The advancement in deep and machine learning, natural language understanding, and big data processing are paving the way for the rise in AI-powered bots, that are faster, getting better at understanding human interaction and can even mimic human behavior.
Cyber criminals are harnessing the latest tools available, and constantly changing their techniques to make their attacks more effective, faster and adaptable to safeguards.
Join this webinar to learn about:
- What type of workloads prone to bot attacks
- Which industries heavily affected by Bot attacks
- Learn about Cloudflare's Machine Learning and Behavioral Analysis driven approach to solving Bot menace.
3. What you will learn today?
3
What type of
workloads prone to
bot attacks
Challenges to a successful
bot mitigation strategy
How do you protect assets from
bot menace?
5. 5
Cloudflare Security Vision
Provide world-class visibility, controls, and guided
configurations so that customers of any size and technical
sophistication can keep their Internet property safe and
secure without sacrificing speed and performance
5
6. A Global Anycast Network
193Cities and 90+ countries99%
Of the Internet-connected population
in the developed world population is
located within 100 milliseconds of our
network
44BCyber threats blocked each
day in Q2’19
websites, apps & APIs
20M+
8. Evolution of Cloudflare Bot Management
Next Gen
Bot Management
Mitigation
at Scale
Cloudflare released solutions
that stopped most malicious
automated attacks.
Cloudflare launches next gen bot
management that leverages machine
learning on a curated subset of traffic
across our network of 20M+ Internet
properties.
8
Stop Bots for
Customers
Cloudflare developed advanced
tools that enable customers to
tailor solutions at scale
9. Common Use Cases
Attempts to log into and
take-over a user’s
account by automatically
applying previously
stolen account
credentials
Stealing information from
websites with malicious
intent
Bots click on your ads and
register in your marketing
analytics.
Credential
Stuffing
Content
Scraping/Spam
Marketing Ad-
click Fraud
Fraudulently purchases
goods to deprive
legitimate customers or
resell for a higher price
Inventory
Hoarding
Credit Card
Stuffing
Tries to validate stolen
credit cards to then
make fraudulent
purchases
9
10. What have you tried to date?
● Rate Limiting
● WAF
● Multi-Factor Authentication
● Homegrown solutions
● Javascript-based bot detection
11. Problems with Javascript
● Slow application performance because each
request is evaluated at the vendor’s origin
● False negatives — failures to mitigate
malicious bots that turn off Javascript
● Poor user experience by interfering with or
breaking web applications
● Violation of user privacy and government
non-compliance if sensitive data stored by
Javascript in the browser is compromised
● Deployment headaches while managing and
securing third-party Javascript libraries
11
14. Why does Cloudflare scale matter?
We ran the same machine learning model
on the same features but using only 1% of
the data set - potentially available to our
competitors. Results:
- 10% decrease in anomaly detection
- 80% decrease in detecting SPAM
+ 400% increase in captchas shown
15. Cloudflare Bot Management Methods
Machine Learning
Cloudflare’s ML trains on a
curated subset of
425 billion requests per day
across 20M+ Internet properties,
to create a reliable “bot score” for
every request.
Behavioral Analysis
Behavioral analysis detects
anomalies in site-specific
traffic, scoring every request
on how different it is from the
baseline.
Automatic Whitelist
Because not all bots are bad,
the solution automatically
maintains and updates a
white list of "good" bots,
such as those belonging to
search engines.
Mobile
Our mobile solution prevents
attacks against mobile
application APIs by
impersonation and
emulation bots and by
hijacked mobile apps.
15
Detection Protection
16. How does our Machine Learning work?
score
Requests
Bytes
Request
Useragent
IP Country
Solved
Captchas
20 50 empty 162.245.21.30 Russia 0
40 300 Mozilla 162.245.21.24 France 1
60 2540 Firefox 182.245.21.30 Germany 1
80 2322 Chrome 162.5.21.30 US 1
… 200 MM ...
50 322 Chrome 162.5.21.30 Russia 0
we learn from the properties of the requests across trillions of data points e.g.
17. Mitigation Options
All mitigations of Bot management on your
website undergo three stages to insure
compatibility and effectiveness with your
traffic
1. Simulate/Log
This mitigation is the least intrusive one and thus allows
you to mitigate offline on your own time. You will receive
a header to all your requests with our bot score. This is
particularly relevant for spammed forums, online forms,
or online voting platforms.
