許多網站和應用程序都依賴CAPTCHA來保護它們免受殭屍程序攻擊。否則用戶和企業將面臨風險。儘管已經提出了幾種不同的CAPTCHA系統，但深度學習算法的發展使攻擊者能夠創建更有效，更準確的攻擊方法。許多研究表明，現有的驗證碼系統不再安全，尤其是基於文本的驗證碼系統。為了解決這個問題，本文提出了一種簡單，安全，有效的環形驗證碼系統。在該系統中，隨機生成了包含圓形和橢圓形重疊的環形驗證碼圖像。希望訪問該系統的用戶需要正確回答圖像中圓圈和橢圓的總數，以證明他/她不是機器人。我們提出的CAPTCHA系統的安全性通過三種攻擊方法來驗證。通過匿名問卷對我們的CAPTCHA系統進行的可用性調查表明，我們的系統是用戶友好的。換句話說，所提出的系統在高安全性的前提下保持了高可用性。此外我們發現並驗證了“無法區分的區域”，以此為基礎提出了一種可靠的方法來進一步提高所提議的CAPTCHA系統的安全級別。結果表明，所提議的環形CAPTCHA系統的安全性得到了顯著提高。在現有的CAPTCHA系統中，我們的CAPTCHA系統在安全性，可用性和易於實施方面都明顯更好。

Many websites and applications rely on CAPTCHA to protect them from bot attacks. Otherwise, users and businesses will be exposed to risks. Although several different CAPTCHA systems have been proposed, the development of deep learning algorithms allows attackers to create more efficient and accurate attack methods. Many studies have shown that existing CAPTCHA systems are no longer safe, especially text-based CAPTCHA. To resolve this issue, a simple, secure, and effective annuli CAPTCHA system is proposed in this thesis, In the proposed system, the annuli CAPTCHA image containing the overlapping of circles and ovals is randomly generated. The user wishing to gain access to the system is required to answer correctly the total number of circles and ovals in the image to prove that he/she is not a bot. The security of our proposed CAPTCHA system is verified by three attack methods. The usability survey of our CAPTCHA system conducted by anonymous questionnaires shows that our system is user friendly. In other words, the proposed system maintains a high level of usability under the premise of high security. In addition, we identify the "indistinguishable region" and propose a reliable method to further improve the level of security for the proposed CAPTCHA system. The result shows the security of the proposed annuli CAPTCHA system has been significantly improved. Compared with the existing CAPTCHA system, our CAPTCHA system is significantly better in terms of security, usability and ease of implementation.

[1] Luis Von Ahn, Manuel Blum, Nicholas J Hopper, and John Langford. Captcha: Using hard ai problems for security. In EUROCRYPT, pages 294{311. Springer, 2003.
[2] Luis Von Ahn, Manuel Blum, and John Langford. Telling humans and computers apart automatically. Commun. ACM, 47(2):56{60, 2004.
[3] Pooja Panwar, Parveen Kumar, Ambalika Sharma, et al. Chgr: Captcha generation using hand gesture recognition. In CICT, pages 1{6. IEEE, 2018.
[4] Andy Schlaikjer. A dual-use speech captcha: Aiding visually impaired web users while providing transcriptions of audio streams. LTI-CMU Technical Report, pages 07{014, 2007.
[5] Manar Mohamed, Song Gao, Niharika Sachdeva, Nitesh Saxena, Chengcui Zhang, Ponnurangam Kumaraguru, and Paul C Van Oorschot. On the security and usability of dynamic cognitive game captchas. COMPUT SECUR, 25(3):205{230, 2017.
[6] Je Yan and Ahmad Salah El Ahmad. A low-cost attack on a microsoft captcha. In
CCS, pages 543{554, 2008.
[7] Haichang Gao, Wei Wang, Jiao Qi, Xuqin Wang, Xiyang Liu, and Je Yan. The robustness of hollow captchas. In CCS, pages 1075{1086, 2013.
[8] Haichang Gao, Mengyun Tang, Yi Liu, Ping Zhang, and Xiyang Liu. Research on
the security of microsoft's two-layer captcha. IEEE T INF FOREN SEC, 12(7):1671{ 1685, 2017.
[9] Yu Hu, Li Chen, and Jun Cheng. A captcha recognition technology based on deep learning. In ICIEA, pages 617{620. IEEE, 2018.
