nach oben

Erschienen in:

2015 | OriginalPaper | Buchkapitel

On the Viability of CAPTCHAs for use in Telephony Systems: A Usability Field Study

verfasst von : Niharika Sachdeva, Nitesh Saxena, Ponnurangam Kumaraguru

Erschienen in: Information Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Telephony systems are imperative for information exchange offering low cost services and reachability to millions of customers. They have not only benefited legitimate users but have also opened up a convenient communication medium for spammers. Voice spam is often encountered on telephony systems in various forms, such as by means of an automated telemarketing call asking to call a number to win a reward. A large percentage of voice spam is generated through automated system which introduces the classical challenge of distinguishing machines from humans on telephony systems. CAPTCHA is a conventional solution deployed on the web to address this problem. Audio-based CAPTCHAs have been proposed as a solution to curb voice spam. In this paper, we conducted a field study with 90 participants in order to answer two primary research questions: quantifying the amount of inconvenience telephony-based CAPTCHA may cause to users, and how various features of the CAPTCHA, such as duration and size, influence usability of telephony-based CAPTCHA. Our results suggest that currently proposed CAPTCHAs are far from usable, with very low solving accuracies, high solving times and poor overall user experience. We provide certain guidelines that may help improve existing CAPTCHAs for use in telephony systems.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Practical and Provably Secure Distance-Bounding

Nächstes Kapitel Cars, Condoms, and Facebook

Softphone is an application that allows a desktop, laptop or workstation computer to work as a telephone via Voice over IP technology e.g. Skype.

https://login.yahoo.com/config/login?.

http://slashdot.org/.

FreeSWITCH is one of the open source telephony platforms which has enabled easy access to telephony often required by various businesses. http://www.freeswitch.org//.

https://slashdot.org/my/newuser.

Given that SUS is 68 for average usable system.http://www.measuringusability.com/sus.php.

Are you human Captcha. Secure from All Angles, http://areyouahuman.com/security/.

The Dark Side of Voice. http://content.yudu.com/A1qlhz/CommsDealerJan11/resources/38.htm

FTC Robocalls Challenge (2012). http://robocall.challenge.gov/submissions/

Andreas, N.K., Schmidt, U., Khayari, R.E.: Spam over internet telephony and how to deal with it. arXiv preprint arXiv:0806.1610 (2008)

Baird, H., Bentley, J., Lopresti, D., Wang, S.-Y.: Methods and Apparatus for Defending Against Telephone-Based Robotic Attacks Using Contextual-Based Degradation. United States Patent (2011)

Baird, H., Bentley, J., Lopresti, D., Wang, S.-Y.: Methods and Apparatus for Defending against Telephone-Based Robotic Attacks using Random Rersonal Codes. United States Patent (2011)

Balasubramaniyan, V.A., Poonawalla, A., Ahamad, M., Hunter, M.T., Traynor, P.: PinDr0p: using single-ended audio features to determine call provenance. In: Proceedings of the 17th ACM Conference on Computer and Communications Security. ACM (2010)

Bigham, J.P., Cavender, A.C.: Evaluating existing audio CAPTCHAs and an interface optimized for non-visual use. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM (2009)

Bonneau, D.G., Blanchard, H.E.: Human Factors and Voice Interactive Systems. Signals and Communication Technology. Springer, New York (2008)

Bradley, J.: Complete counterbalancing of immediate sequential effects in a latin square design. J. Am. Stat. Assoc. 53(282), 525–528 (1958)MATHCrossRef

10.

Bursztein, E., Bethard, S., Fabry, C., J. Mitchell, C., Jurafsky, D.: How good are humans at solving CAPTCHAs? a large scale evaluation. In: IEEE Symposium on Security and Privacy (SP) (2010)

11.

Canadian election robocall scan. http://news.nationalpost.com/2012/03/05/robocalls-scandal-likely-the-fault-of-elections-canada-tory-mp/

12.

Cooper, G.: Research into cognitive load theory and instructional design at UNSW. http://webmedia.unmc.edu/leis/birk/CooperCogLoad.pdf (1998)

13.

Cranor, L.F.: A framework for reasoning about the human in the loop. In: Usability, Psychology, and Security (2008)

14.

Datta, R., Li, J., Wang, J.Z.: Imagination: a robust image-based captcha generation system. In: MULTIMEDIA 2005, pp. 331–334 (2005)

15.

Federal Trade Commission. Robocalls: All the rage, an FTC summit. http://www.ftc.gov/bcp/workshops/robocalls/docs/RobocallSummitTranscrip t.pdf (2012)

16.