2. Captcha*
This mitigation is the best first step for rolling out to
production as it allows us/you to measure the amount of
false positives without impacting the user experience.
3. Block
This mitigation is the most effective and should only be
used in production after careful trade-off evaluation.
* might require integration on your side
18. Alternative Actions and Punishment: Slow-
down and waste bandwidth
if (pathnameParts[1] == 'jpg') {
var req = new
Request('https://d3hv8qdd474bjn.cloudfront
.net/nyancat_large.jpg?r=12');
// var req = request;
options.cf.resize = {};
options.cf.cacheTtl = 600;
options.cf.resize.width = 9999;
options.cf.cacheKey = 'nyan';
options.cf.resize.quality = 1;
// slowRequest = false;
if (clientTrustScore <= 30) {
await sleep(1000);
var options = {
"cf" : {
"cacheTtl" : 30
}
};
My name is Krishna Zulkarnain and I am the Head of Marketing in APAC. Cloudflare is growing really fast in our region and I'm responsible for generating demand for our sales team across APAC via digital platforms and educational events such as this. On today’s webinar I’m Joined by Anand Guruprasad, our Solutions Engineer based in Singapore, Anand has been with Cloudflare for over a year and a half now. Anand, would you like to introduce yourself?
Thank you Anand for the introduction and we’re all looking forward to diving into your content. But before we start, I would like to go over some housekeeping items. Since there are so many of you on the call, we won’t be taking calls so if you have any questions, please ask them using the Q&A section in your console on the right hand side. We will go through these Questions at the end of the webcast. Also, a recording of this webinar will be available on the Cloudflare Channel and the slides will be shared with you. This session will take around 30 minutes of your time.
Here we go!
On today’s webinar we will cover these 3 main things
What type of workloads prone to bot attacks - Here, we review the most common use cases of bot attacks
Challenges to a successful bot mitigation strategy - Bot attacks are evolving and so should you
How do you protect assets from bot menace? - Finally we will provide some practical insights on how to protect your web domains
Of course we will end with the QA so please make sure you ask your questions on chat and we will answer them at the end.
The next 30 minutes is packed with useful tips and insights but before we get into that, let me take a few steps back to talk about what Cloudflare does. As you can see from our Mission Statement, Cloudflare is helping build a better internet. How do we do that? What is it that we do? In simple terms we help build a better internet by making your websites more secure, more reliable and faster. Why are these so important? Because if your website goes down or it’s slow to load, for any reason, it will have a negative impact to your business. And we make it our business that that will never happen
So diving into Cybersecurity, In a nutshell, this is our philosophy on how we tackle this issue for our customers.
world-class visibility, controls, and guided configurations
We protect 20M+ Websites - huge variety - some tech some not
Our approach is such that We will not sacrifice speed and performance for security. Complete but not complex
So how can Cloudflare help to grow your business? Cloudflare’s network has the breadth and scale that organizations need to run their Internet applications
What this means is that we have a very robust, holistic view on global security threats so that we can better help companies mitigate risks as they happen around the world. With this Global Anycast Network we will ensure that your websites always stays up and deliver faster content to your customers so that you can focus on what you do best and that is growing your business. Our network offers scale, performance that helps organizations like yours deliver superior application experience while keeping keeping their environments secure.
I will now hand it over to Anand to talk about what you need to know about Cybersecurity
Matthew often says that one of the things we do is patch the internet. If you step back and think about it, that is a hard thing to do - there is no one thing to put the bandaid on. We’ve designed a solution that does this patching - this securing - at the edge. The super cool thing about this is that as the internet changes - new apps, new use cases and new devices - it is relatively easy for us to secure them. If we can put them behind cloudflare, for the most part they are secure (I make it sound way easier than the engineering team likes…)
This is the core of our security solution and what truly differentiates it is the depth of integration from DNS look-up all the way to the origin.
But, what makes Cloudflare unique, is the innovation and scale we bring to our customers...
Top 3 -4 things we are doing in - releasing…. Demonstrate the top things you will be interesting…. So this snapshot of some of the top things you would be interested in over the next few quarters
Bot migatiation analytics - more stuff later this year