HUMAN’s product teams are always developing new detection capabilities to neutralize advanced attacks. In this blog we offer a roundup of recent releases as well as a high-level overview of one of our sophisticated detection techniques and how it identifies fake traffic in the real world.

What’s New

• Edge Sensor
  A significant enhancement to HUMAN’s web scraping defense capabilities, this new feature tests traffic for the presence of ‘primitive’ bots that are a common source of scraping traffic. An invisible JavaScript challenge is used to test whether the potential bot is capable of using JavaScript. If not, it is blocked from accessing the page. Note: this action takes place before accessing the page, stopping any initial scraping from occurring.
• Graphics Processing Unit (GPU) Proof of Work
  An innovative, new approach to traditional proof-of-work techniques, this capability weeds out virtual bots (e.g. those that are console/cmd-line only) by testing for the ability to recreate dynamic animations with a GPU.
• Enhanced Accessibility for the HUMAN Challenge
  We are pleased to confirm that the HUMAN Challenge is now compliant with requirements set out by the Americans with Disabilities Act and ECGA 2.2 AA. 

Catching Bots with Mouse Behavioral Models

Analyzing mouse movement and behavior is a key detection capability of HUMAN’s platform.  Mouse behavior models are adept at detecting and blocking bot-generated traffic, keeping websites protected from a variety of advanced cyber threats, including residential proxies, web automation tools, and JavaScript-enabled scrapers. Key benefits of using mouse movement and behavior for detection include:

• Advanced Bot Detection: Using machine learning to analyze mouse behavior patterns on challenge pages for highly accurate bot detection
• Robust Protection: Capable of thwarting a wide array of advanced cyber threats, including residential proxies, web automation tools, and JavaScript-enabled scrapers
• Seamless Integration: Our machine learning model operates discreetly in the background, providing robust protection without impacting the user experience
• Proven Effectiveness: Successfully prevents large-scale attacks against customer websites, offering a layer of security that operates transparently to safeguard your digital assets
  
  

Real World Protection

One HUMAN customer experienced an ongoing challenge-solving attack that lasted for multiple days. Without the need for manual intervention, the attack was detected by HUMAN’s mouse movement and behavior model and blocked with a fully automated algorithm.

Their efforts foiled, the attackers attempted to adapt with a new, more sophisticated attack approach. This too was automatically detected and blocked by the same model.

The dotted line on the above graph marks the point at which the attackers shifted technique.

The Initial Attack

At first, mouse movements were algorithmically generated which can be seen from the extremely smooth and evenly spaced curves. These mouse movements, shown below, are considered too smooth for a human to have made.

Changing the Attack Technique

When the initial technique failed, the attackers attempted a new movement approach. As you can see in the image below the movements continued to be algorithmically generated and smooth, but this time used increased complexity. This more complex approach was an attempt to overwhelm the defenses with additional noise. Instead, the HUMAN machine learning model identified the continued attack and automatically blocked it.

Below, the bot-based mouse paths register more points and smoothed the curves between the points, but still didn’t approximate human behavior very well:

HUMAN combines more than 2,500 detection techniques to give organizations comprehensive protection from online fraud and abuse. Learn more at https://www.humansecurity.com/platform