An algorithm for machine learning has appeared, which bypasses the text captcha easier, faster and more precisely than previous methods: it recognizes it in 0.05 seconds using a desktop PC. The algorithm was developed by scientists from the UK and China, using the GAN - generative-adversial network.
Conventional machine learning algorithms require millions of samples of initial data for learning. Bots that capture captcha images are easy to recognize and block. The learning process itself is demanding of resources.
For the new algorithm, this amount of data is not required, which means that the attacker does not need to collect it. The neural network is undemanding to computing resources and easy to train - this reduces the cost of preparing an attack.
The researchers said that their method with 100% accuracy recognized captcha on sites such as Megaupload, Blizzard and Authorize.NET. On Amazon, PayPal, Yahoo and other resources, accuracy was less, but also high.
Researchers recommend web site owners to use alternative methods of detecting bots. For example, analyze user behavior patterns and device locations or use biometric data.
Scientists from the English Lancaster and Chinese Northwestern and Beijing universities used the Generative Adversarial Network (GAN). This class of AI algorithms is effective in scenarios where there is not a large amount of training data.
GAN is based on two competing neural networks. One generative generates samples by mixing several source ones, and the other discriminative generates attempts to decipher them. Both networks seek to win each other. In the process of joint competitive training, they significantly improve the quality of their work without the need to use a large amount of initial data.
Researchers collected a total of 500 samples from 11 captcha services used on 32 sites from the top 50 in the Alexa ranking. The developers spent only 2 hours on the collection. In the process of learning, more than 200,000 captchas were “synthesized”.