|
Work item:
|
X.tg-cmc
|
|
Subject/title:
|
Technologies and guidelines to counter malicious API crawlers
|
|
Status:
|
Under study
|
|
Approval process:
|
AAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2028-10 (Medium priority)
|
|
Liaison:
|
-
|
|
Supporting members:
|
China Unicom, CAICT, State Grid Corporation of China
|
|
Summary:
|
APIs are critical for digital data exchange and service integration, but malicious API crawlers pose severe threats to data security, service availability, and business interests.
Malicious API crawlers are automated programs that scrape or exploit API services without authorization. Such API crawlers are typically designed to steal sensitive information, trade secrets, or intellectual property, and also consume a large amount bandwidth and CPU resources.. Malicious API crawlers are active across various websites, particularly in e-commerce, finance, travel and social media.
In order to assist organizations to improve the capabilities on the prevention and mitigation of malicious API crawlers, a detailed guideline is needed.
This Recommendation provides a description of the process and characteristics for malicious API crawlers, provides security measures for identify this attack, and provides guidelines for malicious API crawlers prevention.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2026-04-02 13:27:52
|
|
Last update:
2026-06-10 13:09:22
|