Title :
Evasive bots masquerading as human beings on the web
Author :
Jing Jin ; Offutt, Jeff ; Nan Zheng ; Feng Mao ; Koehl, Aaron ; Haining Wang
Author_Institution :
George Mason Univ., Fairfax, VA, USA
Abstract :
Web bots such as crawlers are widely used to automate various online tasks over the Internet. In addition to the conventional approach of human interactive proofs such as CAPTCHAs, a more recent approach of human observational proofs (HOP) has been developed to automatically distinguish web bots from human users. Its design rationale is that web bots behave intrinsically differently from human beings, allowing them to be detected. This paper escalates the battle against web bots by exploring the limits of current HOP-based bot detection systems. We develop an evasive web bot system based on human behavioral patterns. Then we prototype a general web bot framework and a set of flexible de-classifier plugins, primarily based on application-level event evasion. We further abstract and define a set of benchmarks for measuring our system´s evasion performance on contemporary web applications, including social network sites. Our results show that the proposed evasive system can effectively mimic human behaviors and evade detectors by achieving high similarities between human users and evasive bots.
Keywords :
Internet; data mining; security of data; social networking (online); CAPTCHA; HOP-based bot detection systems; Internet; Web applications; application-level event evasion; crawlers; evasive Web bot system; flexible declassifier plugins; general Web bot framework; human behavioral patterns; human interactive proof approach; human observational proofs; online task automation; social network sites; system evasion performance; Servers; Web security; bot; human observation proofs; machine learning;
Conference_Titel :
Dependable Systems and Networks (DSN), 2013 43rd Annual IEEE/IFIP International Conference on
Conference_Location :
Budapest
Print_ISBN :
978-1-4673-6471-3
DOI :
10.1109/DSN.2013.6575366
