Using the bot detection API, you can perform user behavior analysis using JS. By combining JavaScript, HTML and sensor data, you can capture, record and analyze user interactions, detecting bots and other nefarious actors in the process.
The bot detection API works with an edge server that receives client requests. This server injects JavaScript into the base HTML page to collect data about user interaction. In addition, the script will send data asynchronously to the bot detection service. A script is triggered based on mouse clicks, tab key strokes, and other javaScript events. If there is a match between the session cookie _abck and the corresponding _bm_sz, a fingerprint is generated, which is used for the aforementioned above-mentioned functions.
A “fingerprint” is a unique value, collected and stored for a defined period of time. Depending on your needs, you can use it to identify protected sites, learn which combinations work, and avoid replay attacks. Some combination include the client’s IP address, browser, and user agent. You can also check to see if a given fingerprint is valid.
As part of the detection process, you can send information to the bot detection service about the request, such as the URL, URL response type, and domain. These can help you identify bots, as well as identify anomalies that are typical of bots. It’s also possible to create reports based on the logs of a bot’s activities, which is useful for forensics purposes.
The bot detection API uses a number of metrics to determine if a user is a human or a bot. These include a fingerprint, a request accounting function, a rate control evaluation, and a bot management detection workflow. Typically, the most robust implementation of these metrics will send their feedback in an X_BF header. However, bot detection API the format of an API call varies depending on the mode of operation.
First and foremost, the bot detection API is a nifty way to detect spam or malware. The system will verify your request and authenticate your account through basic authorization. After this, you can begin sending telemetry to the bot detection service, which includes the aforementioned X_BF header, as well as information on your behavior. Most bot detection APIs will report the information in a variety of formats, including JSON, a downloadable CSV file, or in an XML file.
One of the more complex parts of the API is the get_threat_score function. This function retrieves a threat score that is correlated to a session ID, which is obtained from the bot detection service. Once this is done, you can trigger a bot manager rule that will take action.
Lastly, the bot detection service provides a list of anomalies that should be mentioned, the bmharule. This is a list of detection header anomalies that is most appropriate for your environment. Among the items listed are the bmwo (the most obvious), ai (the attempt ID), and a few others. They are the most likely to be spotted by a bot detection service, though some may be more likely than others.