Method for a Two Dimensional Honeypot to Deter Web Bots in Commerce Systems.

Security for web applications is an ongoing dilemma. Hackers and bots are getting more and more innovative in bypassing the various defensive tools implemented to enforce security. e-Commerce applications, such as those used for transaction processing, could be placed in a position of not providing a fair chance to all consumers because bots can interact more quickly. This is especially true when a commerce site offers popular inventory items where many traders are competing to get an item that has a limited supply. The e-Commerce site's security is compromised when some traders utilize pre-formatted scripts or spiders to place orders, thus giving them an unfair advantage. The problem is: how to eliminate the interaction of scripts and spiders in a given web application flow while requiring no additional actions taken by a human user. Our paper introduces an innovative multi-layer approach to honeypots where cashing or bypassing the honeypot is technically impractical. [ABSTRACT FROM AUTHOR]