Computing systems have made significant contributions toward the advancement of modern society and are utilized in a number of applications to achieve advantageous results. Numerous devices, such as desktop personal computers (PCs), laptop PCs, tablet PCs, netbooks, smart phones, servers, and the like have facilitated increased productivity and reduced costs in communicating and analyzing data in most areas of entertainment, education, business, and science. One common aspect of computing systems is the provisioning of network resources, such websites, web services, cloud services, content and the like, that offer information, and services.
A number of network resources are intended for use by computing devices under direct control of a user and are not intended for access by automated computing devices. When computing devices access resources in response to inputs received from human users through input and/or output interfaces such as keyboard, mouse, brad reader, microphone, display, touch screen display, and/or the like, the accesses are referred to herein after as human user controlled access. In contrast, accesses to network resources and services may be under automated control by a computing device, herein after referred to as automated access.
Automated access by computing device can be problematic. In one scenario, a website subscribes to a web hosting service with limited bandwidth to accommodate an expected number of users. In such a scenario, one or more automated computing devices can access the website at a much higher rate than computing devices acting under direct control of the expected number of users, thereby exceeding the limited bandwidth allotted by the web hosting service. In another scenario, a web service pays for information that it in turn provides to users. The more users that utilize the web service, the more the web service has to pay to obtain the information. In yet another scenario, a website has a distribution rights agreement with a content owner regarding the content the website offers. The agreement covers an expected number of users. In such scenarios, when an automated computing device such as a web-bot, computer program, script or the like, automatically accesses the websites or web services, the usage may exceed the network bandwidth, the content rights and/or the like, disrupting access by other users, increasing costs to the web service provider, and/or the like. Therefore, it is important for network resources and services to determine if access thereto is by computing device acting under direct control by a user or is under automated control.
A common technique to detect access by a human user is to utilize a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA or captcha). A typical captcha technique includes an image, often a distorted image of a series of alpha numeric characters, readily recognizable by human users, but difficult to be recognized by a computing device acting in an automated state. A correct response to a captcha is therefore an indication that the access is under direction by a human user. However, as computing technologies advance, there are better and better computing software, such as Optical Character Recognition (OCR), pattern recognition, artificial intelligence or the like, that are more and more capable in recognizing captchas. A correct response to a conventional captcha may no longer be a good benchmark to tell computers and humans apart. One way to solve the problem is to use more complex captchas. However, more complex captchas may not be readily recognizable by many human users, and are thus not useful. Accordingly, there is a continued need for improved techniques for distinguishing between computing devices operating under control of human users and automated access by computing devices.