Sauer, G., Hochheiser, H., Feng, J., Lazar, J.: Towards a universally usable CAPTCHA. In: Symposium On Usable Privacy and Security (2008)

17.

Gross, J.N.: Captcha Using Challenges Optimized for distinguishing between humans and machines. U.S. Patent Application (2009)

18.

Hoffstadt, D., Sorge, C., Rebahi, Y.: Spam over internet telephony. http://www.tu-chemnitz.de/etit/kn/Zukunft_der_Netze/presentation_hoffstadt.pdf

19.

International Telecommunication Union. Measuring the information Society. http://www.itu.int/ITU-D/ict/publications/idi/material/2012/MIS2012_wi thout_Annex_4.pdf

20.

Elson, J., Douceur, J., Howell, J., Saul, J.: Asirra: a CAPTCHA that exploits interest-aligned manual image categorization. In: ACM Conference on Computer and Communications Security (2007)

21.

Yan, J., Ahmad, A.: Usability of CAPTCHAs or usability issues in CAPTCHA design. In: Symposium on Usable Privacy and Security (2008)

22.

Jakobsson, M., Akavipat, R.: Rethinking passwords to adapt to constrained keyboards. In: MoST (2012)

23.

Jakobsson, M., Ramzan, Z.: Crimeware: Understanding New Attacks and Defenses. Symantec Press, Cupertino (2008)

24.

Johansen, A.J.: Improvement of spit prevention technique based on turing test. Master’s thesis. Mahanakorn University of Technology (2010)

25.

Kluever, K., Zanibbi, R.: Balancing usability and security in a video CAPTCHA. In: Symposium On Usable Privacy and Security, pp. 1–11 (2009)

26.

Lazar et al. POSTER: Assessing the Usability of the new Radio Clip Based Human Interaction Proofs. Symposium On Usable Privacy and Security (2010)

27.

Martin, S.: Hold the Phone-Will TDoS Be Your Next Big Threat? http://bankinnovation.net/2013/07/hold-the-phone-will-tdos-be-your-next-big-threat/, July 2013

28.

Polakis, I., Kontaxis, G., Ioannidis, S.: CAPTCHuring automated (smart) phone attacks. In: SysSec Workshop (SysSec), 2011 First. IEEE (2011)

29.

Quittek, J., Niccolini, S., Tartarelli, S., Stiemerling, M., Brunner, M., Ewald, T.: Detecting spit calls by checking human communication patterns. In: IEEE International Conference on Communications, ICC 2007. IEEE (2007)

30.

Chow, R., Golle, P., Jakobsson, M., Wang, L., Wang, X.: Making CAPTCHAs clickable. In: HotMobile (2008)

31.

Ross, S., Halderman, J., Finkelstein, A.: Sketcha: a CAPTCHA based on line drawings of 3D models. In: Conference on World Wide Web (WWW) (2010)

32.

Soupionis, Y., Gritzalis, D.: Audio CAPTCHA: existing solutions assessment and a new implementation for VoIP telephony. Comput. Secur. 29, 603–618 (2010)CrossRef

33.

Soupionis, Y., Tountas, G., Gritzalis, D.: Audio CAPTCHA for SIP-based VoIP. In: Gritzalis, D., Lopez, J. (eds.) SEC 2009. IFIP AICT, vol. 297, pp. 25–38. Springer, Heidelberg (2009) CrossRef

34.

The Federal Bureau of Investigation. The Latest Phone Scam Targets Your Bank Account. http://www.fbi.gov/news/stories/2010/june/phone-scam, June 2010

35.

Tsiakis, T., Katsaros, P., Gritzalis, D.: Economic evaluation of interactive audio media for securing internet services. In: ICGS3/e-Democracy, pp. 46–53 (2011)

36.

von Ahn, L., Blum, M., Langford, J.: Telling Humans and Computers Apart (Automatically) or How Lazy Cryptographers Do AI. Computer Science Department 149 (2002)

37.

Zhang, H., Wen, X., He, P., Zheng, W.: Dealing with telephone fraud using captcha. In: ICIS (2009)

Titel: On the Viability of CAPTCHAs for use in Telephony Systems: A Usability Field Study
verfasst von: Niharika Sachdeva
Nitesh Saxena
Ponnurangam Kumaraguru
Verlag: Springer International Publishing
Buch: Information Security
Print ISBN: 978-3-319-27658-8

Electronic ISBN: 978-3-319-27659-5

Copyright-Jahr: 2015
DOI: https://doi.org/10.1007/978-3-319-27659-5_19

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner