What are effective anti-bot solutions?-AI-php.cn

Home

Technology peripherals

What are effective anti-bot solutions?

王林

Jun 04, 2023 pm 12:37 PM

robotsolutionattacker

While there may be many different approaches, here are some important points for businesses to consider when evaluating robotics solutions.

By now, many security and fraud professionals have recognized the risks bots pose to online applications and business in general. In a previous article, I discussed and summarized some of these risks to help security and fraud teams understand the need to articulate bot threats to executives and boards in their own language. In fact, this type of communication has become increasingly common, leading to a heightened awareness of the robot problem.

As awareness of the bot problem increases, it’s no surprise that more marketing materials are available for business buyers. Whatever risks security and fraud teams worry about, they need a way to cut through the marketing rhetoric in order to properly evaluate bot solutions. How can enterprise buyers objectively evaluate robotics solutions? How do they assess who can actually deliver on their promises, which approaches are effective in their environment, and which vendors can stay ahead of the evolving threat landscape?

While there may be many different approaches here, I have highlighted a few things that I think are important for businesses to consider when evaluating robotics solutions:

R&D: Many bot management vendors collect telemetry data. However, how different vendors handle this data has a huge impact on the efficacy of their solutions. Continuously analyzing, profiling, and investigating telemetry data is necessary for a bot management solution to be effective. Questions that need to be asked on an ongoing basis include: What does the data tell us? What is proper data collection? How can we reliably and accurately differentiate between human and machine traffic? Successful R&D also includes identifying gaps in telemetry data and understanding what additional telemetry data needs to be collected to make the solution most effective.
Machine Learning: Machine learning is an important part of detecting and understanding which traffic comes from humans and which traffic comes from bots. Many vendors tout the power of their machine learning capabilities and models. Of course, good models are important, and many top manufacturers do have good models. So, what separates the most effective bot management solutions from the rest? The secret is in the data – the better the data that goes into the model, the more accurate and reliable the model’s predictions will be. Even the most powerful machine learning models cannot accurately differentiate between human and automated traffic without receiving the appropriate data as input.
Verification: In my years on the operations side, there have been more than a few instances where a vendor has insisted that we turn on their latest and greatest detection rules and/or signatures. Not surprisingly, in many cases this results in a lot of false positives and noise clogging the work queue. In one instance, a large number of false positives even caused the SIEM to crash. The best bot management providers thoroughly test and validate their rules before publishing them. For these vendors, bombarding customers with a flood of false positives after an update would be seen as a huge failure.
Obfuscation: It is essential to obfuscate the Javascript of your bot management solution to prevent attackers from discovering it. I'm often surprised at how many vendors don't do this, making it easier for attackers to know they're accessing a page using a bot management solution. An attacker could then easily bypass the solution - for example, an attacker could simply modify the page, remove the Javascript that manages the bot solution, and continue their attack as if there was no solution at all. Obfuscation is not a one-and-done process—it is an iterative process. Proper obfuscation that protects against attacker workarounds requires researching attackers, reverse engineering their strategies, techniques, and procedures, and continually releasing new and modified obfuscations.
Advanced Analysis: Last but not least, incorporating learning into your bot management solution can greatly increase efficiency. Unfortunately, many vendors develop and sell solutions that address a certain level of complexity. However, they do not continue to study attackers' retooling tools, incorporate learnings into their solutions, and improve their products. This results in bot management solutions sometimes being effective for weeks until attackers realize their target has implemented a bot management solution. At that point, attackers often regroup and bot management solutions become completely ineffective if the solution cannot handle the increased level of complexity.

When it comes to bot management solutions, iterative solutions reign supreme. Vendors that research attackers and continually feed that knowledge back into solutions are more effective than those that don't. Likewise, vendors that work hard to collect the best and correct data, review rules, and ensure their solutions are protected from attacker tampering do better than those that don’t. These points and others are important for businesses to keep in mind when evaluating bot management solutions.

The above is the detailed content of What are effective anti-bot solutions?. For more information, please follow other related articles on the PHP Chinese website!

Statement

This article is reproduced at:51CTO.COM. If there is any infringement, please contact admin@php.cn delete

机器人学我表情的样子，让人感到一丝恐惧Apr 09, 2023 am 10:11 AM

通常，机器人的主要功能是完成一些简单的操作任务，我们希望机器人可以模仿人，让能力尽可能接近人类水平。不论是小米的 CyberOne 还是特斯拉的 Optimus，人们关心的主要是其机械关节数量，控制算法和行走速度。不过在这个领域，有些人探索的方向更加脑洞大开：现在，有一种机器人把模仿真人表情做到了极致：先尝试一下自拍。从「嫌弃」到「惊讶」，都可以做到完全同步：这个机器人名叫 Ameca，是个表情怪。除了模仿，它自己也能照镜子做很多小表情，看起来非常像真人。Ameca「假装」第一次见到镜子，首

