Title: 以Poker為圖像驗證碼之設計研究
The innovative design of "Poker image-based schemes CAPTCHA''
Authors: 莊凱婷
Chuang, Kai-Ting
Chuang, Ming-Cheng
Keywords: 驗證碼;撲克牌;安全性;使用性;國際性;大眾化;captcha;poker;security;usability;internationalization;popularization
Issue Date: 2012
Abstract: 本研究結合網頁驗證碼概念與撲克牌的國際大眾化使用特性,設計一套具雙層驗證功能的「Poker圖像驗證碼」,供網站使用者提交個資之安全驗證使用。 本「Poker圖像驗證碼」充分運用了撲克牌具有數字、英文字母、色彩及圖樣等多種特性。不但無地域性限制且資料庫成本低。本研究為驗證此「Poker圖像驗證碼」設計的使用性,以國際大眾化的52張傳統圖樣撲克牌做為圖片資料庫,發展了一套實驗網頁,供不同族群上網實驗。實驗第一層驗證設計:先由程式隨機從52張牌抽出5張撲克牌,並請使用者依序填寫此5張牌所顯示之數字(例如2、3、…10)或英文字母(例如J、Q、K、A),接續進入第二層驗證設計,再請使用者在此五張牌中,辨識spades、hearts、diamonds及clubs各有幾張。若使用者填寫的雙層驗證答案均正確,則通過驗證。 實驗結果,正確通過雙層驗證之人數有202人,正確率為84.88%,平均驗證操作時間33.9秒。 從實驗數據中發現,不同性別與教育程度在操作(受測)時間上並無顯著差異,然而不同年齡及職業別則有顯著差異。 在「Poker圖像驗證碼」雙層驗證中,兩層驗證全被猜中而遭受侵襲機率為6.11×10-8,與現有網站常用之四個文、數字驗證碼被惡意自動化程式侵襲成功機率6.77×10-8相近。實務上若採用撲克牌面之複雜圖像或多樣花色的創新設計,應不易被OCR破解。為深入了解本研究設計之安全性問題,特邀集自動化光學檢測、資訊工程及網路軟體等專家召開專家座談會,為本研究提供安全性之改善建議。 後續研究可運用撲克牌的多符號特性、牌面圖樣設計之複雜度增加,將之融入於「Poker圖像驗證碼」的設計,使本驗證碼設計在使用性與安全性,能更符合網站業主及使用者之需求。
This study combines both concepts of web page CAPTCHA and poker general using to design a new system which called poker image-based schemes CAPTCHA. It could refer transaction or interaction for website security verification. “Poker image-based schemes CAPTCHA” takes general poker cards as database. In the first layer, it will make a random choosing and five cards will be showed. The user should fill in those numbers in order to continue the second layer. In the second layer, the user should identify how many cards in spades, hearts, diamonds or clubs. Users can get pass when they make right answers in these two layers. “Poker image-based schemes CAPTCHA” is easy to use and has no area-restriction. And, it costs less and has no problem with expanding cards drawing. What’s more, it presents the features of poker cards with numbers, letters, colors, patterns and others. By using complex images, “Poker image-based schemes CAPTCHA” is hard to be cracked by OCR. To verify the workability of “Poker image-based schemes CAPTCHA”, researcher designed an experiment web page. This page could offer different groups to examine it. The correct rate is 84.88%, and an average time is 33.9 seconds for each to operate. The study found there has no significant difference in operating time by different gender, and different education background. However, different age and career could cause the dissimilarity. The following studies may use poker cards’ multiple symbol characteristics to increase the pattern design complexity and connect the “Poker image-based schemes CAPTCHA” design to meet website owners and users’ qualifications.
Appears in Collections:Thesis

Files in This Item:

  1. 251401.pdf

If it is a zip file, please download the file and unzip it, then open index.html in a browser to view the full text content.