Bot Mitigation

Prophaze’s  advanced machine learning based Bot Management solution can fight against other ML based malicious bots which do targetted  and automated attack against web APIs and applications .

Prophaze Bot Platform deals with

Click Fraud Bots (Ad Bots)

Multiple Use cases

  • Ad clicks
  • Music Plays
  • Video plays
  • Paid Surveys

Authentication Bots

  • Credential Stuffing (Checking stolen mass credentials are correct or not)
  • To Lockout legitimate user by passing n number of login over a time period
  • Account creation Bots
  • Fake Facebook Like and Twitter Followers

Scrapping Bots

  • Less Popular Search Engines
  • Price Comparison
  • Less Sophisticated
  • Can cause more resource usages

Ecommerce Busting Bots

  • Purchase // Adding to cart of items from E-Commerce sites and making it not available for legitimate users , which includes flash sale items, tickets and normal consumer products . Hence creating artificial demand and loss of revenue
  • Automated buying of Gift cards using stolen credit cards from Amazon etc. and selling the same in  secondary and underground markets like  Darknet.

Attack/Detection Bots

  • Bots based on an existing vulnerabilities / Zero Days
  • Resource Eating / DDoS Bots
  • Vulnerability Scanning Bots

Bot Sophistications

  • Generation 1 – Less Sophisticated – Single IP and Old user agent, JavaScript failures – Easy to detect, using just user agents and IP Activity
  • Generation 2 – Medium Sophistication – Full Browser Support , Data center IP Address , Less Mouse  Movement  – Detected using Captcha, pattern matching, signatures and rules
  • Generation 3 – High Sophistication – Headless browsers running legitimate user’s hacked phone or computer . Real ISP IP Address – Complex to detect, Detected by Prophaze using ML Based Behavioral Learning

How Prophaze Detects Generation 3 – Sophisticated Bots

  • Frequently Updated ML Algorithms and Models
  • Learning of users Behavior on a particular business profile (Ecommerce , Banking  ) and applying different levels of blocking for Automated/Bot attacks based on their threat score
  • Updated List of Good Bots for white listing and Bad Bots for blacklisting from several sources
  • Captchas for Less suspicious behavior and redirection plus temporary blocking for more suspicious users

Bot Mitigation Actions By Prophaze

IP Address Blocking is not an option any more as legitimate user devices are used for Bot Activity . Hence Prophaze action after detecting Bot Activity are

  • Closing http/https connection from bot instead of banning IP Address .
  • Sending Bot to honey pots.
  • Corrupting the expected data by Bots .
  • Hard Blocking the IP Address is still an option provided the ip is listed in Bot404’s updated blacklist or it can be done as a manual action by the user .

Performance

  • Bot Blocking is done by Hardware accelerated Network Processor for Content Body Inspection (a Vision of Prophaze :D)
  • Minimum latency as per industry standards – No Performance kill for whole infrastructure for the cost of Bot detection and Blocking
  • Supports Native Cloud , Private Cloud , On Premise and Kubernetes Deployment

Integrations in Cloud

  • Works along with existing components available for native cloud customers
  • Deploys ML Models and Jobs instantaneously in the specific cloud account customer is having , if its either GCP , AWS or Microsoft Azure
  • Communicates with Native cloud firewall and notification systems
  • Integrations with marketing tools for sending bot activity so that advertisers can optimize the campaigns

Integrations in On Premise

  • Works along with existing SIEMS to collect logs and parse data for machine learning algorithms
  • Integration with Elastic Stack for their Native Machine learning tools

Bot UI Features

  • Good Visibility and Control over Bot Data
  • Updated List of Good Bots and Bad Bots for white and black lists
  • Drill Down for all activity of a particular user (Bot)
  • Customizable Rules
  • Customized reports

Advanced Bot Mitigation

EagleEye helps to distinguish between good and bad bot traffic and thus it lets you block scrapers, scanners and comment spammers that bring overhead to your server and tries to steal your content. Search engines and other legitimate services are not affected in anyway allowing them to freely access your website.