STUDIES OF DYNAMIC COGNITIVE GAME CAPTCHA USABILITY AND STREAM RELAY ATTACKS A Thesis Presented to the Faculty of California State Polytechnic University, Pomona In Partial Fulfillment Of the Requirements for the Degree Master of Science In Computer Science By Tung T Nguyen 2016 SIGNATURE PAGE THESIS: STUDIES OF DYNAMIC COGNITIVE GAME CAPTCHA USABILITY AND STREAM RELAY ATTACKS AUTHOR: Tung T Nguyen DATE SUBMITTED: Fall 2016 Computer Science Department Dr. Mohammad Husain Thesis Committee Chair Computer Science Department Dr. Tingting Chen Computer Science Department Dr. Yu Sun Computer Science Department ii ABSTRACT CAPTCHAs are a detection mechanism widely used on the Internet to distinguish a legitimate human user from a computer program. Most of the CAPTCHA schemes are vulnerable under relay attacks, which relaying CAPTCHA challenges to remote human solvers. Dynamic Cognitive Games (DCG) CAPTCHAs are a new CAPTCHA scheme which require user to play a small simple matching object game. Because of the dynamic and continuous interactive between user and the game, DCG CAPCHAs may offer strong resistance to relay attacks. In this paper, we focus on a DCG CAPTCHA relay attack when the game frames and responses are simply streamed between the attacker and a human solver. We also present a mechanism for detecting such a relay attach based on game statistics like play duration, mouse clicks, and incorrect drags and drops. To demonstrate the correctness of our detection mechanism, we report on these three aspects: 1. the performance of legitimate DCG users, 2. the performance of human solvers in DCG CAPTCHA streaming attack, 3. the detection of streaming relay attacks in DCG CAPTCHA of game features and statistics in streaming attack. Our results show that it is possible to detect the streaming based relay attack against DCG CAPTCHA with high accuracy. With these three studies, DCG is going to be a first CAPTCHAs scheme that can have detection mechanism for relay attacks. iii TABLE OF CONTENTS SIGNATURE PAGE ......................................................................................................... ii ABSTRACT ...................................................................................................................... iii LIST OF TABLES ........................................................................................................... vi LIST OF FIGURES ........................................................................................................ vii CHAPTER 1: INTRODUCTION .................................................................................... 1 1.1 Motivation ........................................................................................................... 1 1.2 Statement of Problem......................................................................................... 3 1.3 Research Goals ................................................................................................... 3 1.4 Structure of Thesis ............................................................................................. 4 CHAPTER 2: LITERATURE REVIEW ....................................................................... 5 2.1 History of CAPTCHA ............................................................................................. 5 2.1.1 Definition ........................................................................................................... 5 2.1.2 Applications ....................................................................................................... 7 2.2 Classification of CAPTCHAs ................................................................................. 9 2.2.1 Text-based CAPTCHA..................................................................................... 9 2.2.2 Image-based CAPTCHA ................................................................................ 14 2.2.3 Audio-based CAPTCHA ................................................................................ 16 2.2.4 Motion Objects CAPTCHA ........................................................................... 17 2.3 Captcha Features................................................................................................... 19 2.3.1 Visual Features ............................................................................................... 19 2.3.2 Anti-segmentation Features ........................................................................... 20 2.3.3 Anti-recognition Features .............................................................................. 21 2.3.4 Suggested CAPTCHA Scheme ...................................................................... 22 2.4 Attacks on CAPTCHA .......................................................................................... 23 2.4.1 Attacks on Text-based CAPTCHA ............................................................... 23 2.4.2 Attacks on Image-based CAPTCHA ............................................................ 29 2.4.3 Attacks on Motion-based CAPTCHA........................................................... 30 CHAPTER 3: METHODOLOGY ................................................................................ 32 3.1 Security in Design Prototypes of DCG CAPCHA .............................................. 32 iv 3.2 DCG CAPTCHA Instances and Parameters ...................................................... 35 3.3 Design and Implementation of DCG CAPTCHA. ............................................. 37 3.4 Stream Relay Attack. ............................................................................................ 38 3.5 Mechanical Turk ................................................................................................... 40 3.6 Usability Study Design, Goals, and Process. ....................................................... 43 3.7 Stream Relay Attack Study. ................................................................................. 44 CHAPTER 4: EVALUATION OF RESULTS. ............................................................ 47 4.1 Usability Study of DCG CAPTCHA.................................................................... 47 4.2 Relay Attacks ......................................................................................................... 53 4.2.1 Difficulty of Relaying DCG CAPTCHA ....................................................... 54 4.2.2 Stream Relay Attack Study. .......................................................................... 56 4.3 Stream Relay Attack Detection Mechanism. ...................................................... 59 4.3.1 Detection with Different Error Rates and Duration Play Time. ................ 59 4.3.2 Using K-Nearest Neighbor Algorithm for Detection Mechanism. ............. 65 CHAPTER 5: CONCLUSION....................................................................................... 70 5.1 Summary ................................................................................................................ 70 5.2 Future Work .......................................................................................................... 72 5.2.1 Improving with Different DCG CAPTCHA Gameplays. ........................... 72 5.2.2 Improving with Stream Relay Attack with Offline Feedback. ................... 72 5.2.3 Improving with Usability of DCG CAPTCHA. ........................................... 73 REFERENCES ................................................................................................................ 74 v LIST OF TABLES Table 1: 5 points scale for usability study ...................................................................................... 43 Table 2: Demographics of usability Mechanical Turk workers ..................................................... 47 Table 3: Completion times, error rates in usability study. ............................................................. 49 Table 4: Object speeds vs error rates in usability study. ................................................................ 51 Table 5: User feedbacks on game features. .................................................................................... 52 Table 6: Stream relay attacks finish time and error rates ............................................................... 57 Table 7: High latency attack compared with low latency attack in time and error. ....................... 58 Table 8: K-NN prediction in low latency connection. ................................................................... 66 Table 9: K-NN prediction in high latency connection. .................................................................. 67 vi LIST OF FIGURES Figure 1: Wikipedia text based CAPTCHA. ....................................................................... 9 Figure 2: Gimpy CAPTCHA. ........................................................................................... 10 Figure 3: EZ-GIMPY CAPTCHA. ................................................................................... 11 Figure 4: reCAPTCHA ..................................................................................................... 12 Figure 5: ASIRRA image based CAPTCHA .................................................................... 15 Figure 6: NuCaptcha ......................................................................................................... 18 Figure 7: Chandavale [2009] algorithm to break text-based CAPTCHA ......................... 24 Figure 8: Bursztein's pipeline to break text based CAPTCHA ........................................