Towards a framework for detecting advanced Web bots
Authors: Iliou, C., Kostoulas, T., Tsikrika, T., Katos, V., Vrochidis, S. and Kompatsiaris, Y.
Journal: ACM International Conference Proceeding Series
DOI: 10.1145/3339252.3339267
Abstract:Automated programs (bots) are responsible for a large percentage of website traffic. These bots can either be used for benign purposes, such as Web indexing, Website monitoring (validation of hyperlinks and HTML code), feed fetching Web content and data extraction for commercial use or for malicious ones, including, but not limited to, content scraping, vulnerability scanning, account takeover, distributed denial of service attacks, marketing fraud, carding and spam. To ensure their security, Web servers try to identify bot sessions and apply special rules to them, such as throttling their requests or delivering different content. The methods currently used for the identification of bots are based either purely on rule-based bot detection techniques or a combination of rule-based and machine learning techniques. While current research has developed highly adequate methods for Web bot detection, these methods’ adequacy when faced with Web bots that try to remain undetected hasn’t been studied. For this reason, we created and evaluated a Web bot detection framework on its ability to detect conspicuous bots separately from its ability to detect advanced Web bots. We assessed the proposed framework performance using real HTTP traffic from a public Web server. Our experimental results show that the proposed framework has significant ability to detect Web bots that do not try to hide their bot identity using HTTP Web logs (balanced accuracy in a false-positive intolerant server > 95%). However, detecting advanced Web bots that present a browser fingerprint and may present a humanlike behaviour as well is considerably more difficult.
https://eprints.bournemouth.ac.uk/32523/
Source: Scopus
Towards a framework for detecting advanced Web bots
Authors: Iliou, C., Kostoulas, T., Tsikrika, T., Katos, V., Vrochidis, S. and Kompatsiaris, Y.
Journal: 14TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES 2019)
DOI: 10.1145/3339252.3339267
https://eprints.bournemouth.ac.uk/32523/
Source: Web of Science (Lite)
Towards a framework for detecting advanced Web bots
Authors: Iliou, C., Kostoulas, T., Tsikrika, T., Katos, V., Vrochidis, S. and Kompatsiaris, Y.
Conference: The 14th International ARES Conference on Availability, Reliability and Security
Dates: 26-29 August 2019
https://eprints.bournemouth.ac.uk/32523/
Source: Manual
Towards a framework for detecting advanced Web bots.
Authors: Iliou, C., Kostoulas, T., Tsikrika, T., Katos, V., Vrochidis, S. and Kompatsiaris, Y.
Journal: ARES
Pages: 18:1
Publisher: ACM
ISBN: 978-1-4503-7164-3
https://eprints.bournemouth.ac.uk/32523/
https://doi.org/10.1145/3339252
Source: DBLP
Towards a framework for detecting advanced Web bots
Authors: Iliou, C., Kostoulas, T., Tsikrika, T., Katos, V., Vrochidis, S. and Kompatsiaris, Y.
Conference: ARES 2019: 14th International Conference on Availability, Reliability and Security
Abstract:Automated programs (bots) are responsible for a large percentage of website traffic. These bots can either be used for benign purposes, such as Web indexing, Website monitoring (validation of hyperlinks and HTML code), feed fetching Web content and data extraction for commercial use or for malicious ones, including, but not limited to, content scraping, vulnerability scanning, account takeover, distributed denial of service attacks, marketing fraud, carding and spam. To ensure their security, Web servers try to identify bot sessions and apply special rules to them, such as throttling their requests or delivering different content. The methods currently used for the identification of bots are based either purely on rule-based bot detection techniques or a combination of rulebased and machine learning techniques. While current research has developed highly adequate methods for Web bot detection, these methods’ adequacy when faced with Web bots that try to remain undetected hasn’t been studied. For this reason, we created and evaluated a Web bot detection framework on its ability to detect conspicuous bots separately from its ability to detect advanced Web bots. We assessed the proposed framework performance using real HTTP traffic from a public Web server. Our experimental results show that the proposed framework has significant ability to detect Web bots that do not try to hide their bot identity using HTTP Web logs (balanced accuracy in a false-positive intolerant server > 95%). However, detecting advanced Web bots that present a browser fingerprint and may present a humanlike behaviour as well is considerably more difficult.
https://eprints.bournemouth.ac.uk/32523/
https://www.ares-conference.eu/conference-2019/cfp2019/
Source: BURO EPrints