Security vendor ferrets out who's a human and who's a bot
An Atlanta security company has come up with a technology it says can block automated programs responsible for perpetuating nuisances such as spam, fake e-mail registrations and click fraud.
The software, HumanPresent, essentially ferrets out, for example, whether a human is filling out a Web-based form and stopping those actions that appear to come from automated programs, said Sanjay Sehgal, CEO of Pramana.
Next month, Pramana expects to fully launch both a SaaS (software-as-a-service) offering and an appliance that monitor Web applications for intrusions by bots, Sehgal said.
Pramana's software can be applied to Web-based forms, whether they be e-mail registrations, e-commerce transactions or detecting click fraud related to banner advertising.
Sehgal is cautious about revealing how HumanPresent tells the difference between machines and people for fear that spammers will be able to create bots that act more like humans.
Pramana uses 32 metrics in its analysis to see if a Web page has been approached by a bot. Aspects that are analyzed include keyboard strokes and mouse clicks and the timing of those actions, Sehgal said.
For example, if a human clicks on a link on a Web page and nothing happens, the typical human reaction is to click the link again. Bots won't do that, Sehgal said.
Pramana can also be applied to click fraud scenarios, where bots are programmed to open up a Web page hundreds of times in order to click on the banner ads and potentially increase ad rates.
Sehgal was coy on exactly how it works, but a bot interacts with the page and an advertisement different than a human would. If Pramana detects that a bot is clicking on ads, a dummy ad can be substituted instead to avoid having tainted statistics.
For the SaaS offering, Pramana's technology is integrated into a Web application. When someone tries to do a log-in, for example, some of that session information is sent back to Pramana for nearly instant analysis. If Pramana detects a bot, the Web site could then opt to ask the person to go through some other verification step.
Pramana is one alternative to CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart), the box of squiggly characters a person must enter in order to prove they're human. Previously, it was hard for computers to solve CAPTCHAs, but that has changed in recent years. Also, it's believe that scammers in some instances have employed real people to solve CAPTCHAs.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
