计算机科学 ›› 2022, Vol. 49 ›› Issue (11A): 211100074-5.doi: 10.11896/jsjkx.211100074

• 信息安全 • 上一篇    下一篇

基于差分进化算法的字符对抗验证码生成方法

杨浩, 闫巧   

  1. 深圳大学计算机与软件学院 广东 深圳 518000
  • 出版日期:2022-11-10 发布日期:2022-11-21
  • 通讯作者: 闫巧(yanq@szu.edu.cn)
  • 作者简介:(yanghao20181@email.szu.edu.cn)
  • 基金资助:
    国家自然科学基金(61976142);深圳市基础研究面上项目(JCYJ20210324093609025)

Adversarial Character CAPTCHA Generation Method Based on Differential Evolution Algorithm

YANG Hao, YAN Qiao   

  1. School of Computer Science and Software of Engineering,Shenzhen University,Shenzhen,Guangdong 518000,China
  • Online:2022-11-10 Published:2022-11-21
  • About author:YANG Hao,born in 1995,postgraduate.His main research interests include network security and machine learning.
    YAN Qiao,born in 1972,Ph.D,professor,is a member of China Computer Federation.Her main research interests include network security,software-defined networking and adversarial machine learning.
  • Supported by:
    National Natural Science Foundation of China(61976142) and Shenzhen Basic Research Program(JCYJ20210324093609025).

摘要: 验证码被广泛应用于网站、应用程序的注册登录环节以区分人类用户与计算机程序。然而随着深度学习的发展,许多针对验证码的深度学习识别方法不断被提出,验证码不再能较好地区分人类用户与计算机程序,验证码的安全性面临着极大挑战。对抗样本可以使神经网络的输出结果产生大幅误差,将对抗样本与验证码结合以抵御深度学习识别系统对验证码的攻击是一种行之有效的方法。将图像领域的对抗样本生成方法用于生成对抗验证码来防御深度学习方法是当前的研究热点之一。现有的字符对抗验证码生成方法都是需要知道攻击网络的结构参数信息的白盒方法,然而在实际的验证码应用场景中通常无法知道攻击网络的信息,健壮性的验证码应该在不知道攻击者信息的情况下依然有良好的防御能力。因此提出了一种基于差分进化算法的黑盒字符型对抗验证码生成方法(Adversarial Character CAPTCHA Generation Method Based on Differential Evolution Algorithm,ACoDE),在无需了解攻击网络信息的情况下通过优化经典差分进化算法变异过程中的缩放因子以及种群进化策略来提高算法的求解能力,使对抗样本误导神经网络的能力更强。将该对抗样本生成方法用于字符验证码数据集后目前最先进的基于卷积神经网络的字符型验证码识别系统的识别准确率降低到了30%以下,且对抗验证码的视觉效果比其他白盒方法生成的对抗验证码更好。

关键词: 深度学习, 对抗样本, 差分进化算法, 验证码, 网络安全

Abstract: CAPTCHA is widely used in the registration and login process of websites and applications to distinguish normal users from programs.However,with the advancement of deep learning,many deep learning recognition methods for CAPTCHA have been proposed.CAPTCHA can no longer distinguish human users from computer programs effectively,and its security has been greatly challenged.The adversarial example can make the output result of neural network completely different from its original predicted result.Recent researches find that combining adversarial example with CAPTCHA is an effective method to resist the attack of deep learning recognition system.Researchers use adversarial example generation methods to generate adversarial chara-cter CAPTCHA to defend against deep learning methods.Existing adversarial character CAPTCHA generation methods are white-box methods that require knowledge of the structural parameter information of the attacking network.However,practical CAPTCHA application scenarios usually do not know the information of the attacking network,so robust CAPTCHA should be able to perform well without knowing the attack information.In this paper,a character-based adversarial CAPTCHA generation method(ACoDE) based on differential evolution algorithm is proposed to improve the solving ability of the algorithm by optimizing the scaling factor in the mutation process and the population evolution strategy.Without knowing the information of the attacking network,the adversarial examples generated by the proposed method are more capable of misleading the neural network.The adversarial example generation method is used for the character CAPTCHA dataset,and the success rate of the current state-of-the-art CNN character-based CAPTCHA recognition system reduce to less than 30%.The visual effect of the adversarial CAPTCHA is satisfactory when compare with other white-box methods.

Key words: Deep learning, Adversarial examples, Differential evolution algorithm, CAPTCHA, Network security

中图分类号: 

