Evasive bots masquerading as human beings on the web
作者: Jing Jin , Jeff Offutt , Nan Zheng , Feng Mao , Aaron Koehl
关键词:
摘要: Web bots such as crawlers are widely used to automate various online tasks over the Internet. In addition conventional approach of human interactive proofs CAPTCHAs, a more recent observational (HOP) has been developed automatically distinguish web from users. Its design rationale is that behave intrinsically differently beings, allowing them be detected. This paper escalates battle against by exploring limits current HOP-based bot detection systems. We develop an evasive system based on behavioral patterns. Then we prototype general framework and set flexible de-classifier plugins, primarily application-level event evasion. further abstract define benchmarks for measuring our system's evasion performance contemporary applications, including social network sites. Our results show proposed can effectively mimic behaviors evade detectors achieving high similarities between users bots.
udel.edu 
sci-hub.se 参考文章(24)
Neil Daswani, Michael Stoppelman, The anatomy of Clickbot.A conference on workshop on hot topics in understanding botnets. pp. 11- 11 ,(2007)
Paul Ammann, Jeff Offutt, Introduction to Software Testing Cambridge University Press. ,(2008) , 10.1017/CBO9780511809163
Fabian Monrose, Lucas Ballard, Daniel Lopresti, Biometric authentication revisited: understanding the impact of wolves in sheep's clothing usenix security symposium. pp. 3- ,(2006)
Steven Gianvecchio, Haining Wang, Zhenyu Wu, Mengjun Xie, Measurement and classification of humans and bots in internet chat usenix security symposium. pp. 155- 169 ,(2008)
Jeff Offutt, Paul Ammann, Introduction to Software Testing ,(2016)
Engin Kirda, Christopher Kruegel, Giovanni Vigna, Gregoire Jacob, PUBCRAWL: protecting users and businesses from CRAWLers usenix security symposium. pp. 25- 25 ,(2012)
Geoffrey M. Voelker, Chris Kanich, Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, Re: CAPTCHAs: understanding CAPTCHA-solving services in an economic context usenix security symposium. pp. 28- 28 ,(2010)
Luis von Ahn, Manuel Blum, Nicholas J. Hopper, John Langford, CAPTCHA: using hard AI problems for security theory and application of cryptographic techniques. pp. 294- 311 ,(2003) , 10.1007/3-540-39200-9_18
Steven Gianvecchio, Zhenyu Wu, Mengjun Xie, Haining Wang, Battle of Botcraft: fighting bots in online games with human observational proofs computer and communications security. pp. 256- 268 ,(2009) , 10.1145/1653662.1653694
Zi Chu, Steven Gianvecchio, Haining Wang, Sushil Jajodia, Who is tweeting on Twitter: human, bot, or cyborg? annual computer security applications conference. pp. 21- 30 ,(2010) , 10.1145/1920261.1920265