Skip to main content

Advertisement

SpringerLink
Log in

GESTCHA: a gesture-based CAPTCHA design for smart devices using angular velocity

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

The “Completely Automated Public Turing test to Tell Computers and Human Apart” (CAPTCHA) is a standard security protocol, wildly used to distinguish between human and malicious computer program, known as bot. This paper presents a gesture-based CAPTCHA system i.e. GESTCHA utilizing angular velocity data from embedded gyroscope sensors of handheld touch-sensitive devices. The angular velocity data collected within a short exposure of time was processed as gesture input. Several discriminatory feature sets were extracted from stable gyroscope reading by applying a newly proposed gesture feature extraction algorithm. We analyzed the performance of two different machine learning algorithms, i.e. Naive Bayes and Random Forest, over the training gesture pattern which led to the development of a robust gesture recognition model. Using the model, final prototype of GESTCHA was proposed. Based on findings from a comparative usability study with 850 participants, GESTCHA shows significant improvement in terms of solving rate and solving time compared to Google’s reCAPTCHA v3 i.e. NoCAPTCHA.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19

Similar content being viewed by others

Notes

  1. To improve readability the acronym ‘CAPTCHA’ is written in lowercase in the following paper.

References

  1. Acien A, Morales A, Fierrez J, Vera-Rodriguez R, Bartolome I (2020) Be-captcha: detecting human behavior in smartphone interaction using multiple inbuilt sensors. arXiv:2002.00918

  2. Ahmed N, Rafiq JI, Islam MR (2020) Enhanced human activity recognition based on smartphone sensor data using hybrid feature selection model. Sensors 20(1):317

    Article  Google Scholar 

  3. Aiken W, Kim H (2018) Poster: deepcrack: using deep learning to automatically crack audio captchas. In: Proceedings of the 2018 on Asia conference on computer and communications security, pp 797–799

  4. Aldwairi M, Mohammed S, Padmanabhan ML (2020) Efficient and secure flash-based gaming captcha. J Parallel Distrib Comput 142:27–35

    Article  Google Scholar 

  5. Alqahtani FH, Alsulaiman FA (2020) Is image-based captcha secure against attacks based on machine learning? An experimental study. Comput Secur 88:101635

    Article  Google Scholar 

  6. Amelio A, Draganov IR, Janković R, Tanikić D (2019) Analysis of usability for the dice captcha. Information 10(7):221

    Article  Google Scholar 

  7. Arsić S, Nikolic D, Jevtic M (2021) An investigation of the usability of image-based captchas using promethee-gaia method. Multimed Tools Appl 80(6):9393–9409

    Article  Google Scholar 

  8. Azad S, Jain K (2013) Captcha: attacks and weaknesses against ocr technology. Glob J Comput Sci Technol

  9. Bai Y, Wang X, Jin X, Su T, Kong J, Zhang B (2020) Adaptive filtering for mems gyroscope with dynamic noise model. ISA Transactions

  10. Bursztein E, Martin M, Mitchell J (2011) Text-based captcha strengths and weaknesses. In: Proceedings of the 18th ACM conference on computer and communications security. ACM, pp 125–138

  11. Bursztein E, Aigrain J, Moscicki A, Mitchell J C (2014) The end is nigh: generic solving of text-based captchas. In: 8th {USENIX} workshop on offensive technologies ({WOOT} 14)

  12. Chen J, Luo X, Liu Y, Wang J, Ma Y (2019) Selective learning confusion class for text-based captcha recognition. IEEE Access 7:22246–22259

    Article  Google Scholar 

  13. Chu Y-C, Jhang Y-J, Tai T-M, Hwang W-J (2020) Recognition of hand gesture sequences by accelerometers and gyroscopes. Appl Sci 10(18):6507

    Article  Google Scholar 

  14. Conti M, Guarisco C, Spolaor R (2016) Captchastar! A novel captcha based on interactive shape discovery. In: International conference on applied cryptography and network security. Springer, pp 611–628

