Detection of AdvancedWeb Bots by CombiningWeb Logs with Mouse Behavioural Biometrics

被引:16
作者
Iliou, Christos [1 ,2 ]
Kostoulas, Theodoros [3 ,4 ]
Tsikrika, Theodora [1 ]
Katos, Vasilis [2 ]
Vrochidis, Stefanos [1 ]
Kompatsiaris, Ioannis [1 ]
机构
[1] CERTH, Inst Informat Technol, Thessaloniki, Greece
[2] Bournemouth Univ, BU CERT, Bournemouth, Dorset, England
[3] Univ Aegean, Dept Informat & Commun Syst Engn, Samos, Greece
[4] Bournemouth Univ, Dept Comp & Informat, Bournemouth, Dorset, England
来源
DIGITAL THREATS: RESEARCH AND PRACTICE | 2021年 / 2卷 / 03期
基金
欧盟地平线“2020”;
关键词
Web bot detection; evasive web bots; advanced web bots; mouse movements; mouse biometrics; humanlike behaviour;
D O I
10.1145/3447815
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Web bots vary in sophistication based on their purpose, ranging from simple automated scripts to advanced web bots that have a browser fingerprint, support the main browser functionalities, and exhibit a humanlike behaviour. Advanced web bots are especially appealing to malicious web bot creators, due to their browserlike fingerprint and humanlike behaviour that reduce their detectability. This work proposes a web bot detection framework that comprises two detection modules: (i) a detection module that utilises web logs, and (ii) a detection module that leverages mouse movements. The framework combines the results of each module in a novel way to capture the different temporal characteristics of the web logs and the mouse movements, as well as the spatial characteristics of the mouse movements. We assess its effectiveness on web bots of two levels of evasiveness: (a) moderate web bots that have a browser fingerprint and (b) advanced web bots that have a browser fingerprint and also exhibit a humanlike behaviour. We show that combining web logs with visitors' mouse movements is more effective and robust toward detecting advanced web bots that try to evade detection, as opposed to using only one of those approaches.
引用
收藏
页数:26
相关论文
共 42 条
[1]  
Akamai, 2018, Akamai's Bot Manager-Advanced Strategies to Flexibly Manage the Long-term Business and IT Impact of Bots
[2]  
Akrout I, 2019, Arxiv, DOI arXiv:1903.01003
[3]  
Alam S, 2014, 2014 IEEE CONGRESS ON EVOLUTIONARY COMPUTATION (CEC), P2955, DOI 10.1109/CEC.2014.6900644
[4]  
AlNoamany Y, 2013, ACM-IEEE J CONF DIG, P339
[5]   Web Runner 2049: Evaluating Third-Party Anti-bot Services [J].
Azad, Babak Amin ;
Starov, Oleksii ;
Laperdrix, Pierre ;
Nikiforakis, Nick .
DETECTION OF INTRUSIONS AND MALWARE, AND VULNERABILITY ASSESSMENT, DIMVA 2020, 2020, 12223 :135-159
[6]   Analysis and Detection of Bogus Behavior in Web Crawler Measurement [J].
Bai, Quan ;
Xiong, Gang ;
Zhao, Yong ;
He, Longtao .
2ND INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY AND QUANTITATIVE MANAGEMENT, ITQM 2014, 2014, 31 :1084-1091
[7]  
Bhargav A, 2014, 2014 INTERNATIONAL CONFERENCE ON CONTROL, INSTRUMENTATION, COMMUNICATION AND COMPUTATIONAL TECHNOLOGIES (ICCICCT), P632, DOI 10.1109/ICCICCT.2014.6993038
[8]  
Bianco D., 2013, The Pyramid of Pain
[9]  
Bock Kevin, 2017, 11 USENIX WORKSHOP O
[10]   Wrist in motion: A seamless context-aware continuous authentication framework using your clickings and typings [J].
Li B. ;
Wang W. ;
Gao Y. ;
Phoha V.V. ;
Jin Z. .
IEEE Transactions on Biometrics, Behavior, and Identity Science, 2020, 2 (03) :294-307