Abstract
The “Completely Automated Public Turing test to Tell Computers and Human Apart” (CAPTCHA) is a standard security protocol, wildly used to distinguish between human and malicious computer program, known as bot. This paper presents a gesture-based CAPTCHA system i.e. GESTCHA utilizing angular velocity data from embedded gyroscope sensors of handheld touch-sensitive devices. The angular velocity data collected within a short exposure of time was processed as gesture input. Several discriminatory feature sets were extracted from stable gyroscope reading by applying a newly proposed gesture feature extraction algorithm. We analyzed the performance of two different machine learning algorithms, i.e. Naive Bayes and Random Forest, over the training gesture pattern which led to the development of a robust gesture recognition model. Using the model, final prototype of GESTCHA was proposed. Based on findings from a comparative usability study with 850 participants, GESTCHA shows significant improvement in terms of solving rate and solving time compared to Google’s reCAPTCHA v3 i.e. NoCAPTCHA.
Similar content being viewed by others
Notes
To improve readability the acronym ‘CAPTCHA’ is written in lowercase in the following paper.
References
Acien A, Morales A, Fierrez J, Vera-Rodriguez R, Bartolome I (2020) Be-captcha: detecting human behavior in smartphone interaction using multiple inbuilt sensors. arXiv:2002.00918
Ahmed N, Rafiq JI, Islam MR (2020) Enhanced human activity recognition based on smartphone sensor data using hybrid feature selection model. Sensors 20(1):317
Aiken W, Kim H (2018) Poster: deepcrack: using deep learning to automatically crack audio captchas. In: Proceedings of the 2018 on Asia conference on computer and communications security, pp 797–799
Aldwairi M, Mohammed S, Padmanabhan ML (2020) Efficient and secure flash-based gaming captcha. J Parallel Distrib Comput 142:27–35
Alqahtani FH, Alsulaiman FA (2020) Is image-based captcha secure against attacks based on machine learning? An experimental study. Comput Secur 88:101635
Amelio A, Draganov IR, Janković R, Tanikić D (2019) Analysis of usability for the dice captcha. Information 10(7):221
Arsić S, Nikolic D, Jevtic M (2021) An investigation of the usability of image-based captchas using promethee-gaia method. Multimed Tools Appl 80(6):9393–9409
Azad S, Jain K (2013) Captcha: attacks and weaknesses against ocr technology. Glob J Comput Sci Technol
Bai Y, Wang X, Jin X, Su T, Kong J, Zhang B (2020) Adaptive filtering for mems gyroscope with dynamic noise model. ISA Transactions
Bursztein E, Martin M, Mitchell J (2011) Text-based captcha strengths and weaknesses. In: Proceedings of the 18th ACM conference on computer and communications security. ACM, pp 125–138
Bursztein E, Aigrain J, Moscicki A, Mitchell J C (2014) The end is nigh: generic solving of text-based captchas. In: 8th {USENIX} workshop on offensive technologies ({WOOT} 14)
Chen J, Luo X, Liu Y, Wang J, Ma Y (2019) Selective learning confusion class for text-based captcha recognition. IEEE Access 7:22246–22259
Chu Y-C, Jhang Y-J, Tai T-M, Hwang W-J (2020) Recognition of hand gesture sequences by accelerometers and gyroscopes. Appl Sci 10(18):6507
Conti M, Guarisco C, Spolaor R (2016) Captchastar! A novel captcha based on interactive shape discovery. In: International conference on applied cryptography and network security. Springer, pp 611–628
Dudheria R (2018) Assessing vulnerability of mobile messaging apps to man-in-the-middle (mitm) attack. Int J Comput Netw Inf Secur 11(7):23
Dwivedi U, Ahuja K, Islam R, Barbhuiya FA, Nagar S, Dey K (2017) Eyamkayo: interactive gaze and facial expression captcha. In: Proceedings of the 22nd international conference on intelligent user interfaces companion, pp 53–56
Ferrari A, Micucci D, Mobilio M, Napoletano P (2019) Human activities recognition using accelerometer and gyroscope. In: European conference on ambient intelligence. Springer, pp 357–362
Fidas CA, Voyiatzis AG, Avouris NM (2011) On the necessity of user-friendly captcha. In: Proceedings of the SIGCHI conference on human factors in computing systems. ACM, pp 2623–2626
Gao H, Yao D, Liu H, Liu X, Wang L (2010) A novel image based captcha using jigsaw puzzle. In: 2010 13th IEEE international conference on computational science and engineering. IEEE, pp 351–356
Gao S, Mohamed M, Saxena N, Zhang C (2015) Emerging image game captchas for resisting automated and human-solver relay attacks. In: Proceedings of the 31st annual computer security applications conference. ACM, pp 11–20
Google. recaptcha v2 | recaptcha google developers. [Online]. Available: https://developers.google.com/recaptcha/docs/display. Accessed: 27 January 2020