  15. Dudheria R (2018) Assessing vulnerability of mobile messaging apps to man-in-the-middle (mitm) attack. Int J Comput Netw Inf Secur 11(7):23

    Google Scholar 

  16. Dwivedi U, Ahuja K, Islam R, Barbhuiya FA, Nagar S, Dey K (2017) Eyamkayo: interactive gaze and facial expression captcha. In: Proceedings of the 22nd international conference on intelligent user interfaces companion, pp 53–56

  17. Ferrari A, Micucci D, Mobilio M, Napoletano P (2019) Human activities recognition using accelerometer and gyroscope. In: European conference on ambient intelligence. Springer, pp 357–362

  18. Fidas CA, Voyiatzis AG, Avouris NM (2011) On the necessity of user-friendly captcha. In: Proceedings of the SIGCHI conference on human factors in computing systems. ACM, pp 2623–2626

  19. Gao H, Yao D, Liu H, Liu X, Wang L (2010) A novel image based captcha using jigsaw puzzle. In: 2010 13th IEEE international conference on computational science and engineering. IEEE, pp 351–356

  20. Gao S, Mohamed M, Saxena N, Zhang C (2015) Emerging image game captchas for resisting automated and human-solver relay attacks. In: Proceedings of the 31st annual computer security applications conference. ACM, pp 11–20

  21. Google. recaptcha v2 | recaptcha google developers. [Online]. Available: https://developers.google.com/recaptcha/docs/display. Accessed: 27 January 2020

  22. Google. recaptcha: easy on human, hard on bots. [Online]. Available: https://www.google.com/recaptcha/intro/v3.html. Accessed: 27 January 2020

  23. Han H, Yoon SW (2019) Gyroscope-based continuous human hand gesture recognition for multi-modal wearable input device for human machine interaction. Sensors 19(11):2562

    Article  Google Scholar 

  24. Jiang N, Dogan H (2015) A gesture-based captcha design supporting mobile devices. In: Proceedings of the 2015 British HCI conference. ACM, pp 202–207

  25. Kheshaifaty N, Gutub A (2020) Preventing multiple accessing attacks via efficient integration of captcha crypto hash functions. Int J Comput Sci Netw Secur (IJCSNS) 20(9):16–28

    Google Scholar 

  26. Kluever KA, Zanibbi R (2009) Balancing usability and security in a video captcha. In: Proceedings of the 5th symposium on usable privacy and security, pp 1–11

  27. Li C, Chen X, Wang H, Wang P, Zhang Y, Wang W (2021) End-to-end attack on text-based captchas based on cycle-consistent generative adversarial network. Neurocomputing 433:223–236

    Article  Google Scholar 

  28. Ogiela MR, Krzyworzeka N, Ogiela L (2018) Application of knowledge-based cognitive captcha in cloud of things security. Concurr Comput: Pract Exp 30(21):e4769

    Article  Google Scholar 

  29. Osadchy M, Hernandez-Castro J, Gibson S, Dunkelman O, Pérez-Cabo D (2017) No bot expects the deepcaptcha! Introducing immutable adversarial examples, with applications to captcha generation. IEEE Trans Inf Forensics Secur 12(11):2640–2653

    Article  Google Scholar 

  30. Ouyang Z, Zhai X, Wu J, Yang J, Yue D, Dou C, Zhang T (2021) A cloud endpoint coordinating captcha based on multi-view stacking ensemble. Comput Secur 103:102178

    Article  Google Scholar 

  31. Pakdel R, Ithnin N, Hashemi M (2011) Captcha: a survey of usability features. Res J Inf Technol 3(4):215–228

    Google Scholar 

  32. Parvez MT, Alsuhibany SA Segmentation-validation based handwritten arabic captcha generation. Comput Secur 101829

  33. Pritom AI, Chowdhury MZ, Protim J, Roy S, Rahman MR, Promi SM (2020) Combining movement model with finger-stroke level model towards designing a security enhancing mobile friendly captcha. In: Proceedings of the 2020 9th international conference on software and computer applications, pp 351–356

