Open Source database MySQL is setup for use as the backend server of our project.
MySQL database can be downloaded from the internet via the following link:
http://dev.mysql.com/downloads/mysql/5.0.html
Sunday, December 30, 2007
Saturday, December 29, 2007
Design Ideas: Using 4-D Fonts 2
We can colour the outline of the 4-dimensional font and using different font sizes in conjuction with different angles view to make the text more lively as well as creating confusion for the OCR scanner.
Design Ideas: Using 4-D Fonts 1
By using 4-dimensional fonts with different angles view downloadable from the internet for the captcha text to further prevent the OCR scanner to be able to scan the text.
Friday, December 28, 2007
Development: Configuring Apache Tomcat and Setting the Classpath
Apache Tomcat web server is configured to run servlets for the aid of development. Classpath for java development toolkit, java 3d add on, jsp api and servlet api is setted to provide ease of developing and compiling of java source codes.
Configuration of Apache Tomcat and setting of classpath is based on tutorials from the internet, the tutorials can be accessed via the following link:
http://www.coreservlets.com/Apache-Tomcat-Tutorial/
Configuration of Apache Tomcat and setting of classpath is based on tutorials from the internet, the tutorials can be accessed via the following link:
http://www.coreservlets.com/Apache-Tomcat-Tutorial/
Development: Java Development ToolKit
Java 2 Standard Development ToolKit (J2SE) and Java 3D (J3D) add on is downloaded from the internet for the development of the captcha challenge.
The development toolkit can be downloaded via the following links:
J2SE: http://java.sun.com/javase/downloads/index.jsp
J3D: https://java3d.dev.java.net/binary-builds.html
The development toolkit can be downloaded via the following links:
J2SE: http://java.sun.com/javase/downloads/index.jsp
J3D: https://java3d.dev.java.net/binary-builds.html
Development: Apache Tomcat Web Server
Apache Tomcat Web Server is setup in Windows XP environment to aid in the development of the project in JSP and Java Servlets.
Apache Tomcat Web Server can be downloaded from the internet via the link below:
http://tomcat.apache.org/
Apache Tomcat Web Server can be downloaded from the internet via the link below:
http://tomcat.apache.org/
Thursday, December 27, 2007
Meeting: 26 Dec 2007 (w/ supervisor)
Agenda: Proposal Review, Requirements for Final Report, Meeting Minutes, First Presentation and System Design/Implementation
The following were discussed:
- Review on proposal
Supervisor has reviewed our proposal v1.0 and highlight to us some of the points
- missing page numbers
- literature review need to be shifted to appendix - First presentation
Check with Supervisor about the first presentation requirements.
- everyone must know the architecture structure
- everyone must know each others parts (understand)
- simple demo on product prototype (if possible)
- power point slide for presantation
- 10 to 15 minutes duration
- key features of the products
- what it so special compare to the market products - Calculate brute force timing during Implementation
- to check our characters length long enough to counter brute force attack
- the amount of resources required (whether reasonable or not)
- Captcha challenge charectors length is set to 6 charectors
- 36 x 36 x 36 x 36 x 36 x 36 = 2,176,782,336 possible formation - Secure web data transfered and communications
- Secure Sockets Layer (SSL) was propsed as the cryptographic protocols that provide secure communications on the Internet for web browsing and data transfers
- Certificate can be generated by us without officially registering - Random generator for CAPTCHA Design
Some knowledge shared by Supervisor on the random generator algorithm.
- Time can be used as the seed value for random generator.
- Usually for the random generator, there is a seed input.
- For instant, if seed value is "1234", random generator will always produce the same sequence of random output that is generated base on the seed value after re-start application and the same sequence will appear.
- To avoid this, time can be used as the seed value as time is changed every seconds.
- Hence it will be difficult for the attacker to guess the next output based on the current output. - Limitation by WAP browser issue.
WAP browser only provides basic services and does not support rich content web application. It limits captcha design ideal as it only support still image format. WAP standard is also seldom used by the market in current days.
