CQAI: Accurately Determining Malicious Intent

CQAI analyzes your public facing web, mobile and API-based application transactions to separate human from automated and human powered malicious activity to uncover business logic abuse such as account takeovers, credential stuffing, fake account creation, gift card fraud, and content scraping. The final result of the CQAI analysis is a syntactic fingerprint that is then used for policy enforcement.

 


CQAI Analytics Engine

 

The CQAI multi-dimensional analysis includes:

  • Heuristics: Determines malicious behavior by comparing normal user behavior like speed, time of day and location of login attempts with common malicious automation characteristics.
  • Machine Learning: Uses machine-learned attack models created and updated regularly by the Cequence Research Team to differentiate with very high accuracy, malicious automation requests from legitimate requests.
  • Automation Indicators: Analyzes traffic looking for common signs of malicious requests such as missing ‘cookie’ field, ‘referrer’ field, or malformed ‘user-agent.’ Automation Indicators are modifiable by Cequence Security or the customer.
  • Statistical Analytics: calculates statistics of different network attributes and their combinations such as a high volume of requests from an ISP or country, across a variety of time windows.
  • Network Analytics: a collection of rules that looks for known attack tools and their network fingerprints.

The CQAI analysis of your public facing applications provides you with a more complete view of application business logic abuse than other technologies that rely on client context alone. The Cequence threat research team continuously analyzes dark web activity, attack tools and techniques, and compromised networks to ensure that CQAI is regularly updated with the intelligence needed to provide superior detection and defense. Abusive patterns and vulnerabilities identified by CQAI can then be used to drive policy creation and enforcement within the two security modules, CQ botDefense and CQ appFirewall, respectively.

Get the CQAI Tech Brief