The use of computer programs in breaching web site security is common today. CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) and human interaction proofs are the cost-effective solution to these kinds of computer attacks on web sites. These CAPTCHAs are available in many forms, such as those based on text, images and audio. A CAPTCHA must be secure enough that it cannot be broken by a computer program, and it must be usable enough that humans can easily understand it. The most popular is the text-based scheme. Most text-based CAPTCHAs are based on the English language and are not usable by the native people of India. Research has proven that native people are more comfortable with native language–based CAPTCHA. Devanagari-based CAPTCHAs are also available, but the security aspect has not been tested. Unfortunately, English language–based CAPTCHAs are successfully broken. Therefore, it is important to test the security of Devanagari script-based CAPTCHAs. We picked five unique monochrome CAPTCHAs and five unique greyscale CAPTCHAs for testing security. We achieved 88.13% to 97.6% segmentation rates on these schemes and generated six types of features for these segmented characters, such as raw pixels, zoning, projection, Scale-Invariant Feature Transform (SIFT), Speeded-Up Robust Features (SURF) and Oriented Fast and Rotated BRIEF (ORB). For classification, we used three classifiers for comparative analyses. Using k-Nearest Neighbour (k-NN), Support Vector Machine (SVM) and Random Forest, we achieved high recognition on monochrome and greyscale schemes. For monochrome Devanagari CAPTCHAs, the recognition rate of k-NN ranges from 64.78% to 82.39%, SVM ranges from 76.46% to 91.34% and Random Forest ranges from 80.34% to 91.28%. For greyscale Devanagari CAPTCHAs, the recognition rate of k-NN ranges from 67.52% to 85.47%, SVM ranges from 76.9% to 91.71% and Random Forest ranges from 83.07% to 92.13%. We achieved a breaking rate for monochrome schemes of 66% to 85% and for greyscale schemes of 73% to 93%.

中文翻译：

---

对单色和灰度梵文验证码的新攻击

今天，使用计算机程序破坏网站安全的做法很普遍。CAPTCHA（完全自动化的公共图灵测试以区分计算机和人类）和人类交互证明是针对网站上此类计算机攻击的经济高效的解决方案。这些验证码有多种形式，例如基于文本、图像和音频的验证码。验证码必须足够安全，不能被计算机程序破解，并且必须足够可用，以便人类可以轻松理解。最流行的是基于文本的方案。大多数基于文本的验证码都是基于英语的，印度本地人无法使用。研究证明，本地人对基于母语的 CAPTCHA 更满意。基于梵文的验证码也可用，但尚未测试安全方面。不幸的是，基于英语的验证码被成功破解。因此，测试基于梵文脚本的验证码的安全性很重要。我们选择了五个独特的单色验证码和五个独特的灰度验证码来测试安全性。我们在这些方案上实现了 88.13% 到 97.6% 的分割率，并为这些分割字符生成了六种类型的特征，例如原始像素、分区、投影、尺度不变特征变换 (SIFT)、加速鲁棒特征 (SURF) 和定向快速旋转BRIEF (ORB)。对于分类，我们使用三个分类器进行比较分析。使用 k-最近邻 (k-NN)、支持向量机 (SVM) 和随机森林，我们在单色和灰度方案上实现了高度识别。对于单色梵文验证码，k-NN 的识别率在 64.78% 到 82 之间。39%，SVM 范围从 76.46% 到 91.34%，随机森林范围从 80.34% 到 91.28%。对于灰度梵文验证码，k-NN 的识别率范围为 67.52% 至 85.47%，SVM 范围为 76.9% 至 91.71%，随机森林的识别率范围为 83.07% 至 92.13%。我们实现了 66% 到 85% 的单色方案和 73% 到 93% 的灰度方案的破坏率。