46 lines
2.4 KiB
TeX
46 lines
2.4 KiB
TeX
\begin{abstract}
|
|
CAPTCHA systems were originally designed to protect against automated
|
|
bot-based Denial of Service (DoS) attacks and spam. But over time, these
|
|
systems have become ineffective due to overfocus on identifying humans from
|
|
bots than combating DoS attacks and spam. As a result, they have become
|
|
privacy invasive systems that pose accessibility challenges with reduced
|
|
effectiveness and accuracy.\ mCaptcha is a proof of work based,
|
|
non-interactive DoS protection system designed to overcome the limitations
|
|
of traditional CAPTCHA systems' limitations while offering superior
|
|
protection services. The mechanism is stateless, so it is able accurately
|
|
defend against attacks over anonymous networks like TOR and the
|
|
non-interactive nature makes it ideal users with auditory, cognitive and
|
|
visual disabilities.
|
|
\end{abstract}
|
|
|
|
\section{Introduction}\label{sec:intro}
|
|
Denial of Service (DoS) attacks and spam campaigns reduce the quality of service
|
|
for internet services. Different types of rate-limiters were employed to combat
|
|
such attacks. Today rate-limiters on the web are synonymous with CAPTCHAs.
|
|
CAPTCHA systems work on the premise that an automated bot user can inflict more
|
|
damage than a human user and attacks can be contained if they can accurately
|
|
differentiate a human from a bot. The rise of cheap human labor powered CAPTCHA
|
|
farms in third-world countries have given attackers a way to bypass CAPTCHA
|
|
systems. To combat this new threat, CAPTCHA implementers are constantly raising the
|
|
difficulty of the challenges. This universal raise in difficulty impacts bots
|
|
and unassuming alike. The web is becoming increasingly less accessible to users
|
|
with disabilities and non-English speaking users. Some CAPTCHA systems employ
|
|
multiple methods to in their process. Privacy invasive mechanisms like cookies
|
|
and IP tracking are popular methods that are used in conjunction with
|
|
traditional CAPTCHA mechanisms, both of which are ineffective against
|
|
anonymous networks like TOR and pose serious privacy risks to their users.
|
|
|
|
The rest of this paper, rates different CAPTCHA mechanisms and systems based on
|
|
parameters mentioned below and describe how mCaptcha overcomes some of
|
|
them.
|
|
|
|
% ==================================================
|
|
% Parameters
|
|
% ==================================================
|
|
\input{intro/params.tex}
|
|
|
|
% ==================================================
|
|
% Methods
|
|
% ==================================================
|
|
|
|
\input{intro/methods.tex}
|