Detect Robot on Server??

Question

Hi,

This question sort of extends my other question on robots and captcha. I did what everyone recommend (thanks everyone!), however is it at all possible to detect a robot on the server first? For Example (Once again, I will use Stackoverflow as a reference): Sometimes when I ask a question, Stackoverflow comes back asking me to verify if I am human. However, sometimes it does not.

How does Stackoverflow do that, because that is what I want to do: Check data and if it looks like a robot, request human verification.

Also this needs to be done on Java (preferably), Perl or PHP.

Thanks

Answer 1

On StackOverflow, it's done by performing the same task too many times too quickly or performing multiple tasks too quickly.

If you want to emulate this, you can keep track of the number and time(s) of recent requests and check to see that everything is within your limits. If it isn't, redirect to a CAPTCHA.

Unfortunately, I don't have enough JEE experience to provide any code, but hopefully my approach will give you some idea(s).

Answer 2

The simple method would be to log activity (clicks, comments, ect.) and then check the frequency and similarity between these. You can usually detect robots by looking for similar tasks performed repeatedly.

If you are really serious about robot detection, log every keystroke and mouse movements. Regular users have a percentage of error and uncertainty associated with typing and navigating the site. A 100% typo free user that navigates the site easily and quickly (moving the mouse on a straight line from point a to point b) without ever going for the back button is very likely to be a bot.