Oedipus: LLM-enchanced Reasoning CAPTCHA Solver

TL;DR

This paper introduces Oedipus, a novel framework that leverages a domain-specific language and chain-of-thought reasoning to improve AI's ability to solve complex reasoning CAPTCHAs, revealing new security challenges.

Contribution

The paper presents a new end-to-end reasoning CAPTCHA solver using a DSL and sequential sub-steps, enhancing AI attack capabilities against modern CAPTCHA designs.

Findings

Oedipus achieves 63.5% success rate on complex CAPTCHAs.

LLMs struggle with reasoning CAPTCHAs without specialized frameworks.

Oedipus adapts to new CAPTCHA designs introduced in late 2023.

Abstract

CAPTCHAs have become a ubiquitous tool in safeguarding applications from automated bots. Over time, the arms race between CAPTCHA development and evasion techniques has led to increasingly sophisticated and diverse designs. The latest iteration, reasoning CAPTCHAs, exploits tasks that are intuitively simple for humans but challenging for conventional AI technologies, thereby enhancing security measures. Driven by the evolving AI capabilities, particularly the advancements in Large Language Models (LLMs), we investigate the potential of multimodal LLMs to solve modern reasoning CAPTCHAs. Our empirical analysis reveals that, despite their advanced reasoning capabilities, LLMs struggle to solve these CAPTCHAs effectively. In response, we introduce Oedipus, an innovative end-to-end framework for automated reasoning CAPTCHA solving. Central to this framework is a novel strategy that dissects the complex and human-easy-AI-hard tasks into a sequence of simpler and AI-easy steps. This is achieved through the development of a Domain Specific Language (DSL) for CAPTCHAs that guides LLMs in generating actionable sub-steps for each CAPTCHA challenge. The DSL is customized to ensure that each unit operation is a highly solvable subtask revealed in our previous empirical study. These sub-steps are then tackled sequentially using the Chain-of-Thought (CoT) methodology. Our evaluation shows that Oedipus effectively resolves the studied CAPTCHAs, achieving an average success rate of 63.5\%. Remarkably, it also shows adaptability to the most recent CAPTCHA designs introduced in late 2023, which are not included in our initial study. This prompts a discussion on future strategies for designing reasoning CAPTCHAs that can effectively counter advanced AI solutions.