Research indicates that a large share of web traffic involves computer bots—many are malware. Bot activities include content scraping, reconnaissance, credential stuffing, creating fake accounts, comment spamming, and similar activities. Bots can impose an unnecessary load on any company trying to serve web content efficiently. More importantly, they can attempt to “learn” the operation of a web site so as to exploit it. As one example, malicious software (malware) may execute a “man in the browser” attack by intercepting communications that a user makes with a web site in a manner that makes the user believe that he or she is actually communicating with the web site. For example, malware may generate a display for a user who is visiting a banking site, where the display requests from the user information such as social security number, credit card number, other account numbers. An organization that operates the malware may then have such data sent to it, and may use the data to steal from the user, the web site operator, or both.
Various approaches have been taken to identify and prevent such malicious activity. For example, programs have been developed for operation on client computers or at the servers of the organizations that own and operate the client computer to detect improper activity.