[kt cloud TECH UP] Dodging Bankruptcy: Architecting Cost-Effective AI Bot Defense

1/30/2026
AIMacro DefenseVQAMachine Learningkt cloud TECH UP

This post is the second installment in the mentoring retrospective series of the kt cloud TECH UP marathon ticketing platform project, highlighting the intense feedback sessions that shaped our system architecture.)

1. The Illusion of the Perfect Shield: "VQA for Everyone!"

To combat the primary antagonist of marathon ticketing—automated macro bots—our team's AI division prepared an ambitious defense model. Traditional text-based Captchas were deemed archaic, easily bypassed by rudimentary Optical Character Recognition (OCR) scripts.

Our chosen weapon was a Visual Question Answering (VQA) model. Right before a user could enter the ticketing queue, the AI would randomly generate a complex image (e.g., "Out of these assorted fruits, exactly how many are red apples?") and demand the correct answer. It acted as an intimidating bouncer.

The initial UX workflow was simple: "Force all 15,000 users attempting to buy tickets to pass this VQA screening!"

2. The Mentor's Reality Check: "Can you afford the Cloud Bill?"

As we proudly unveiled our VQA architecture, the kt cloud mentoring expert in Security and AI brought us crashing down to painful, infrastructural reality.

Mentor (kt cloud Security/AI Response Team): "Running inference on Deep Learning models like VLM or VQA consumes massive amounts of GPU resources and processing time. In an environment where 15,000 users surge concurrently—generating thousands of transactions per second (TPS)—triggering a deep learning defense line for every single request in real-time will literally bankrupt you on cloud infrastructure bills before the bots even reach your database."

This feedback highlighted the practical limitations of cloud infrastructure. Furthermore, from a User Experience (UX) perspective, forcing innocent, genuine human runners to solve complex visual math problems under time pressure is the absolute antithesis of a 'Good UX'.

3. Division of Labor: The Hybrid Defense Architecture

Absorbing the mentor's pivotal feedback, we completely overhauled our design into a 2-Tier Hybrid Defense Architecture that perfectly balanced cost, performance, and user experience.

Tier 1: Lightweight Behavioral Analysis (Classical ML)

In the split second a user navigates from the landing page to the 'Checkout' button, the frontend silently collects telemetric data: 1) mouse trajectory linearity, 2) click intervals, and 3) form input velocity. This metadata is dumped into an extremely cheap, blazing-fast Classical Machine Learning model (like Random Forest or Linear Regression) or rule-based backend logic. This Tier 1 bouncer rapidly triages the torrent of traffic. It simply asks: "Is this traffic a rigid, perfectly linear machine (macro), or a hand-trembling human?"

Tier 2: Targeted VQA Deployment (Deep Learning)

Out of the tens of thousands of requests, only the "Top 10% highly suspicious machine-like traffic" (or notoriously flagged IP ranges) determined by Tier 1 are hit with the heavy Tier 2 VQA Captcha. Now, our expensive GPU resources only need to process 10% of the total traffic volume, resulting in an astronomical reduction in infrastructure operating costs.

Innocent human users glide smoothly into the ticketing process without friction (Excellent UX), while malicious macro operators find their bots trapped in a computational quiz-hell.

4. Perfect Defense Stems from 'Proper Compromise'

Deploying the heaviest, most technologically advanced AI model with the lowest error rate at the very forefront of your architecture is perhaps the most classic 'show-off' mistake made by junior engineers.

In genuine corporate business environments, calculating restricted infrastructure budgets and guaranteeing strict TPS limits are the utmost priorities. Through this mentoring session, we deeply internalized the golden rule of real-world security architecture: "Cheap, rapid Tier 1 filtering -> Heavy, hyper-accurate Tier 2 striking."

In the next post, I will delve into another harsh but necessary lesson from the cloud infrastructure side: Uncovering the dangerous illusions of 'Auto-Scaling'.