Conclusion:Supervisor will check with Adrian Choo to confirm the project requirement on WAP application.
- SEAH CHOON YEE, SEBASTIAN
- CHEE SUEN SIANG, ALAN
- CHIA U-MENG, ADRIAN
Design Ideas: Creating Obstruction 2
Suggested creating some obstruction and positioning of the text like the above image to prevent OCR to able to scan the text and to enhance creativity.
Design Ideas: Creating Obstruction 1
Also suggest include "extra" objects "candles" among the text like the above image (Look at the Happy Birthday) to cause some confusion to the OCR.
Wednesday, December 26, 2007
Design Ideas: Spacing
Decreasing the spacing in between each characters to enhance protection from OCR scanning.
Design Ideas: Using WiredFramed Fonts Downloadable From The Internet 3
Suggested colouring the back body of the font extrusion to have a clearer visibility of the text.
Design Ideas: Using WiredFramed Fonts Downloadable From The Internet 2
We suggested adjusting the angles of rotation of the X, Y and Z axis to position the characters to prevent ocr to be able to scan the characters.
Design Ideas: Using WiredFramed Fonts Downloadable From The Internet 1
An new ideal :Using wireframed fonts downloaded from the internet to create the captcha text.
Monday, December 24, 2007
Research: Request captcha w/o reload.
Microsoft also have the audio feature at their windows live website.
Also they have this refresh feature, allowing you to request for a new captcha keyword if let's say the current one is too "chim" to identify or you simply dun like it. The captcha refreshed to a new one without have the whole page to reload. Cool... we must look into how this is implemented.
Technical: System Overview Diagram from Proposal
Normal user sending web request to the server
Automated system sending huge ammount requests to attack server
Captcha implementation to protect the server from DoS attack
Technical: Proposed Captcha Design
To prevent the OCR software from recognizing the CAPTCHA characters, we design a challenge which is possible to obfuscate the characteristic, shape and alphabet or number outline, but it is still able to be identified under human eye vision. By having the characters presented in 3-Dementional format as shown in the Figure 4 and Figure 5, dimension outline together with shading and shadow will confuse the OCR software hence it can reduce the recognition rate. Extruded alphanumeric characters can be identified by normal users as the 3D still display the letters or numbers in visible form.
Few text fonts and text size will be designed to allow Captcha to choose randomly each time it creates a new challenge. Angle and dimension of how the text is being display will be changed for every Captcha produced as well. This could avoid the OCR from having a standard input scanning pattern to identify the characters.
Random selection functions for color is also included in this design to prevent OCR from fixing a standard scanning algorithm. In addition, the distance between each characters will be minimized to avoid the OCR from identified the boundaries of each characters.
Few text fonts and text size will be designed to allow Captcha to choose randomly each time it creates a new challenge. Angle and dimension of how the text is being display will be changed for every Captcha produced as well. This could avoid the OCR from having a standard input scanning pattern to identify the characters.
Random selection functions for color is also included in this design to prevent OCR from fixing a standard scanning algorithm. In addition, the distance between each characters will be minimized to avoid the OCR from identified the boundaries of each characters.
Friday, December 21, 2007
Design Ideas: Illusions Pictures
I was playing with one of the igoogle appz and found this. It plays with the human mind, so i dictate only humans can read. Machines can't. However this may be quite difficult for people with poor eyesight. I will try to find a easier one.
Thursday, December 20, 2007
Technical: Project Time Line
The project time line is defined using gantt chart and done using Microsoft Office Project 2007.
Wednesday, December 19, 2007
Meeting: 18 Dec 2007 (Group)
Agenda : System Implementation and Technologies Used - Technologies Used
Team members proposed the following technologies used to develop the application:
1. ASP.NET framework: The system will be developed in ASP.NET framework. MS Mobile Internet Toolkit will be use for WAP browsers development. MS Graphical Device Interface(GDI+) will be use for graphics creation. System will be integrated on MS IIS Server.
