With the popularity of the Internet, various Internet services, such as electronic commerce services, free electronic mail services and free resource download services, etc., have become a part of people's daily lives. Nevertheless, resources for these human-oriented services are often abusively occupied by malicious computer programs to produce an enormous amount of network junk, affecting the network experience of legitimate users and threatening the security of the network services.
CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a system that employs a security measure of identity authentication using a challenge-response approach for realizing identification between a human and a machine, i.e., identifying whether a request for an Internet service is sent by an operation of a user (referred to as a human) or by a malicious program in a computer (referred to as a machine). An operating mechanism of CAPTCHA is as follows: a dedicated server is responsible for generating and evaluating a CAPTCHA test; when a user uses a certain Internet service that needs authentication, the server provides a test to the user; the user submits a result of the test to the server upon completion; and the server evaluates the result of the test and determines whether the user passes the test.
Currently, the techniques primarily adopted by CAPTCHA technology include a text CAPTCHA technique, an image CAPTCHA technique and an audio CAPTCHA technique. These three CAPTCHA techniques possess different characteristics due to different aspects of AI fields.
A text CAPTCHA distinguishes between a human and a machine through a difference between humans and machines in character recognition using an authentication code technology (e.g., distorting a text or character to distinguish between a human and a machine), thus preventing malicious registrations and logins by computer programs to a certain extent. However, with the development of character segmentation and Optical Character Recognition (OCR) technologies, a majority of text CAPTCHAs have been cracked, and simple character recognition tests can no longer resist computer programs. Furthermore, a distorted text is also difficult for humans to recognize, leading to the poor experience of users.
An image CAPTCHA, which distinguishes differences between humans and machines in aspects such as image classification, target identification and common understanding, is generally independent of any specific language and without the need of a textual input from a user, thus being more difficult to be cracked. However, image CAPTCHAs need support of large databases and cannot be massively generated. In addition, the image CAPTCHAs are prone to attacks from machine learning algorithms.
An audio CAPTCHA, which distinguishes differences between humans and machines in voice recognition, plays one or more randomly selected numbers, alphabets and single words that are read by a person in random intervals, and adds a background noise to resist ASR attacks. However, the audio CAPTCHA is also prone to attacks from machine learning algorithms.