Google. recaptcha: easy on human, hard on bots. [Online]. Available: https://www.google.com/recaptcha/intro/v3.html. Accessed: 27 January 2020
Han H, Yoon SW (2019) Gyroscope-based continuous human hand gesture recognition for multi-modal wearable input device for human machine interaction. Sensors 19(11):2562
Jiang N, Dogan H (2015) A gesture-based captcha design supporting mobile devices. In: Proceedings of the 2015 British HCI conference. ACM, pp 202–207
Kheshaifaty N, Gutub A (2020) Preventing multiple accessing attacks via efficient integration of captcha crypto hash functions. Int J Comput Sci Netw Secur (IJCSNS) 20(9):16–28
Kluever KA, Zanibbi R (2009) Balancing usability and security in a video captcha. In: Proceedings of the 5th symposium on usable privacy and security, pp 1–11
Li C, Chen X, Wang H, Wang P, Zhang Y, Wang W (2021) End-to-end attack on text-based captchas based on cycle-consistent generative adversarial network. Neurocomputing 433:223–236
Ogiela MR, Krzyworzeka N, Ogiela L (2018) Application of knowledge-based cognitive captcha in cloud of things security. Concurr Comput: Pract Exp 30(21):e4769
Osadchy M, Hernandez-Castro J, Gibson S, Dunkelman O, Pérez-Cabo D (2017) No bot expects the deepcaptcha! Introducing immutable adversarial examples, with applications to captcha generation. IEEE Trans Inf Forensics Secur 12(11):2640–2653
Ouyang Z, Zhai X, Wu J, Yang J, Yue D, Dou C, Zhang T (2021) A cloud endpoint coordinating captcha based on multi-view stacking ensemble. Comput Secur 103:102178
Pakdel R, Ithnin N, Hashemi M (2011) Captcha: a survey of usability features. Res J Inf Technol 3(4):215–228
Parvez MT, Alsuhibany SA Segmentation-validation based handwritten arabic captcha generation. Comput Secur 101829
Pritom AI, Chowdhury MZ, Protim J, Roy S, Rahman MR, Promi SM (2020) Combining movement model with finger-stroke level model towards designing a security enhancing mobile friendly captcha. In: Proceedings of the 2020 9th international conference on software and computer applications, pp 351–356
Qiujie L, Yaobin M, Zhiquan W (2012) A survey of captcha technology. J Comput Res Dev 49(3):469–480
Reynaga G, Chiasson S (2013) The usability of captchas on smartphones. In: 2013 International conference on security and cryptography (SECRYPT). IEEE, pp 1–8
Shah AR, Banday MT, Sheikh SA (2021) Design of a drag and touch multilingual universal captcha challenge. In: Advances in computational intelligence and communication technology. Springer, pp 381–393
Shirali-Shahreza S, Penn G, Balakrishnan R, Ganjali Y (2013) Seesay and hearsay captcha for mobile interaction. In: Proceedings of the SIGCHI conference on human factors in computing systems. ACM, pp 2147–2156
Singh VP, Pal P (2014) Survey of different types of captcha. Int J Comput Sci Inf Technol 5(2):2242–2245
Sivakorn S, Polakis J, Keromytis AD (2016) I’m not a human: breaking the Google recaptcha. Black Hat 1–12
Tootaghaj DZ, Sampson A, Mytkowicz T, McKinley KS (2017) High five: improving gesture recognition by embracing uncertainty. arXiv:1710.09441
Von Ahn L, Blum M, Hopper NJ, Langford J (2003) Captcha: using hard ai problems for security. In: International conference on the theory and applications of cryptographic techniques. Springer, pp 294–311
Wang P, Gao H, Shi Z, Yuan Z, Hu J (2020) Simple and easy: transfer learning-based attacks to text captcha. IEEE Access 8:59044–59058
Wu Y, Chen K, Fu C (2016) Natural gesture modeling and recognition approach based on joint movements and arm orientations. IEEE Sens J 16(21):7753–7761
Xie R, Cao J (2016) Accelerometer-based hand gesture recognition by neural network and similarity matching. IEEE Sens J 16(11):4537–4545
Xu R, Zhou S, Li WJ (2011) Mems accelerometer based nonspecific-user hand gesture recognition. IEEE Sens J 12(5):1166–1173
Xu Y, Reynaga G, Chiasson S, Frahm J-M, Monrose F, Van Oorschot P (2012) Security and usability challenges of moving-object captchas: Decoding codewords in motion. In: Presented as part of the 21st {USENIX} security symposium ({USENIX} security 12), pp 49–64
Yang X, Sun X, Zhou D, Li Y, Liu H (2018) Towards wearable a-mode ultrasound sensing for real-time finger motion recognition. IEEE Trans Neural Syst Rehabil Eng 26(6):1199–1208
Zaman S, Deep SMU, Kawsar Z, Ashaduzzaman M, Pritom AI (2019) Phishing website detection using effective classifiers and feature selection techniques. In: 2019 2nd International conference on innovation in engineering and technology (ICIET). IEEE, pp 1–6
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Pritom, A.I., Al Mashuk, M.A., Ahmed, S. et al. GESTCHA: a gesture-based CAPTCHA design for smart devices using angular velocity. Multimed Tools Appl 82, 521–549 (2023). https://doi.org/10.1007/s11042-022-13272-6
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-022-13272-6