# User Stories - Bot Detection ## Actors | Identifier | Description | Examples | | ---------- | ----------------------------------------------------------- | --------------------------------- | | User | Generic user, can manage account. | n/a | | Analyst | Web app user, can analyze data and take action accordingly. | Cybersecurity/Performance Analyst | | Developer | Adds our platform to their own website. | Backend Developer | ## User stories <table> <thead> <tr> <th>Identifier</th> <th>Name</th> <th>Description</th> <th>Acceptance Test</th> </tr> </thead> <tbody> <tr> <td>PLDC2</td> <td>API Key Generation</td> <td>As a Developer, I want to generate a new API key, so I can add it to my website.</td> <td>Given I am logged in, when I click on the 'Generate API Key' button, then I am presented with a unique API key.</td> </tr> <tr> <td>BDM6</td> <td>Request Blacklist Data</td> <td>As a Developer, I want to know if a website requester is blacklisted, so that I can block their access.</td> <td>Given I have an API key, I can send a successful request asking whether a requester is on the blacklist or not.</td> </tr> <tr> <td>PLDC6</td> <td>Send Request Data</td> <td>As a Developer, I want to send information about a request made on my website, so that it can be analyzed.</td> <td>Given I have an API key, I can send a successful request with the data</td> </tr> <tr> <td>BDM13</td> <td>Detection Algorithm</td> <td>As an Developer, I want my request data to be analyzed in order to classify the requester as a potential threat such as a bot (scrapper, crawler) or a user with malicious intent (SQL-injection, XSS).</td> <td>Given that I send my requests to the service, when query the service for a classification of the requester, then I will know if it is a bot/hacker.</td> </tr> <tr> <td>BDM3</td> <td>Automatic Add to Blacklist</td> <td>As an Analyst, I want to be able to set automatic action against bots, so that the platform can take action without consulting me.</td> <td>Given that I am logged in, when I check the 'Automatic Action' switch, then malicious bots are automatically blocked.</td> </tr> <tr> <td>AM1</td> <td>Authentication</td> <td>As a User, I want to login to the web app page, so that I can access my dashboard.</td> <td>Given that I am not authenticated, when I input my credentials and click on the 'Sign In' button, then I am authenticated and can now access my dashboard.</td> </tr> <tr> <td>PLDC1</td> <td>Logger Creation</td> <td>As a Developer, I want to create a new Logger, so that I can start logging my data.</td> <td>Given I am logged in, when I click on the 'Create Logger' button, then I am presented with a new empty dashboard.</td> </tr> <tr> <td>BDM7</td> <td>Consult Blacklist</td> <td>As an Analyst, I want to be able to consult all blocked bots, so that I can know about them.</td> <td>Given that I am logged in, when I click on the 'Blacklist' button, then I am presented with a list of all blocked bots.</td> </tr> <tr> <td>BDM2</td> <td>Manual Add to Blacklist</td> <td>As an Analyst, I want to be able to take action against a bot, so that I can block it right away.</td> <td>Given that I am logged in, when I click on the 'Block' button, then that bot is blocked from accessing my website.</td> </tr> <tr> <td>BDM8</td> <td>Remove from Blacklist</td> <td>As an Analyst, I want to be able to remove bots from being blocked, so I can have them visit my website again.</td> <td>Given that I am logged in, when I check the 'Unblock' button, then the previously blocked bot should no longer be blacklisted.</td> </tr> <tr> <td>BDM14</td> <td>Consult Whitelist</td> <td>As an Analyst, I want to be able to consult all whitelisted users, so that I can know about them.</td> <td>Given that I am logged in, when I click on the 'Whitelist' button, then I am presented with a list of all whitelisted users.</td> </tr> <tr> <td>BDM9</td> <td>Add to Whitelist</td> <td>As an Analyst, I want to be able to manually add bots to a whitelist, so that they have access to my website and no automatic action or notifications come from their behavior.</td> <td>Given that I am logged in, when I check the 'Add to Whitelist' button, then that bot/user should have access to my websites.