# blessing in disguise: Designing Robust Turing Test by Employing   Algorithm Unrobustness

**Authors:** Jiaming Zhang, Jitao Sang, Kaiyuan Xu, Shangxi Wu, Yongli Hu, Yanfeng, Sun, Jian Yu

arXiv: 1904.09804 · 2019-04-23

## TL;DR

This paper proposes a novel CAPTCHA design leveraging the different vulnerabilities of humans and algorithms to adversarial perturbations, enhancing robustness by exploiting algorithm limitations.

## Contribution

It introduces a method using adversarial perturbations and three modules to create CAPTCHA questions that are easy for humans but difficult for algorithms.

## Key findings

- Adversarial perturbations significantly hinder algorithms but not humans.
- The proposed modules improve CAPTCHA robustness against attacks.
- Experimental results validate the effectiveness of the approach.

## Abstract

Turing test was originally proposed to examine whether machine's behavior is indistinguishable from a human. The most popular and practical Turing test is CAPTCHA, which is to discriminate algorithm from human by offering recognition-alike questions. The recent development of deep learning has significantly advanced the capability of algorithm in solving CAPTCHA questions, forcing CAPTCHA designers to increase question complexity. Instead of designing questions difficult for both algorithm and human, this study attempts to employ the limitations of algorithm to design robust CAPTCHA questions easily solvable to human. Specifically, our data analysis observes that human and algorithm demonstrates different vulnerability to visual distortions: adversarial perturbation is significantly annoying to algorithm yet friendly to human. We are motivated to employ adversarially perturbed images for robust CAPTCHA design in the context of character-based questions. Three modules of multi-target attack, ensemble adversarial training, and image preprocessing differentiable approximation are proposed to address the characteristics of character-based CAPTCHA cracking. Qualitative and quantitative experimental results demonstrate the effectiveness of the proposed solution. We hope this study can lead to the discussions around adversarial attack/defense in CAPTCHA design and also inspire the future attempts in employing algorithm limitation for practical usage.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1904.09804/full.md

## Figures

19 figures with captions in the complete paper: https://tomesphere.com/paper/1904.09804/full.md

## References

26 references — full list in the complete paper: https://tomesphere.com/paper/1904.09804/full.md

---
Source: https://tomesphere.com/paper/1904.09804