Electronic Communications of the EASST
is a peer-reviewed, scientific and open access journal
ISSN 1863-2122

Web Robots (bots) that automate communication with a service on the Internet via their API are efficient and easy to scale. A large number of bots leads to significant losses for providers and can frustrate users of social media, games or online stores. Existing solutions such as CAPTCHAs or complex registrations either frustrate users or are easy to circumvent. Current solutions that make it difficult to create bots are only effective for the first bot. Once the first bot is created, it can be easily duplicated to build an army of bots. This paper presents an approach inspired by polymorphic malware and censorship resistance to change this. Each client that communicates with a service does so by using its own application protocol that is syntactically different but not semantically. Thus, a bot creator is forced to either find a way to automatically extract the whole application protocol from a client or to reverse engineer a new protocol for each bot that is created.