LOGIN TO YOUR ACCOUNT

Username
Password
Remember Me
Or use your Academic/Social account:

CREATE AN ACCOUNT

Or use your Academic/Social account:

Congratulations!

You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.

Important!

Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message

CREATE AN ACCOUNT

Name:
Username:
Password:
Verify Password:
E-mail:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:
fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Tasidou, A.; Soupionis, Y.; Efraimidis, P.; Mitrou, L.; Katos, Vasilis (2015)
Languages: English
Types: Article
Subjects:
Purpose\ud – This work aims to argue that it is possible to address discrimination issues that naturally arise in contemporary audio CAPTCHA challenges and potentially enhance the effectiveness of audio CAPTCHA systems by adapting the challenges to the user characteristics.\ud \ud Design/methodology/approach\ud – A prototype has been designed, called PrivCAPTCHA, to offer privacy-preserving, user-centric CAPTCHA challenges. Anonymous credential proofs are integrated into the Session Initiation Protocol (SIP) protocol and the approach is evaluated in a real-world Voice over Internet Protocol (VoIP) environment.\ud \ud Findings\ud – The results of this work indicate that it is possible to create VoIP CAPTCHA services offering privacy-preserving, user-centric challenges while maintaining sufficient efficiency.\ud \ud Research limitations/implications\ud – The proposed approach was evaluated through an experimental implementation to demonstrate its feasibility. Additional features, such as appropriate user interfaces and efficiency optimisations, would be useful for a commercial product. Security measures to protect the system from attacks against the SIP protocol would be useful to counteract the effects of the introduced overhead. Future research could investigate the use of this approach on non-audio CAPTCHA services.\ud \ud Practical implications\ud – PrivCAPTCHA is expected to achieve fairer, non-discriminating CAPTCHA services while protecting the user’s privacy. Adoption success relies upon the general need for employment of privacy-preserving practices in electronic interactions.\ud \ud Social implications\ud – This approach is expected to enhance the quality of life of users, who will now receive CAPTCHA challenges closer to their characteristics. This applies especially to users with disabilities. Additionally, as a privacy-preserving service, this approach is expected to increase trust during the use of services that use it.\ud \ud Originality/value\ud – To the best of authors’ knowledge, this is the first comprehensive proposal for privacy-preserving CAPTCHA challenge adaptation. The proposed system aims at providing an improved CAPTCHA service that is more appropriate for and trusted by human users.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • Ahn, L. von, Blum, M. and Langford, J. (2004), "Telling humans and computers apart automatically", Communications of the ACM, Volume 47, Number 2, pp. 56-60.
    • Basso, A. and Bergadano, F. (2010), "Anti-bot Strategies Based on Human Interactive Proofs", in Stavroulakis, P. and Stamp, M. (Eds.) Handbook of Information and Communication Security, Springer, Berlin / Heidelberg, pp. 273-291.
    • Bichsel, P. and Camenisch, J. (2010), "Mixing Identities with Ease", in Leeuw, E., FischerHübner, S. and Fritsch, L. (Eds.) Policies and Research in Identity Management, Springer Berlin Heidelberg, pp. 1-17.
    • Bigham, J. P. and Cavender, A. C. (2009), "Evaluating existing audio CAPTCHAs and an interface optimized for non-visual use", in Proceedings of the 27th international conference on Human factors in computing systems, Boston, MA, USA, 2009, pp. 1829-1838.
    • Bursztein, E., Bethard, S., Fabry, C., Mitchell, J. C. and Jurafsky, D. (2010), "How good are humans at solving CAPTCHAs? a large scale evaluation", in Proceedings of the 2010 IEEE Symposium on Security and Privacy, Oakland, California, USA, 2010, pp. 399-413.
    • Camenisch, J., Dubovitskaya, M., Kohlweiss, M., Lapon, J. and Neven, G. (2011), "Cryptographic Mechanisms for Privacy", in Camenisch, J., Fischer-Hübner, S. and Rannenberg, K. (Eds.) Privacy and Identity Management for Life, Springer, Berlin / Heidelberg, pp 117-134.
    • Camenisch, J. and Gross, T. (2008). "Efficient attributes for anonymous credentials", in Proceedings of the 15th ACM conference on Computer and communications security. Alexandria, Virginia, USA: ACM, pp. 345-356.
