Storage networks generally include servers that store data, such as web applications, web pages, or other content. Often, the servers are protected from malicious attacks by traffic management devices, which can perform other functions including load balancing and application acceleration, for example. One such set of attacks are denial of service (DoS) attacks and another type of attack is referred to as web scraping, although many other types of malicious attacks exist.
Malicious attacks can be identified based on anomalous network traffic received by the traffic management devices. Often the originator of such anomalous network traffic is a robot (also referred to as a “bot”) capable of automatically generating requests for web resources.
Unfortunately, current traffic management devices are ineffective at detecting malicious network behavior and distinguishing network attacks from benign behavior, resulting in false positives. In particular, current methods of identifying bots and malicious network attacks are not robust, and false positives often occur resulting in the implementation of mitigation techniques on benign traffic.