Websites such as job boards face a persistent problem: their data is constantly pilfered by automated bots.
The data ends up on other competing job boards, which have stolen the content. It's a problem that plagues any website whose intellectual property must be publicly posted for free, or even those with subscription models.
But an Atlanta-based security company that specialises in detecting bots has developed software that can detect those screen-scraping and data-mining bots.
Pramana's main product, HumanPresent, detects automated bots that, for example, enter spam into web-based forms or register for free e-mail accounts to be used for spam.
Pramana has now developed a module called "data mining and screen scraping prevention" for HumanPresent. It works on many of the same principles as its main product but has been modified for data-mining scenarios, said David Crowder, Pramana's CEO.
HumanPresent can detect bots by noticing differences in the way a human would normally interact with a Web page and contrasting that with how bots behave. It looks at more than 30 metrics, such as keyboard strokes, mouse clicks and the timing of those actions.
HumanPresent looks at single transactions, but the data-mining module has been modified to look at a timed period when either a bot or human is on the site, Crowder said.
Data-mining bots tend to entirely circumvent a browser's user interface. For example, a bot may request a web page with lots and lots of data, but never scrolls or clicks on a page. If a series of pages are opened and viewed in that manner, it could mean a data-mining bot has arrived.
Pramana assigns a unique ID to the visitor, and after analysing the visitor's behaviour, can make a decision whether to label the visitor a bot or not. There are several different ways a website operator can then choose to deal with the situation.
The IP (Internet Protocol) address of the bot's computer can be block permanently. One car auction website that is testing Pramana's data mining module decided to move suspected bots into a "sandbox" where it is served completely false data.
"They're indeed data mining -- it's just dead wrong," Crowder said.