    • Camenisch, J. and Lysyanskaya, A. (2001), "An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation", in Pfitzmann, B. (Ed.) Advances in Cryptology - EUROCRYPT 2001, Springer Berlin Heidelberg, pp. 93-118.
    • Camenisch, J. and Pfitzmann, B. (2007), "Federated Identity Management", in Petković, M. and Jonker, W. (Eds.) Security, Privacy, and Trust in Modern Data Management, Springer, Berlin / Heidelberg, pp. 213-238.
    • Dantu, R., Fahmy, S., Schulzrinne, H. and Cangussu, J. (2009), "Issues and challenges in securing VoIP", Computers & Security, Vol. 28, No 8, pp. 743-753.
    • Deswarte, Y. and Gambs, S. (2010), "A Proposal for a Privacy-preserving National Identity Card", Transactions on Data Privacy, Vol. 3, No 3, pp. 253-276.
    • Diaz, C. and Preneel, B. (2007), "Accountable Anonymous Communication", in Petković, M. and Jonker, W. (Eds.) Security, Privacy, and Trust in Modern Data Management, Springer, Berlin / Heidelberg, pp. 239-253.
    • Ehlert, S., Geneiatakis, D. and Magedanz, T. (2010), "Survey of network security systems to counter SIP-based denial-of-service attacks", Computers & Security, Vol. 29, No 2, pp. 225-243.
    • El Sawda, S. and Urien, P. (2006), "SIP Security Attacks and Solutions: A state-of-the-art review", in Proceedings of the 2nd International Conference on Information & Communication Technologies: From Theory to Applications, Damascus, Syria, 2006, pp. 3187-3191.
    • Fritsch, L., Fuglerud, K. and Solheim, I. (2010), "Towards inclusive identity management", Identity in the Information Society, Vol. 3, No 3, pp. 515-538.
    • Fuglerud, K., Reinertsen, A., Fritsch, L. and Dale, O. (2009), "Universal design of IT-based solutions for registration and authentication", Tech. report: DART/02/09, Norwegian Computing Center, Oslo, 2009.
    • Geneiatakis, D., Kambourakis, G., Lambrinoudakis, C., Dagiuklas, T. and Gritzalis, S. (2007), "A framework for protecting a SIP-based infrastructure against malformed message attacks", Computer Networks, Vol. 51, No 10, pp. 2580-2593.
    • Keromytis, A. D. (2012), "A Comprehensive Survey of Voice over IP Security Research", Communications Surveys & Tutorials, IEEE, Vol. 14, No 2, pp. 514-537.
    • Lazar, J., Feng, J., Brooks, T., Melamed, G., Wentz, B., Holman, J., Olalere, A. and Ekedebe, N. (2012). "The SoundsRight CAPTCHA: an improved approach to audio human interaction proofs for blind users", in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. Austin, Texas, USA: ACM, pp. 2267-2276.
    • Marias, G. F., Dritsas, S., Theoharidou, M., Mallios, J. and Gritzalis, D. (2007), "SIP Vulnerabilities and Anti-SPIT Mechanisms Assessment", in Proceedings of 16th International Conference on Computer Communications and Networks, Honolulu, Hawaii, USA, 2007, pp. 597-604.
    • May, M. (2005). "Inaccessibility of CAPTCHA. Alternatives to visual Turing tests on the Web". W3C Working Group Note, November 2005, available at: http://www.w3.org/TR/turingtest/.
    • Poller, A., Waldmann, U., Vowe, S. and Turpe, S. (2012), "Electronic Identity Cards for User Authentication; Promise and Practice", IEEE Security & Privacy, Vol. 10, No 1, pp. 46-54.
    • Soupionis, Y. and Gritzalis, D. (2010), "Audio CAPTCHA: Existing solutions assessment and a new implementation for VoIP telephony", Computers & Security, Vol. 29, No 5, pp. 603-618.
    • Soupionis, Y. and Gritzalis, D. (2011), "ASPF: Adaptive anti-SPIT Policy-based Framework", in Availability, Reliability and Security (ARES), 2011 Sixth International Conference on, 2011, pp. 153-160.
    • Tasidou, A. and Efraimidis, P. S. (2012), "Using Personal Portfolios to Manage Customer Data", in Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N. and De Capitani di Vimercati, S. (Eds.) Data Privacy Management and Autonomous Spontaneous Security, Springer, Berlin / Heidelberg, pp. 141-154.
    • Walsh, T. J. and Kuhn, D. R. (2005), "Challenges in securing voice over IP", IEEE Security & Privacy, Vol. 3, No 3, pp. 44-49.
    • Yan, J. and El Ahmad, A. S. (2008). "Usability of CAPTCHAs or usability issues in CAPTCHA design", in Proceedings of the 4th symposium on Usable privacy and security. Pittsburgh, Pennsylvania: ACM, pp. 44-52.
  • No related research data.
  • No similar publications.

Share - Bookmark

Cite this article