BADPASS: Bots taking ADvantage of Proxy AS a Service

Elisa Chiapponi, Marc Dacier, Olivier Thonnard, Mohamed Fangar, Vincent Rigal

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Web scraping bots are now using so-called Residential ip Proxy (resip) services to defeat state-of-the-art commercial bot countermeasures. resip providers promise their customers to give them access to tens of millions of residential ip addresses, which belong to legitimate users. They dramatically complicate the task of the existing anti-bot solutions and give the upper hand to the malicious actors. New specific detection methods are needed to identify and stop scrapers from taking advantage of these parties. This work, thanks to a 4 months-long experiment, validates the feasibility, soundness, and practicality of a detection method based on network measurements. This technique enables contacted servers to identify whether an incoming request comes directly from a client device or if it has been proxied through another device.
Original languageEnglish (US)
Title of host publication17th International Conference on Information Security Practice and Experience (ISPEC 2022)
StatePublished - 2022

Bibliographical note

KAUST Repository Item: Exported on 2022-09-30

Fingerprint

Dive into the research topics of 'BADPASS: Bots taking ADvantage of Proxy AS a Service'. Together they form a unique fingerprint.

Cite this