2. Java framework: The system will be developed in JAVA framework. Java Server Page(JSP)/Servlets and J2ME will be used at the client's end to create the normal computer web page and mobile device application. JAVA3D is used for the captcha image. Java Servlet will be implemented at the server's end for writing the image to client, validate inputs from user and forward request to results page. - Captcha design
Some new captcha design suggestion by team members:
1. Animated 3D text rotation
Rotating text to prevent the OCR from having the fix scanning algorithm
2. Still image illusion words
The background image will blend in well with the text in order to confuse the OCR. This technique takes advantage of how the human mind thinks.
2. 3D Wireframe Captcha represented in a 2D-still image.
The characters presented in 3-Dimension format. The dimension outline will be shown in 3D wireframe design.
- Problems highlighted
WAP is just a simple UI mobile communication technology. Hence it does not support rich text document if we want to implement animated Captcha design. - Solution - Consider to design 2 seperate Captcha design. Animated design will be used for the normal web browser. Still-image design will be used for WAP application.
- Database
- MySQL is confirmed to be used as the data storage management technology. It is the most popular open source database and widely used in the market. - Testing WAP Emulator
We do some testing with online WAP emulator from http://mtld.mobi/emulator.php
We found out that WAP only support image with extension .PNG and .JPEG .
Attendence:
SEAH CHOON YEE, SEBASTIAN
CHEE SUEN SIANG, ALAN
CHIA U-MENG, ADRIAN
OW WAI LEONG, LEXIS
Tuesday, December 18, 2007
Research: Voice Captcha
Captcha for the disabled found from the internet. For people who have difficulties looking at the characters, google has a additional feature of presenting the captcha as a sound. You listen and type as it goes.
Sunday, December 16, 2007
Research: Alternative to Text Captcha
Creative and cute Captcha found from the internet: They should have a large database of woman pictures, pretty and ugly ones. Their idea is to choose 3 women who are "HOT" out of the 9.
Research: Creative Captcha
Some creative Captcha found from the internet: Instead of asking you to type what you see, now .. they give you a pool of words, some repeated ones as well and you are asked to type in 3 different words you observed. A typical OCR scan will type in everything they can scan. As you see, those are actually dictionary words. It is also possible to re-customize an OCR to do auto correction of spelling and fill in 3 words it can find.
Meeting: 13 Dec 2007 (Group)
Our 2nd face to face meeting after CSCI 322 exam at nearby Beauty World McD.
The following is the discussion points :
Captcha design research.
Some research has done by team on current market captcha design. OCR tools has been applied to scan these captcha technologies. The following are some of the results.
Captcha design.
Some captcha design suggested by team members :
1. Animation
Create a GIF picture to content some moving objects to prevent OCR from scanning the correct captcha answer.
2. Flash animation
Create a animated Adobe Flash content that interact with end users in order to review the correct captcha answer to visitors.
3. Text base
Generate some text base Captcha challenge which the text font will blend well with background pattern as “camofloage” effect.
4. 3D Text
Output a 3D text Captcha which hide the outline by using lighting and shading.
5. Identify object in the pictures
Needed end users to identify some object in the pictures. For instant, find the dog pictures among cat pictures.
Captcha design key factors.
Some important points during designing the captcha were discuss:
-Random text generator algorithm.
-Font type.
-Font size.
-Color.
-Spacing between characters.
System implementation research.
The following diagram show the initial idea of the system design.
Attendance :
- SEAH CHOON YEE, SEBASTIAN
- CHEE SUEN SIANG, ALAN
- CHIA U-MENG, ADRIAN
- OW WAI LEONG, LEXIS
Saturday, December 15, 2007
Updates: FTP File Server Setup
Epic4Security FTP Server was setup using Alan's home computer. All related documents and source codes for the project development will be stored here as for sharing among groups member as well as backup for documents and source codes.
ftp://epic4security.myftp.org/
Friday, December 14, 2007
Design Ideas: Creating Confusion
Some cool ideal: Adding small words into the big characters to create confusion for the OCR scanner to mislead the OCR scanner into scanning the wrong text.
