Skip to content

Feature: infer type of user (crawler, attacker, regular user, ...) from activity #22

New issue
New issue
Open
Open
Feature: infer type of user (crawler, attacker, regular user, ...) from activity#22
Assignees
leonardobambini
Labels
enhancementNew feature or request
@leonardobambini

Description

@leonardobambini
leonardobambini
opened on Dec 30, 2025

Define user typologies and, based on activity, infer the typology for each user.

Proposed user typologies:

  • Crawler
  • Attacker
  • Regular User

Proposed evaluation metrics:

  • HTTP methods used: Crawlers tend to use GET and HEAD, Attackers use more POST, PUT, DELETE
  • Paths: Crawlers tend to respect robots.txt and in general are not focused on login or configuration pages
  • Request rate and timing: steady, throttled, polite vs attackers' bursty, aggressive, or oddly rhythmic behavior
  • Header Quality and Consistency: Crawlers tend to use complete and consistent headers, attackers might miss, fake, or change headers

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions