Web Bot Detection Evasion Using Generative Adversarial Networks
Creators
- 1. CERTH
- 2. University of Aegean
- 3. Bournemouth University
Description
Web bots are programs that can be used to browse the web and perform automated actions. These actions can be benign, such as web indexing and website monitoring, or malicious, such as unauthorised content scraping and scalping. To detect bots, web servers consider bots’ fingerprint and behaviour, with research showing that techniques that examine the visitor’s mouse movements can be very effective. In this work, we showcase that web bots can leverage the latest advances in machine learning to evade detection based on their mouse movements and touchscreen trajectories (for the case of mobile web bots). More specifically, the proposed web bots utilise Generative Adversarial Networks (GANs) to generate images of trajectories similar to those of humans, which can then be used by bots to evade detection. We show that, even if the web server is aware of the attack method, web bots can generate behaviours that can evade detection.
Files
Additional details
Funding
- IDEAL-CITIES – Intelligence-Driven Urban Internet-of-Things Ecosystems for Trustworthy and Circular Smart Cities 778229
- European Commission
- FORESIGHT – Advanced cyber-security simulation platform for preparedness training in Aviation, Naval and Power-grid environments 833673
- European Commission
- ECHO – European network of Cybersecurity centres and competence Hub for innovation and Operations 830943
- European Commission