  • TP391
[1]WANG Z,SHI P.CAPTCHA Recognition Method Based on CNN with Focal Loss[J].Complexity,2021(2):1-10.
[2]GAO H C,WANG W,FAN Y,et al.The Robustness of “Connecting Characters Together” CAPTCHAs[J].Journal of Information Science and Engineering,2014,30(2):347-369.
[3]VON AHN L,MAURER B,MCMILLEN C,et al.Recaptcha:Human-based character recognition via websecurity measures[J].Science,2008,321(5895):1465-1468.
[4]GOODFELLOW I J,SHLENS J,SZEGEDY C.Explaining and harnessing adversarial examples[J].arXiv:1412.6572,2014.
[5]KWON H,YOON H,PARK K W.Robust CAPTCHA Image Generation Enhanced with Adversarial Example Methods[J].IEICE Transactions on Information and Systems,2020,E103-D(4):879-882.
[6]SU J,VARGAS D V,KOUICHI S.One pixel attack for fooling deep neural networks[J].IEEE Transactions on Evolutionary Computation,2019,23(5):828-841.
[7]TANG Z Y,TIAN C X,LI J,et al.A text-based CAPTCHA re-cognition method based on conditional generative adversarial networks[J],Chinese Journal of Computers,2020,43(8):199-204.
[8]CAO Y R,LU L,GONG Y H,et al.A Captcha RecognitionMethod based on Adversarial Network[J].Computer Enginee-ring and Applications,2020,56(8):199-204.
[9]SHU Y,XU Y.End-to-End Captcha Recognition Using DeepCNN-RNN Network[C]//2019 IEEE 3rd Advanced Information Management,Communicates,Electronic and Automation Control Conference(IMCEC).2019:54-58.
[10]SZEGEDY C,ZAREMBA W,SUTSKEVER I,et al.Intriguing properties of neural networks[C]//International Conference on Learning Representations.2014.
[11]MOOSAVI-DEZFOOLI S M,FAWZI A,FAWZI O,et al.Universal adversarial perturbations[C]//2017 IEEE Conference on Computer Vision and Pattern Recognition(CVPR).2017:86-94.
[12]OSADCHY M,HERNAN DE Z-CASTRO J,GIBSON S,et al.No Bot Expects the DeepCAPTCHA! Introducing Immutable AdversarialExamples,With Applications to CAPTCHA Generation[J].IEEE Transactions on Information Forensics and Secu-rity,2017,12(11):2640-2653.
[13]SHEKHAR H,MOH M,MOH T.Exploring Adversaries to Defend Audio CAPTCHA[C]//2019 18th IEEE International Conference On Machine Learning And Applications(ICMLA).2019:1155-1161.
[14]HITAJ D,HITAJ B,JAJODIA S,et al.Capture the Bot:Using Adversarial Examples to Improve CAPTCHA Robustness to Bot Attacks[J].Intelligent Systems,IEEE,2020,36(5):104-112.
[15]DAS S,SUGANTHAN P N.Differential Evolution:A Survey of the State-of-the-Art[J].IEEE Transactions on Evolutionary Computation,2011,15(1):4-31.
[1] 徐涌鑫, 赵俊峰, 王亚沙, 谢冰, 杨恺.
时序知识图谱表示学习
Temporal Knowledge Graph Representation Learning
计算机科学, 2022, 49(9): 162-171. https://doi.org/10.11896/jsjkx.220500204
[2] 饶志双, 贾真, 张凡, 李天瑞.
基于Key-Value关联记忆网络的知识图谱问答方法
Key-Value Relational Memory Networks for Question Answering over Knowledge Graph
计算机科学, 2022, 49(9): 202-207. https://doi.org/10.11896/jsjkx.220300277
[3] 汤凌韬, 王迪, 张鲁飞, 刘盛云.
基于安全多方计算和差分隐私的联邦学习方案
Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy
计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108
[4] 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠.
基于战术关联的网络安全风险评估框架
Network Security Risk Assessment Framework Based on Tactical Correlation
计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171
[5] 王磊, 李晓宇.
基于随机洋葱路由的LBS移动隐私保护方案
LBS Mobile Privacy Protection Scheme Based on Random Onion Routing
计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077
[6] 孙奇, 吉根林, 张杰.
基于非局部注意力生成对抗网络的视频异常事件检测方法
Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection
计算机科学, 2022, 49(8): 172-177. https://doi.org/10.11896/jsjkx.210600061
[7] 王剑, 彭雨琦, 赵宇斐, 杨健.
基于深度学习的社交网络舆情信息抽取方法综述
Survey of Social Network Public Opinion Information Extraction Based on Deep Learning
计算机科学, 2022, 49(8): 279-293. https://doi.org/10.11896/jsjkx.220300099
[8] 郝志荣, 陈龙, 黄嘉成.
面向文本分类的类别区分式通用对抗攻击方法
Class Discriminative Universal Adversarial Attack for Text Classification
计算机科学, 2022, 49(8): 323-329. https://doi.org/10.11896/jsjkx.220200077
[9] 姜梦函, 李邵梅, 郑洪浩, 张建朋.
基于改进位置编码的谣言检测模型
Rumor Detection Model Based on Improved Position Embedding
计算机科学, 2022, 49(8): 330-335. https://doi.org/10.11896/jsjkx.210600046
[10] 胡艳羽, 赵龙, 董祥军.
一种用于癌症分类的两阶段深度特征选择提取算法
Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification
计算机科学, 2022, 49(7): 73-78. https://doi.org/10.11896/jsjkx.210500092
[11] 程成, 降爱莲.
基于多路径特征提取的实时语义分割方法
Real-time Semantic Segmentation Method Based on Multi-path Feature Extraction
计算机科学, 2022, 49(7): 120-126. https://doi.org/10.11896/jsjkx.210500157
[12] 侯钰涛, 阿布都克力木·阿布力孜, 哈里旦木·阿布都克里木.
中文预训练模型研究进展
Advances in Chinese Pre-training Models
计算机科学, 2022, 49(7): 148-163. https://doi.org/10.11896/jsjkx.211200018
[13] 周慧, 施皓晨, 屠要峰, 黄圣君.
基于主动采样的深度鲁棒神经网络学习
Robust Deep Neural Network Learning Based on Active Sampling
计算机科学, 2022, 49(7): 164-169. https://doi.org/10.11896/jsjkx.210600044
[14] 苏丹宁, 曹桂涛, 王燕楠, 王宏, 任赫.
小样本雷达辐射源识别的深度学习方法综述
Survey of Deep Learning for Radar Emitter Identification Based on Small Sample
计算机科学, 2022, 49(7): 226-235. https://doi.org/10.11896/jsjkx.210600138
[15] 赵冬梅, 吴亚星, 张红斌.
基于IPSO-BiLSTM的网络安全态势预测
Network Security Situation Prediction Based on IPSO-BiLSTM
计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!