October 30–31, 2016: Training
October 31–November 2, 2016: Tutorials & Conference
New York, NY

The industrial age of website bots: How to detect and block automated attacks

Ido Safruti (PerimeterX), Christopher Federico (PerimeterX)
9:00am–12:30pm Monday, 10/31/2016
Tools and processes
Location: Grand Ballroom West Level: Beginner
Average rating: ****.
(4.50, 2 ratings)

Prerequisite knowledge

  • Basic computer skills (i.e., must be comfortable installing packages and running simple scripts and tools)
  • A basic understanding of the Web

Materials or downloads needed in advance

  • A laptop with tools and libraries/code samples downloaded and installed (will be provided prior to the session)
  • Please follow instructions on the Read Me file here: https://github.com/PerimeterX/bot-tools

What you'll learn

  • Gain an awareness of threats from malicious bots
  • Learn how some of these bots operate
  • Explore open source tools and techniques to detect and better manage bots

Description

Bots (nonhuman automated tools) are growing in popularity and create a real threat to websites and applications. Bots are ideal workers for repetitive and complex tasks and can easily and efficiently run on different hosts and cloud services—or as malware on infected machines. Bots are participating in different types of attacks impacting all types of applications and businesses—performing the entire scale of attacks from scraping, account abuse (account creation or account takeover), credit card and coupon guessing, application layer distributed denial of service (L7 DDoS), scalping, and click fraud. Bots range in complexity and abilities from simple scripts to full browser-based tools that can render complex pages and even solve CAPTCHA challenges.

Ido Safruti and Chris Federico review how bots work, explain how to operate a few common bots, and, most importantly, show what you can do to detect and block malicious activity while enabling your users and good bots to work uninterrupted. In order to detect and protect from different bots, Ido and Chris first introduce a few common bots used by attackers, like PhantomJS and Selenium, to create a testing environment and verify that we can efficiently detect such tools.

Then Ido and Chris explore a variety of techniques and open source tools and libraries you can use in order to detect different bots and outline the things to consider when you suspect a request is being originated by a bot, such as:

  • Blocking users not supporting JavaScript and cookies
  • Sending hidden challenges that will bother bots but won’t affect real users’ experience
  • Honeypots and traps to catch malicious automatic tools
  • Detecting and whitelisting the good bots
Photo of Ido Safruti

Ido Safruti

PerimeterX

Ido Safruti is the cofounder and CTO at PerimeterX, which is building a behavior-based web security service. Previously, Ido headed a product group in Akamai focusing on web performance and scalability. Ido joined Akamai through the acquisition of Cotendo, where he led product and strategy. His earlier roles include GM in charge of product engineering and operation, R&D manager, chief scientist, and head of engineering at various companies and the Israeli intelligence, where he focused on high-capacity, large-scale web and network services and cybersecurity systems.

Photo of Christopher Federico

Christopher Federico

PerimeterX

Christopher Federico is the lead solutions architect at PerimeterX. Previously, Christopher held roles as a product manager at CloudFlare for web application firewalls and enterprise CDN logging; manager of the solution center for the Americas at Check Point Software Technologies, where he led presale escalations and major proofs of concept; and various roles in VeriSign’s managed services division. Chris loves working on problems at scale, cooking great food, and backpacking California.

Comments on this page are now closed.

Comments

Picture of Ido Safruti
11/01/2016 9:29am EDT

I wanted to thank all the participants for attending the session. We will update the github repository with additional resources in the coming few days, so you are welcome to watch the repository to get updates.

Picture of Ido Safruti
10/29/2016 2:31pm EDT

you can visit the following github repository for instructions on what to install prior to the session: https://github.com/PerimeterX/bot-tools/
This repository will also include all the scripts and code samples we will use for the tutorial session

Picture of Ido Safruti
10/28/2016 7:09pm EDT

Hi,
I will publish tomorrow the resources and tools required for the session.
as for which platform – you can use whichever laptop/OS you have, but will need to install/have docker and python.

Lolita Harris
10/28/2016 6:52pm EDT

Hi,
will we use linux or windows OS? Thank you.