[10] Guixin Ye, Zhanyong Tang, Dingyi Fang, Zhanxing Zhu, Yansong Feng, Pengfei Xu,
Xiaojiang Chen, and Zheng Wang. Yet another text captcha solver: A generative adversarial network based approach. In CCS, pages 332{348, 2018.
[11] Yang Zi, Haichang Gao, Zhouhang Cheng, and Yi Liu. An end-to-end attack on text captchas. IEEE T INF FOREN SEC, 15:753{766, 2019.
[12] Sangeeta Mittal, Prashant Kaushik, Saquib Hashmi, and Kaushtubh Kumar. Robust real time breaking of image captchas using inception v3 model. In IC3, pages 1{5. IEEE, 2018.
[13] Yang Zhang, Haichang Gao, Ge Pei, Shuai Kang, and Xin Zhou. Eect of adversarial examples on the robustness of captcha. In CyberC, pages 1{109. IEEE, 2018.
[14] Moni Naor. Verication of a human in the loop or identication via the turing test. 1996.
[15] Elie Bursztein, Matthieu Martin, and John Mitchell. Text-based captcha strengths and weaknesses. In CCS, pages 125{138. ACM, 2011.
[16] Monica Chew and J Doug Tygar. Image recognition captchas. In ISC, pages 268{279. Springer, 2004.
[17] Google. reCAPTCHA v2 Google Developer. https://developers.google.com/recaptcha/docs/display. Accessed Jan 14, 2020.
[18] Tsz-Yan Chan. Using a test-to-speech synthesizer to generate a reverse turing test. In ICTAI, pages 226{232. IEEE, 2003.
[19] Pernilla Qvarfordt, Eleanor G Rieel, and David M Hilbert. Motion and interaction based captcha, December 3 2013. US Patent 8,601,538.
[20] Firkhan Ali Bin Hamid Ali and Farhana Bt Karim. Development of captcha system based on puzzle. In I4CT, pages 426{428. IEEE, 2014.
[21] Shaoqing Ren, Kaiming He, Ross Girshick, and Jian Sun. Faster r-cnn: Towards real-time object detection with region proposal networks. In NIPS, pages 91{99,
2015.
[22] Jifeng Dai, Yi Li, Kaiming He, and Jian Sun. R-fcn: Object detection via regionbased fully convolutional networks. In NIPS, pages 379{387, 2016.
[23] Zhaowei Cai and Nuno Vasconcelos. Cascade r-cnn: Delving into high quality object detection. In CVPR, pages 6154{6162, 2018.
[24] Joseph Redmon and Ali Farhadi. Yolov3: An incremental improvement. arXiv preprint arXiv:1804.02767, 2018.
[25] Shifeng Zhang, Longyin Wen, Xiao Bian, Zhen Lei, and Stan Z Li. Single-shot renement neural network for object detection. In CVPR, pages 4203{4212, 2018.
[26] Qijie Zhao, Tao Sheng, Yongtao Wang, Zhi Tang, Ying Chen, Ling Cai, and Haibin Ling. M2det: A single-shot object detector based on multi-level feature pyramid network. In AAAI, volume 33, pages 9259{9266, 2019.
[27] Maryam Mehrnezhad, Abbas Ghaemi Bafghi, Ahad Harati, and Ehsan Toreini. Pishi: click the images and i tell if you are a human. INT J INF SECUR, 16(2):133{149, 2017.
[28] Wesam Al-Sudani, Amit Gill, Chen Li, JidongWang, and Fei Liu. Protection through multimedia captchas. In MoMM, pages 63{68, 2010.
[29] Haichang Gao, Dan Yao, Honggang Liu, Xiyang Liu, and Liming Wang. A novel image based captcha using jigsaw puzzle. In CSE, pages 351{356. IEEE, 2010.
[30] Jianwei Yang, Jiasen Lu, Dhruv Batra, and Devi Parikh. A faster pytorch implementation of faster r-cnn. https://github.com/jwyang/faster-rcnn.pytorch, 2017.
[31] Dana H Ballard. Generalizing the hough transform to detect arbitrary shapes. In Readings in computer vision, pages 714{725. Elsevier, 1987.
[32] OpenCV. Hough Circle Transform. https://opencv-pythontutroals.readthedocs.io/en/latest/py_tutorials/py_imgproc/py_houghcircles/py_houghcircles.html. Accessed Jan 14, 2020.
36