Automating the Bypass of Image-based CAPTCHA and Assessing Security

Abstract

CAPTCHA also known as Completely Automated Public Turing test to tell Computers and Humans Apart is implemented on many websites all round the world to control and limit the entry of bot users in order to tackle issues of unnecessarily generated network traffic resulting in Denial of Service (DoS). A lot of work has been done in breaking text-based CAPTCHA but there is very little research on bypassing an image CAPTCHA. The conventional method used for recognizing image CAPTCHA has been proven to give inefficient results and hence through our paper we have assessed the security of the image-based CAPTCHA by using more efficient techniques and identified the vulnerabilities in it. With the rise of Deep Learning and Computer Vision, we can now bypass image-based CAPTCHAs easily. There have been models developed to test the robustness of text-based CAPTCHA with satisfactory results but not much has been dwelled upon the image section. In this paper, we have built a Convolutional Neural Network (CNN) model to bypass the reCaptcha v2 and this is automated with the help of Selenium. The Selenium tool is used to extract the images and pass them to the Deep Learning model. The output generated from the model is used to crack the image CAPTCHA and eventually bypass it. The accuracy of the proposed multi-class CNN model came out to be 92.98 % and hence we were able to bypass the reCaptcha v2. This paper also suggests methods to enhance the security of reCaptcha v2.