
Apply HN: MalleableByte - Ensure quality web traffic - malleablebyte
MalleableByte is developing an automated web service to help growth hacking site owners eliminate spam traffic with predictive machine learning.<p>Value Proposition: Help site owners understand human visitors not spam.<p>Website &amp; Video: http:&#x2F;&#x2F;malleablebyte.org<p>Why are we doing this?
We encountered this problem ourselves and wanted to solve these 3 main pain points:
1) Manually updating block filters&#x2F;firewalls regularly is painful and unproductive.
2) Spam and bots messes up the analytics and analysis.
3) Spam and bot traffic is often indicative of potential security issues.<p>How are we doing this?
1) Quarantine web traffic with automated filtering.
2) Apply machine learning and prediction to manage constantly evolving thread.<p>Who is it useful for?
Growth hacking site owners or webmasters.<p>How are we measuring our results?
1) Reduce overall bounce rate.
2) Increase visitor page views per session.
3) Increase visitor average session duration.
======
buss
How is your service different from what CloudFlare offers with it's DDoS
mitigation? I think I might misunderstand your goals.

Is bot traffic a nuisance or actually a problem? If it's not enough traffic to
bring my site down, why would I care as a website owner? If the bots are
probing for security vulnerabilities, how do you detect that? Do you plan to
add services to address the vulnerabilities?

> How are we measuring our results? 1) Reduce overall bounce rate. 2) Increase
> visitor page views per session. 3) Increase visitor average session
> duration.

How will eliminating bots help this? Why doesn't (or can't) google analytics
filter out the bots?

~~~
malleablebyte
> How is your service different from what CloudFlare offers with it's DDoS
> mitigation?

CloudFlare's main goal is to accelerate web browsing performance via a reverse
proxy. DDoS protection just happens to be one of their big feature. They are
not solving the spam traffic problem with their DDoS features or reverse
proxy. I have a more detailed response to this question in another post @
[https://medium.com/@wantastartup/thanks-for-your-
feedback-f3...](https://medium.com/@wantastartup/thanks-for-your-
feedback-f322960a5255#.5wgidq6bw)

In fact, I was wrongly banned by their service when I tried to access my
medium blog while traveling in Malaysia. You can read more @
[https://medium.com/@wantastartup/cloudflare-is-doing-it-
wron...](https://medium.com/@wantastartup/cloudflare-is-doing-it-
wrong-97b3bc2f2573#.z1ygk5m2g)

The key problem with CloudFlare is that they are using a firewall (the wrong
tool) to tackle spam.

> Is bot traffic a nuisance or actually a problem?

If you do A/B testing on your site, landing pages, or try to figure out what
is the most popular item/post on your site to convert visitor to paying
customer and you cannot differentiate between bot from human, you have a
serious problem. All the results from your analytics will be wrong.

Bots don't crawl everything, including your file, images and videos. If you
host them on your site, you will be paying for the bandwidth.

Bots also clone and steal information from your site for many evil reasons.
Like scammers trying to do a phishing hack, competitors trying to steal
keywords or down your Google ranking and etc. You can read more @
[http://blog.malleablebyte.org/2015/08/digital-creepy-
crawlie...](http://blog.malleablebyte.org/2015/08/digital-creepy-crawlies-are-
not-as.html)

If you actually use your site for important work (eg. growth hacking,
eCommerce, ...), then they are a problem. However, if you are a 'put up a
website and let it rot', then no, it is a nuisance.

> If the bots are probing for security vulnerabilities, how do you detect
> that?

We do it via machine learning and pattern recognition. We have already
detected 3 third party sites that was hacked using ransomware. Their traffic
probes via the network of the hacked site was discovered by our service and we
managed to quickly notified the owners. Read more @
[https://medium.com/@malleablebyte/machine-learning-
discovere...](https://medium.com/@malleablebyte/machine-learning-discovered-
hacking-e6ed8e15c0c9#.ykjjj4rbe)

> Do you plan to add services to address the vulnerabilities?

No, that is not our focus. However, we would love to work with others who are
dedicated to fix those vulnerabilities.

> How will eliminating bots help this?

Bots are the key contributors to these web metrics. On our site, we have seen
our bounce rate, pages per session and avg session duration greatly improve
after we implemented our solution. Check out our video on our website to see
the numbers.

> Why doesn't (or can't) google analytics filter out the bots?

Taking web traffic spam out of your Google analytics is like sweeping the
problem under the table and pretending that it does not exist. Google merely
reports the data and cannot do anything else except remove ghost spam from the
data. It cannot actually stop bots or real traffic going to your site. You can
read more @ [http://blog.malleablebyte.org/2015/07/what-is-google-
ghost-s...](http://blog.malleablebyte.org/2015/07/what-is-google-ghost-
spam.html)

The key problem is the javascript approach to their solution, which has
limited them in the way they handle spam.

~~~
malleablebyte
On the question below.

> Is bot traffic a nuisance or actually a problem?

I meant to say "Bots crawl everything" and not "don't"

