Chris Pollett > Students > Pundi Muralidharan

    Print View


    [CS 280 Proposal]

    [CS 280 Blog]


CS280 Proposal

Experiments with Language-based CAPTCHA Systems

Advisor : Dr. Chris Pollett


Yioop is an open source PHP-based search engine developed by Dr. Chris Pollett. It can be used either as a general-purpose search engine or it can be configured to crawl through to a specific URL or a domain. Yioop uses SQLite for storing data.

There are two places where CAPTCHAs are used in Yioop:
  1. The account registration page where people can sign up for a new account
  2. The 'suggest-a-URL' page where users can type in a URL to be crawled during the next web-crawl

CAPTCHA questions are localizable in Yioop; in the sense, they can be translated into the chosen language. The Yioop CAPTCHA code keeps track of the IP address of the device of the user suggesting urls. Too many, repeated CAPTCHA failures results in the IP address being blocked for progressively longer amounts of time.

This particular proposal aims at modifying the way CAPTCHAs are presented in Yioop. The current CAPTCHA code has a fixed set of hard-coded CAPTCHA questions that are presented to the users at random to do a human check. This code needs to be tweaked in such a way that a varied set of questions are presented to the user which are in turn, localizable. Further, I intend to give a not-too-fancy, but useful user interface for the users to be able to dynamically add/delete the CAPTCHA questions to the database according to their wishes, for their login. Also, I will be implementing a traditional, graphical image-based CAPTCHA system.

Lastly, I will experiment with the new UI and CAPTCHA code on an actual set of users to see their comfortability with it and its ease. The users will also be presented with the traditional CAPTCHA system and I will compare both the systems. I will also be writing a detailed report on my findings. The report is intended to be a manuscript, that would be presentable in either journals or conferences.

I will be meeting with Dr. Pollett each Tuesday at 1.30 P.M. to discuss my progress and findings, as well as any difficulties that I come across.

Key Deliverables:

My deliverables for this project in order are:
  • Code:
    • A new UI presented to the users for being able to add/delete questions to/from the database (thus a varied set of questions will be available, that are localizable).
    • A traditional, image-based CAPTCHA.
  • Experiments and study:
    • Experiment with the newly designed UI on real users and study if the UI is more usable
  • Report:
    • A detailed report on the proposed changes and my findings as a manuscript.


[1] CAPTCHA:Using Hard AI Problems For Security. Luis von Ahn, Manuel Blum, Nicholas J. Hopper and John Langford. Advances in Cryptology  EUROCRYPT 2003.
[2] Text-based CAPTCHA Strengths and Weaknesses. Elie Bursztein, Matthieu Martin, and John C. Mitchell. ACM Computer and Communication security 2011.
[3] Breaking a Visual CAPTCHA. Greg Mori and Jitendra Malik. 2002-12-10.
[4] Quantifying the Security of Preference-based Authentication. Markus Jakobsson et al. 2008-06.