. Every method
has it's own strengths and limitations but the following parameters have been
chosen to uniformly rate CAPTCHA methods and systems in an attempt to compare
them.
\begin{description}[\IEEEsetlabelwidth{Effectiveness}]
\item[Privacy]
\begin{itemize}
\item Does the method use trackers or any other identifying method?
\item Does the method work in anonymous networks like TOR?
\end{itemize}
\item[Effectiveness]
\begin{itemize}
\item Is the method/system effective in containing DoS attacks?
\item Can the method be circumvented? If yes, how practical/feasible
the attack?
\end{itemize}
\item[Accessibility]
\begin{itemize}
\item Is the method posing any challenges to visually to users
with auditory, cognitive and visual disabilities?
\item How easy is it to use?
\item Does the method have a language dependency which poses a challenge to
non-English speakers?
\end{itemize}
\item[Accuracy]
\begin{itemize}
\item How accurate is the method in detecting potentially malicious
users?
\item Are there any factors that method's impact accuracy?
\end{itemize}
\end{description}
\subsection{CAPTCHA methods analysed}
We analysed at the following CAPTCHA methods using the above mentioned
parameters. These are popular methods are currently in deployment.
%TODO add images
\begin{description}
\item Align object
\item Blurred Text
\item Context based
\item Audio based
\item IP tracking
\item Image identification
\item Proof of work based
\end{itemize}
\end{document}