Y. Rui and Z. Liu
Web services designed for human users are being abused by computer programs (bots). The bots stealfl thousands of free email accounts in a minute; participate in online polls to skew results; and irritate people byfl joining online chat rooms. These real-world issues have recently generated a new research area called Humanfl Interactive Proofs (HIP), whose goal is to defend services from malicious attacks by differentiating bots fromfl human users. In this paper, we make two major contributions to HIP. First, based on both theoretical andfl practical considerations, we propose a set of HIP design guidelines which ensure a HIP system to be secure andfl usable. Second, we propose a new HIP algorithm based on detecting human face and facial features. Humanfl faces are the most familiar object to humans, rendering it possibly the best candidate for HIP. We conducted userfl studies and showed the ease of use of our system to human users. We designed attacks using the best existingfl face detectors and demonstrated the difficulty to bots.
|Published in||ACM Multimedia Systems Journal (Springer). Vol 9, No. 6, pp. 493 - 502|