The Big, Bad Bot Problem Q1 2019 Report is Published. Download Now

The Big, Bad Bot Problem Q1 2019 Report is Published. Download Now

ShieldSquare Blocks Bots with zero false positives

March 6, 2015 | All Automated Threats Bot Prevention Technologies

At ShieldSquare, our primary goal is to ensure that malicious bots are denied access with a 0% false-positive assurance. We are glad to announce our latest update which enhances the experience of genuine users! We will recognize the genuine user traffic on your website and ensure that their experience is not hindered. Which essentially means that your users will no longer have to perform any troublesome activities like solve CAPTCHA repetitively, answer multiple questions or wait until they are white-listed.

A strategy followed most commonly by the online business giants is to throw the CAPTCHA challenge to all the requests originating from a suspected IP address. The problem with this approach is that it might require genuine users to tolerate with repetitive CAPTCHA. While the bot’s IP address can serve as an indicator, it fails to act as a solid identifier. The IP may be shared by multiple client machines on it’s LAN. A security mechanism such as above might affect other genuine users on the same IP.

Have you ever been asked to solve CAPTCHA by Google before you could proceed to their search results page? If yes, it was probably because of some malicious activity from your IP address. This could have been caused by a bot on your LAN using the same public IP address or by some malware on your computer. We ensure that the users on your website will never experience the same.

The below highlighted scenario attempts to provide a real life example of this problem. Consider the following scenario:

  • Mischievous kid Tommy is sitting at Starbucks. He launches a bot to scrape xyz.com (protected by ShieldSquare).
  • John is a happy gentle man sitting at same Starbucks. He visits xyz.com with a genuine interest of browsing the website.

Tommy and John share the same IP address. So, is Tommy blocked or is John allowed?

Both! Tommy is blocked and John is allowed to access xyz.com. Here’s how:

Our approach to identifying bots

We identify malicious activity by analyzing a bot’s behavioral pattern on the website. This analysis is powered by the various parameters which are collected about the bot’s execution state and environment. The result of such an analysis is a bot fingerprint UUID (Universally Unique Identifier). This UUID is used to identify the bot.

Since a bot is identified using a UUID and not the IP, this approach guarantees zero false-positives. When the bot returns, it is recognized by ShieldSquare and blocked. What happens next?

  • Mischievous kid Tommy is tired of being blocked. He looses hope in his bot program and writes another bot using a different framework to scrape xyz.com.
  • As ShieldSquare performs continuous monitoring and analysis for every request to the website, the new bot’s pattern is recognized and a new UUID is generated by ShieldSquare.
  • Tommy eventually looses faith and realizes he cannot scrape xyz.com.

And oh –  John remained happy the whole time!

Tags: , ,

Subscribe to ShieldSquare Research and Blog
Thank you for subscribing
Thanks. Sent confirmation email.

Step Up and Take Action

Powered by Think201