Description
In today's digital landscape, the battle between industry and automated bots is an ever-evolving challenge. Attackers are leveraging advanced techniques such as residential proxies, CAPTCHA farms, and AI-enhanced fingerprint rotations to evade detection and execute functional abuse attacks, including web scraping, denial of inventory, and SMS pumping.
This talk will explore ongoing efforts to detect and mitigate these automated threats in a real-world environment, focusing on new work-in-progress approaches. We will delve into new strategies to counter the rise of automated attacks, such as AI-driven detection models, reputation databases, and timing measurements. Additionally, we will discuss the usage of techniques like mirroring real websites to lure and mislead attackers, and the shift towards analyzing functional behavior rather than relying solely on fingerprinting. Throughout the talk, we will consider the challenges and limitations of implementing these solutions within a large-scale, real-world company, and invite discussion on how to overcome these obstacles.
Practical infos
Next sessions
-
The Design and Implementation of a Virtual Firmware Monitor
Speaker : Charly Castes - EPFL
Low level software is often granted high privilege, yet this need not be the case. Although vendor firmware plays a critical role in the operation and management of the machine, most of its functionality does not require unfettered access to security critical software and data. In this paper we demonstrate that vendor firmware can be safely and efficiently deprivileged, decoupling its[…]-
SoSysec
-
Compartmentalization
-
Operating system and virtualization
-