拿破仑、孔子在线陪聊！AI聊天机器人「复活」历史名人，网友：真上头！Apr 08, 2023 pm 12:11 PM

和活生生的已故历史名人聊天是个什么感觉？近日，就有一群开发者利用语言模型，把千百年来各行各业的历史名人全部「复活」成了聊天机器人，做进了一款手机app里，起名叫「你好，历史」！开发者声称，这个与古代名人聊天的app涉及的内容几乎无所不包。比如可以：与玛丽莲·梦露聊好莱坞八卦与弗里达·卡洛讨论现代艺术问问圣诞老人他有多少只驯鹿问问科特·科本为什么自杀向穴居人学习如何生火与宇宙意识辩论生命的意义不过他们也没忘记提醒用户，这些对话是由人工智能生成的，所以不要太认真。而且每个对话都是独一无二的，你永远不

盘点全球不错的七所机器人工程专业学校Apr 08, 2023 pm 01:31 PM

有抱负的工程师应该了解世界各地著名的机器人工程学院。现在是从事机器人和工程事业的最佳时机——从人工智能到太空探索，这一领域充满了令人兴奋的创新和进步。美国劳工统计局估计，未来10年，机械工程领域的职业总体上将保持7%的稳定增长率，确保毕业生将有大量的就业机会。机器人工程专业的学生平均工资超过9万美元，无需担心还助学贷款的问题。对于那些考虑投身机器人工程领域的人来说，选择一所合适的大学是非常重要的。世界上许多顶尖的机器人工程学院都在美国，尽管国外也有一些很棒的项目。这是7所世界上最好的机器人工程学

女王登基70周年，世上首个超逼真人形机器艺术家献上肖像画作，被锐评“缺少信念”Apr 08, 2023 pm 08:11 PM

大数据文摘出品作者：Caleb为庆祝英国女王伊丽莎白二世登基70周年，英国也是早早就洋溢出了庆典的味道。据了解，英国将于6月2日至5日连放4天公众假期，并在期间举行多项庆祝活动。英国皇家铸币厂也在精心打造有史以来最大的硬币，直径220毫米，重15公斤，面值15000英镑，耗时近400小时打造，是该厂1100年来生产的最大硬币。这枚金币一面雕刻着代表英国女王伊丽莎白二世的符号EⅡR，周围环绕着代表英国的玫瑰、水仙、蓟和三叶草。另一面有女王骑在马背上的图案。在这么热闹的日子里，AI当然也必须来凑一凑

人类与人工智能如何建立关系Apr 09, 2023 pm 07:41 PM

人类与人工智能相比，哪个更擅长建立关系？事实上，这项革命性的技术已经存在了很长一段时间。然而，直到最近人们才意识到人工智能对人类的重要性。人工智能利用算法模拟人类，并随着时间的推移从经验中学习的能力，为这项技术与人类建立关系开辟道路。人类如何建立人际关系作为人类，我们倾向于只与少数人建立关系。我们试图确保不需要的和不相干的人从我们的生活中消失。在将我们的关系限制在少数人的同时，我们确保与那些对我们真正重要的人建立高质量的关系。然而，同样的方法在商业用语中可能不是理想的，并可能适得其反。尽管知道这

让机器人学会咖啡拉花，得从流体力学搞起！CMU&MIT推出流体模拟平台Apr 07, 2023 pm 04:46 PM

机器人也能干咖啡师的活了！比如让它把奶泡和咖啡搅拌均匀，效果是这样的：然后上点难度，做杯拿铁，再用搅拌棒做个图案，也是轻松拿下：这些是在已被ICLR 2023接收为Spotlight的一项研究基础上做到的，他们推出了提出流体操控新基准FluidLab以及多材料可微物理引擎FluidEngine。研究团队成员分别来自CMU、达特茅斯学院、哥伦比亚大学、MIT、MIT-IBM Watson AI Lab、马萨诸塞大学阿默斯特分校。在FluidLab的加持下，未来机器人处理更多复杂场景下的流体工作也都

四足机器人学会“双腿站立下楼梯”！效率比腿式系统高83%Apr 09, 2023 am 11:21 AM

还记得那个和特斯拉飙车的机器人吗？这是瑞士苏黎世联邦理工学院衍生公司研发的与公司同名的四足轮腿式机器人——Swiss-Mile，前身是ANYmal四足机器人。距离它和特斯拉飙车还不到半年的时间，它又实现了重大升级。这次升级改进了机器人的算法，运动能力直接UP UP UP ! 可以双腿站立下楼梯：（小编内心OS：如果是我穿轮滑鞋下楼梯可能会摔个狗吃屎）楼梯爬累了，坐个电梯吧，用前脚按开电梯门：面对障碍物应对自如：它还能知道什么时候该站起来，什么时候该“趴下”，双腿直立与四足运动之间的切换更丝滑：

聊一聊AI有哪四种类型Apr 09, 2023 pm 11:31 PM

随着人工智能成为一种趋势，人们对它如何工作以及可以做什么存在很多问题。一个经常被问到的问题就是——AI有哪四种类型。下面小编就来为大家解答一下。AI有哪四种类型反应性机器反应性机器在AI中是一个非常受欢迎的概念。这是因为它是最基本也是最古老的AI类型。反应性机器是指仅对某些刺激和场景有反应性的机器。与之后的许多人工智能软件不同的是，它们不能利用以前的经验或负载的知识来评估和应对特定的情况。甚至不使用GPS或数字地图来导航周围的环境或绘制路线。相反，它们会根据所看到的东西移动。反应型机器擅长象棋和

See all articles