</td> </tr> <tr> <td>BDM10</td> <td>Remove from Whitelist</td> <td>As an Analyst, I want to be able to manually remove bots from a whitelist, so that they no longer have access to my website and are treated normally for suspicious behavior.</td> <td>Given that I am logged in, when I check the 'Add to Whitelist' button, then that bot should have access to by websites.</td> </tr> <td>BDM4</td> <td>Add Automatic Detection Rule</td> <td>As an Analyst, I want to be able to add a new detection rule, so that I can better target malicious users.</td> <td>Given that I am logged in, when I click the 'Add rule' button, then I can configure and save a new rule.</td> </tr> <tr> <td>BDM5</td> <td>Remove Automatic Detection Rule</td> <td>As an Analyst, I want to be able to remove a detection rule, so that I can better target malicious users.</td> <td>Given that I am logged in, when I click the 'Remove rule' button, then the rule is deleted.</td> </tr> <tr> <td>PLDC8</td> <td>Consult Logs</td> <td>As an Analyst, I want to be able to consult logged requests, so that I can identify unusual activity from visitors.</td> <td>Given that I am authenticated, when I click on 'Logs', then I am presented with a list of all requests from my website.</td> </tr> <tr> <td>PLDC9</td> <td>Metadata Extraction</td> <td>As an Analyst, I want to have access to my websites's requests' metadata (such as location or OS), so that I can better understand what my users' conditions are.</td> <td>Given that I am authenticated, when I visit my logs page, then I am presented with statistics/information about the visitors of my websites.</td> </tr> <tr> <td>PLDC7</td> <td>Debug Mode</td> <td>As an Analyst, I want to enter debug mode, so that I can quickly find slow or heavy-queried pages.</td> <td>Given some slow or heavy-query pages, when I enter debug mode, then I see the loading time and the number of queries performed.</td> </tr> <tr> <td>PLDC10</td> <td>Data Analysis</td> <td>As an Analyst, I want to analyze the data graphically, so that I can get a better understanding of the data.</td> <td>Given that I am logged in, when click on a specific website logger, then I want to be presented with various graphs with corresponding data from my website.</td> </tr> <tr> <td>PLDC3</td> <td>API Key Revocation</td> <td>As a Developer, I want to revoke an existing API key, so that I can protect my data.</td> <td>Given I am logged in, when I click on the 'Revoke API Key' button, then that API key is deleted.</td> </tr> <tr> <td>PLDC4</td> <td>API Key Naming</td> <td>As a Developer, I want to be able to name my API Keys, so that I can distinguish them.</td> <td>Given I am logged in, when I click on an API Key and input a new name, then the old name should be replaced with the new one.</td> </tr> <tr> <td>PLDC11</td> <td>Data Export</td> <td>As an Analyst, I want to be able to export data to an external file so I can do whatever I want with my data.</td> <td>Given that I am logged in, when I click on 'Download Logs' button, then my download starts and I gain local access to my logs.</td> </tr> <tr> <td>AM2</td> <td>Password Change</td> <td>As a User, I want to change my password, so that I can replace my old one.</td> <td>Given I am logged in, when I change my password and I sign out, then I need to input my new password in order to sign in.</td> </tr> <tr> <td>BDM11</td> <td>Use All Blacklists</td> <td>As an Analyst, I want to be able to use a combination of different blacklists of my websites, so that I can block malicious users across all of my websites.</td> <td>Given that I am logged in, when I check the 'Combine Blacklists' switch, then known malicious bots are automatically blocked across all of my websites.</td> </tr> <tr> <td>PLDC5</td> <td>API Documentation / Tutorial</td> <td>As a Developer, I want to be presented with a straightforward API Documentation and Tutorial, so that I can integrate the service with ease on my website.</td> <td>Given I am logged in, when I click the 'Documentation' button, then I am presented with documentation for the API.</td> </tr> <tr> <td>BDM12</td> <td>Public Blacklists</td> <td>As an Analyst, I want to be able to use a public blacklist, so that I can crosscheck visitors against a wider list of known malicious IPs.</td> <td>Given that I am logged in, when I check the 'Public Blacklist' switch, then known malicious bots are automatically blocked.</td> </tr> </tbody> </table>