Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Fight bad bot on the internet


Published on

The advancement in deep and machine learning, natural language understanding, and big data processing are paving the way for the rise in AI-powered bots, that are faster, getting better at understanding human interaction and can even mimic human behavior.

Cyber criminals are harnessing the latest tools available, and constantly changing their techniques to make their attacks more effective, faster and adaptable to safeguards.

Join this webinar to learn about:

- What type of workloads prone to bot attacks
- Which industries heavily affected by Bot attacks
- Learn about Cloudflare's Machine Learning and Behavioral Analysis driven approach to solving Bot menace.

Published in: Internet
  • Be the first to comment

Fight bad bot on the internet

  1. 1. Fight bad bots on the Internet
  2. 2. Today’s Speakers Krishna Zulkarnain Marketing Director APAC @ Cloudflare Anand Guruprasad Solutions Engineer @ Cloudflare
  3. 3. What you will learn today? 3 What type of workloads prone to bot attacks Challenges to a successful bot mitigation strategy How do you protect assets from bot menace?
  4. 4. We are helping build a better Internet 4
  5. 5. 5 Cloudflare Security Vision Provide world-class visibility, controls, and guided configurations so that customers of any size and technical sophistication can keep their Internet property safe and secure without sacrificing speed and performance 5
  6. 6. A Global Anycast Network 193Cities and 90+ countries99% Of the Internet-connected population in the developed world population is located within 100 milliseconds of our network 44BCyber threats blocked each day in Q2’19 websites, apps & APIs 20M+
  7. 7. Anand Guruprasad Solutions Engineer @ Cloudflare
  8. 8. Evolution of Cloudflare Bot Management Next Gen Bot Management Mitigation at Scale Cloudflare released solutions that stopped most malicious automated attacks. Cloudflare launches next gen bot management that leverages machine learning on a curated subset of traffic across our network of 20M+ Internet properties. 8 Stop Bots for Customers Cloudflare developed advanced tools that enable customers to tailor solutions at scale
  9. 9. Common Use Cases Attempts to log into and take-over a user’s account by automatically applying previously stolen account credentials Stealing information from websites with malicious intent Bots click on your ads and register in your marketing analytics. Credential Stuffing Content Scraping/Spam Marketing Ad- click Fraud Fraudulently purchases goods to deprive legitimate customers or resell for a higher price Inventory Hoarding Credit Card Stuffing Tries to validate stolen credit cards to then make fraudulent purchases 9
  10. 10. What have you tried to date? ● Rate Limiting ● WAF ● Multi-Factor Authentication ● Homegrown solutions ● Javascript-based bot detection
  11. 11. Problems with Javascript ● Slow application performance because each request is evaluated at the vendor’s origin ● False negatives — failures to mitigate malicious bots that turn off Javascript ● Poor user experience by interfering with or breaking web applications ● Violation of user privacy and government non-compliance if sensitive data stored by Javascript in the browser is compromised ● Deployment headaches while managing and securing third-party Javascript libraries 11
  12. 12. Cloudflare Bot Management Detect and manage bad bots by leveraging intelligence from over 20M+ million internet properties. All in one click.
  13. 13. Rate Limiting SSL L3/4 DDoS Protection ` We secure traffic end-to-end, providing a layered defense Request Passed! Bot Management WAFDNS/DNSSEC Argo Tunnel 13 Orbit Spectrum EXTEND WorkersAccess CONTROL 13 L7 DDoS Protection
  14. 14. Why does Cloudflare scale matter? We ran the same machine learning model on the same features but using only 1% of the data set - potentially available to our competitors. Results: - 10% decrease in anomaly detection - 80% decrease in detecting SPAM + 400% increase in captchas shown
  15. 15. Cloudflare Bot Management Methods Machine Learning Cloudflare’s ML trains on a curated subset of 425 billion requests per day across 20M+ Internet properties, to create a reliable “bot score” for every request. Behavioral Analysis Behavioral analysis detects anomalies in site-specific traffic, scoring every request on how different it is from the baseline. Automatic Whitelist Because not all bots are bad, the solution automatically maintains and updates a white list of "good" bots, such as those belonging to search engines. Mobile Our mobile solution prevents attacks against mobile application APIs by impersonation and emulation bots and by hijacked mobile apps. 15 Detection Protection
  16. 16. How does our Machine Learning work? score Requests Bytes Request Useragent IP Country Solved Captchas 20 50 empty Russia 0 40 300 Mozilla France 1 60 2540 Firefox Germany 1 80 2322 Chrome US 1 … 200 MM ... 50 322 Chrome Russia 0 we learn from the properties of the requests across trillions of data points e.g.
  17. 17. Mitigation Options All mitigations of Bot management on your website undergo three stages to insure compatibility and effectiveness with your traffic 1. Simulate/Log This mitigation is the least intrusive one and thus allows you to mitigate offline on your own time. You will receive a header to all your requests with our bot score. This is particularly relevant for spammed forums, online forms, or online voting platforms. 2. Captcha* This mitigation is the best first step for rolling out to production as it allows us/you to measure the amount of false positives without impacting the user experience. 3. Block This mitigation is the most effective and should only be used in production after careful trade-off evaluation. * might require integration on your side
  18. 18. Alternative Actions and Punishment: Slow- down and waste bandwidth if (pathnameParts[1] == 'jpg') { var req = new Request('https://d3hv8qdd474bjn.cloudfront .net/nyancat_large.jpg?r=12'); // var req = request; = {}; = 600; = 9999; = 'nyan'; = 1; // slowRequest = false; if (clientTrustScore <= 30) { await sleep(1000); var options = { "cf" : { "cacheTtl" : 30 } };
  19. 19. Key Feature: Analytics and Reporting
  20. 20. ELS in SIEM Integration
  21. 21. Dogfooding Spam Protection at Cloudflare
  22. 22. Q&A