Based on the Active Bot Protection technology
Dishonest competitors and delinquents launch DDoS attacks via the Internet. Distributed DoS attacks create problems for the website by causing a denial of service. As a result, well-meaning visitors of Internet resources are denied access to information and commercial services, or may experience difficulties with the website functionality. DDoS attacks are extremely popular among hackers. They are an inexpensive but effective way to disrupt the work of online services while remaining unpunished.
According to the method of impact, the following attack techniques are distinguished:
Network layer DDoS attacks – restrict the functioning of server equipment as well as disrupt the operation of software due to the vulnerability of protocols.
Application layer DDoS attacks – target the “weak points” of the website, act specifically, are characterized by minimal consumption of resources, dominate in frequency of occurrence and require a complex as well as expensive “antidote”.
Unique information is a target for competitors, intermediaries and intruders. The databases of online services for cartography and navigation systems, product characteristics in internet shops as well as advertisements on digital trading platforms are particularly popular. However, manual copying of content is costly, exhausting and unproductive. The automated download (exfiltration) systems of content are developed and used to save time and resources. The specifically configured software performs website crawling – it automatically downloads the web pages, analyses the content, finds the links to other sections and recursively copies the entire content of the website.
In its turn, legal methods of protection against web-scraping have limited abilities.
Copying of information from public sources is not as legally protected as copying and use of personal data by the Directive 95/46/EC is. For that reason, technological methods of protection of information from copying are also in demand.
With the help of Active Bot Protection, the Systron platform can filter out relevant requests, preventing unauthorized copying of content and reducing the load on the client’s infrastructure.
Click fraud refers to one of the types of online scams. Interested parties, such as competitors or intruders, make false clicks on advertising links (Pay Per Click) and spend the advertising budget. There are manual and automatic click frauds, the latter occurs, when actions of clickers are imitated through special programs.
According to the Wikipedia: “In computer programming, an application programming interface (API) is a set of subroutine definitions, protocols, and tools for building application software. In general terms, it is a set of clearly defined methods of communication between various software components.”
As we see rapid development of mobile Internet access networks and the growth of the number of smartphones, many companies whose business is connected to the Internet, are developing and supporting their own mobile applications.
This allows them to make their services accessible to as many users as possible. A home computer is no longer required to purchase services or to consume content.
Most mobile applications use a client server architecture where the application is installed on the user’s device and the service content is delivered via a centralized API.
As all mobile services are interested in reaching their maximum audience, users should be able to use the application around the world. An API is often a great resource and therefore attracts hackers as well as legitimate users. A weakness of APIs is that they can be subject to service failure attacks. This type of attack makes it impossible for the user to access the mobile application and faced by the fact that the service is unavailable, forces them to turn to alternative options. There are many ways to address these types of attacks. However, blocking the offending addresses is usually not the best method. The historical approach of blocking IP addresses could lead to restricting access for legitimate users of the application on the same shared WIFI or public access point at a hotel, airport or train. This leads to a negative impact on brand and revenue.
Another type of abuse of mobile and public APIs is automated scraping and/or publishing of data to the service by bot accounts.
An optimal solution could be Variti’s Active Bot Protection (ABP), which is able to filter-out non-legitimate requests. The application backend will receive web-traffic that is cleaned from undesirable requests. ABP is based on a multifactorial analysis of each Internet session. The method includes both statistical and technical data analysis. Apart from these, Systron uses behavioral analysis which enables to distinguish bots and humans with a high level of confidence.
API protection service extends Variti’s Active Bot Protection to all applications including mobile, mitigating low-frequency bot attacks that are normally missed.
With Variti’s Always-On API protection, companies notice a decrease in load and increase in capacity due to filtering unwanted bot traffic.
Upon request, Systron provides personalized DDoS Simulation tests, to identify how a company would fare under a range of automated attacks. Systron has found that, majority of the time, companies are vulnerable against modern attacks, which are bypassing traditional methods of detection.
Systron’s Intelligent Active Bot Protection© technology is focused on threats on application level, where the threats are more sophisticated and modern.
Systron currently uses this technology for DDoS mitigation (with focus on L7), anti-click fraud, protecting API of mobile applications and serve clients in the segments of media, e-commerce, financial, hosting providers. Our platform has been designed and developed by highly skilled engineers who have vast experience in DDoS mitigation and bot detection.
Services are provided based on its own software and infrastructure. Systron cleans the traffic of its customers and protects them against different types of network attacks, such as DDoS and various types of hacking attacks, thereby making its customers Internet services more accessible and safer for their users.
The total duration of testing does not exceed three hours. Date-time of test start and peak stress test load is determined with the client in advance.
To coordinate the parameters of the various stages of testing for the entire time of the tests, the client allocates technical specialists with the appropriate authority.
For operational coordination, the presence of at least one client specialist in the group created before testing is mandatory.
Testing is carried out in several stages. The start of each stage and the initial parameters of the load are coordinated with the dedicated specialists of the customer.
During this phase, the processing by the web resource of requests at the application level is checked :
During the testing, parameters of using keep-alive, timeouts and other available variables can change.
During this phase, the processing by the web resource of requests on the network and protocol level is checked:
During testing, the flags of packages and other available variables can change.
The specialists agree on the parameters of connection of the Systron service to the tested resource. Upon completion, the obtained parameters of availability, delays, the number of resource responses with error codes, etc. are compared.
Within three working days upon test run, Systron experts provide a list of infrastructural weak-points and improvement recommendations, based on gathered data analysis.