Various technical measures and practices exist for excluding or hindering automated-agents from accessing website content by implementing techniques such as blocking an Internet protocol (IP) addresses, disabling web services, blocking automated-agents based on excessive traffic monitoring, attempting to learn automated-agent behavior, implementing reverse Turing test, using Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) or other human interaction proofs. Conventional techniques, however, are often prone to misapplication, such as by inhibiting legitimate access, thereby causing a poor user experience. A CAPTCHA is a computer program that generally protects a website against automated-agents or bots by generating and grading tests that human-users are generally able to solve but current computer programs cannot.
Programmers that are willing to expend enough resources, however, can compromise even these more sophisticated CAPTCHAs, such as the ones that use photographs. Modern tests remain susceptible to compromise because, among other problems, the tests suffer from limited vocabularies, i.e., the images that are available for the tests originate from finite image and/or relatively small libraries. For example, if there are 10,000 images for a particular test, a programmer wanting to solve that test merely needs to solve the 10,000 images with humans and record the results. The programmer could then generate short-hand numerical representations for each image in the test, such as a hash key, that could be used by a computer program to automate the process of solving the test. The computer program may, for example, compare the numerical representations against images appearing in the test in order to properly identify the images. Consequently, even modern CAPTCHAs that use images are susceptible to being compromised through automated attacks.