  34. Qiujie L, Yaobin M, Zhiquan W (2012) A survey of captcha technology. J Comput Res Dev 49(3):469–480

    Google Scholar 

  35. Reynaga G, Chiasson S (2013) The usability of captchas on smartphones. In: 2013 International conference on security and cryptography (SECRYPT). IEEE, pp 1–8

  36. Shah AR, Banday MT, Sheikh SA (2021) Design of a drag and touch multilingual universal captcha challenge. In: Advances in computational intelligence and communication technology. Springer, pp 381–393

  37. Shirali-Shahreza S, Penn G, Balakrishnan R, Ganjali Y (2013) Seesay and hearsay captcha for mobile interaction. In: Proceedings of the SIGCHI conference on human factors in computing systems. ACM, pp 2147–2156

  38. Singh VP, Pal P (2014) Survey of different types of captcha. Int J Comput Sci Inf Technol 5(2):2242–2245

    Google Scholar 

  39. Sivakorn S, Polakis J, Keromytis AD (2016) I’m not a human: breaking the Google recaptcha. Black Hat 1–12

  40. Tootaghaj DZ, Sampson A, Mytkowicz T, McKinley KS (2017) High five: improving gesture recognition by embracing uncertainty. arXiv:1710.09441

  41. Von Ahn L, Blum M, Hopper NJ, Langford J (2003) Captcha: using hard ai problems for security. In: International conference on the theory and applications of cryptographic techniques. Springer, pp 294–311

  42. Wang P, Gao H, Shi Z, Yuan Z, Hu J (2020) Simple and easy: transfer learning-based attacks to text captcha. IEEE Access 8:59044–59058

    Article  Google Scholar 

  43. Wu Y, Chen K, Fu C (2016) Natural gesture modeling and recognition approach based on joint movements and arm orientations. IEEE Sens J 16(21):7753–7761

    Article  Google Scholar 

  44. Xie R, Cao J (2016) Accelerometer-based hand gesture recognition by neural network and similarity matching. IEEE Sens J 16(11):4537–4545

    Article  Google Scholar 

  45. Xu R, Zhou S, Li WJ (2011) Mems accelerometer based nonspecific-user hand gesture recognition. IEEE Sens J 12(5):1166–1173

    Article  Google Scholar 

  46. Xu Y, Reynaga G, Chiasson S, Frahm J-M, Monrose F, Van Oorschot P (2012) Security and usability challenges of moving-object captchas: Decoding codewords in motion. In: Presented as part of the 21st {USENIX} security symposium ({USENIX} security 12), pp 49–64

  47. Yang X, Sun X, Zhou D, Li Y, Liu H (2018) Towards wearable a-mode ultrasound sensing for real-time finger motion recognition. IEEE Trans Neural Syst Rehabil Eng 26(6):1199–1208

    Article  Google Scholar 

  48. Zaman S, Deep SMU, Kawsar Z, Ashaduzzaman M, Pritom AI (2019) Phishing website detection using effective classifiers and feature selection techniques. In: 2019 2nd International conference on innovation in engineering and technology (ICIET). IEEE, pp 1–6

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Islamic University of Technology, Gazipur, Bangladesh

    Ahmed Iqbal Pritom

  2. Department of Computer Science and Engineering, Green University of Bangladesh, Dhaka, Bangladesh

    Ahmed Iqbal Pritom, Md. Abdullah Al Mashuk, Somi Ahmed, Nazifa Monira & Md. Zahidul Islam

Authors
  1. Ahmed Iqbal Pritom
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Md. Abdullah Al Mashuk
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Somi Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nazifa Monira
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Md. Zahidul Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ahmed Iqbal Pritom.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Pritom, A.I., Al Mashuk, M.A., Ahmed, S. et al. GESTCHA: a gesture-based CAPTCHA design for smart devices using angular velocity. Multimed Tools Appl 82, 521–549 (2023). https://doi.org/10.1007/s11042-022-13272-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-022-13272-6

Keywords

Search

Navigation