Project

Human or bot

Project (M.S., Computer Science)--California State University, Sacramento, 2017.

Online auctions have become an increasingly important aspect of e-commerce. The
 major problem with online bidding/auctioning is that there is no way of identifying if
 the user is a human or a bot. Human bidders are becoming increasingly frustrated with
 their inability to win auctions against their software-controlled counterparts. Bidding
 robots such as “Ez Sniper” and “Auction Sniper” are pieces of software that are
 configured by users to follow any number of auctions on different auction sites
 simultaneously, bidding in place of the user according to predefined settings and
 preferences. Humans are not able to attend to and monitor auctions with the same
 capacity as a running program, which can make complex bidding decisions in splitsecond
 time and can follow an auction with nonstop, undivided attention. As a result,
 usage from the site's core customer base is plummeting. To rebuild customer happiness,
 the auction service providers need to eliminate computer generated bidding from their
 auctions.
 This project aims to address this problem by providing a solution to identify bids that
 are placed by bidding bots. The identification is achieved by using machine learning techniques, such as Random Forest and Decision Tree, and uses several key features
 extracted from online bidding data, such as time, country, IP address, etc.
 The application provides three major functionalities as follows, CreateTrainingData,
 CreateModel, and Identify. In the absence of existing training data, CreateTrainingData
 creates training data with the help of the built-in model. The created data is to be
 verified. Once done so it would be used in the CreateModel function. CreateModel
 function creates a model based on the existing/created training data and its extracted
 features. The created model would be used for the identification process. The Identify
 function identifies the user/set of users whom uses bidding bots based on the model
 created.
 The application also provides some security protection by preventing SQL injection
 attacks. The 1st order and 2nd order SQL injection attacks are detected and prevented
 from execution. The application can receive input values and SQL statement as JSON
 value. The input values are first checked for special character if found, then the
 received SQL statement is split on input values and checked for SQL injection
 vulnerabilities.

Online auctions have become an increasingly important aspect of e-commerce. The major problem with online bidding/auctioning is that there is no way of identifying if the user is a human or a bot. Human bidders are becoming increasingly frustrated with their inability to win auctions against their software-controlled counterparts. Bidding robots such as “Ez Sniper” and “Auction Sniper” are pieces of software that are configured by users to follow any number of auctions on different auction sites simultaneously, bidding in place of the user according to predefined settings and preferences. Humans are not able to attend to and monitor auctions with the same capacity as a running program, which can make complex bidding decisions in splitsecond time and can follow an auction with nonstop, undivided attention. As a result, usage from the site's core customer base is plummeting. To rebuild customer happiness, the auction service providers need to eliminate computer generated bidding from their auctions. This project aims to address this problem by providing a solution to identify bids that are placed by bidding bots. The identification is achieved by using machine learning techniques, such as Random Forest and Decision Tree, and uses several key features extracted from online bidding data, such as time, country, IP address, etc. The application provides three major functionalities as follows, CreateTrainingData, CreateModel, and Identify. In the absence of existing training data, CreateTrainingData creates training data with the help of the built-in model. The created data is to be verified. Once done so it would be used in the CreateModel function. CreateModel function creates a model based on the existing/created training data and its extracted features. The created model would be used for the identification process. The Identify function identifies the user/set of users whom uses bidding bots based on the model created. The application also provides some security protection by preventing SQL injection attacks. The 1st order and 2nd order SQL injection attacks are detected and prevented from execution. The application can receive input values and SQL statement as JSON value. The input values are first checked for special character if found, then the received SQL statement is split on input values and checked for SQL injection vulnerabilities.

Relationships

Items