Big Data is a common thread in today’s Internet. When you think about the proprietary information companies place on their public facing websites, it can be scary to see how many outside forces are trying to take the data and use it for their own purposes. Do they need your permission to automate the collection of this data? Probably, but they don’t care and will never ask. They only take.
So what are you doing about it? Like most, you probably have a solution in place that allows little to no insight, keeping your reactions limited. The most common response I hear is something IP related. Makes sense right? If I can see anomalies in my logs coming from a particular IP – it’s a bot and block the IP! All the bot needs to do is gain access to another IP. Or what if this bot, is traveling on a cable provider’s IP that many share? Am I blocking legitimate users? Probably.
If you aren’t handling this problem internally, then maybe you’ve purchased a WAF or DDoS based solution. That should do it! But wait, what do these solutions do to control malicious bots trying to scrape, steal, and aggregate our data? They slow them down or more precisely rate-limit or throttle the traffic. What problems will organizations face with these applications (or devices)? Today’s sophisticated bots will not be caught exceeding IP rate limiting as they are designed to mimic human behavior. Not to mention they traverse 10’s, 100’s if not 1,000’s of IP’s. Sure some bots will hammer your web servers and at some point these solutions might slow them down so they don’t overload or cause a “brown-out” situation. However, the bot or machine is still allowed to compromise your data.
What if you could fingerprint the machine that created the bot? Very similar to humans, machines have many features that make them unique. If fingerprints are used to catch criminals by law enforcement agencies, then why wouldn’t you apply the same logic to catching bots? Now imagine a technology that can identify a unique fingerprint in every machine and the software it’s running. No matter what or how many IP’s the bot has access to, when they attempt to call your domain, they are identified! Before they can even access your web servers, this intelligent network has identified who they are – forever. Instead of slowing them down or blocking a single road, you can block that machine and software in real-time preventing data loss or theft. How powerful is that?
About the AuthorMore Content by Ron Abisi