CAPTCHAs is one of the most important ways to protect internet from attacks. However, with the development of technology, CAPTCHA attacks technology is also developing rapidly. As a result, more and more CAPTCHAs have been attacked in many ways. Therefore, most of the existing CAPTCHAs have been proved to be no longer safe. In order to solve this problem, designers attempt to improve the security by designing extremely complicated CAPTCHAs at the expense of users’ experience. However, in fact, the security of traditional CAPTCHAs is still difficult to break through the bottleneck, but users is increasingly tired of CAPTCHAs.
In this paper, a new sliding CAPCHA based on gesture recognition, SHand, is proposed by applying the object detection technology to the field of CAPTCHA. Two object detection CNN models MobileNet v2-YOLO v3 and Inception v4-YOLO v3 are used in this CAPTCHA to detect and locate the user gestures collected by the webcam in real time. Then users make sliding actions by hand to match the auto-generated points on the interface of the CAPTCHA. After verified by the algorithm, the verification message will be sent to the server.
Experiments indicate that the object detection CNNs proposed in this paper reach 92.59% and 95.05% mAP(mean Average Precision) on the test set respectively. User studies indicate that the average pass rate of SHand is 95.41%, and the average response time is 19.74 s/time. As a result, it is concluded that the SHand CAPTCHA meets the usability and security requirements of the CAPTCHA design, and the problem of traditional CAPTCHAs that which can be easily attacked has been solved to some extent.