HumanDefender

5-signal behavioral AI that Ghost Scores every Reddit comment. Karma ratio, velocity, linguistic entropy, cross-sub scatter. Mods decide. HumanDefender informs.

Comment

Inspiration

Reddit is being quietly colonized — not by obvious spam bots, but by sophisticated "1% commenters": accounts that exist solely to post generic, AI-generated responses across hundreds of unrelated subreddits. They pass karma thresholds. They have aged accounts. AutoModerator doesn't catch them. Mods have no tools to detect them at scale.

We built HumanDefender because the communities most vulnerable to coordinated inauthentic behavior — political subreddits, mental health communities, local news forums — deserve better than a mod team playing whack-a-mole.

What It Does

HumanDefender is a Devvit mod tool that automatically Ghost Scores every comment using 5 behavioral signals:

Signal Weight What It Catches
Karma Ratio 25pts 95%+ comment-only karma — classic bot pattern
Velocity Index 20pts Metronomic posting rhythm — bots post like clockwork
Linguistic Entropy 25pts Template language, flat vocabulary diversity
Cross-Sub Scatter 15pts Carpet-bombing unrelated subreddits in short windows
Reply-Only Flag 15pts Never starts threads — pure amplification behavior

Ghost Score Verdicts:

  • 0–30CLEAN — no action
  • 31–60 🟡 SUSPICIOUS — logged silently
  • 61–80 🟠 LIKELY BOT — flagged to mod queue with breakdown
  • 81–100 🔴 GHOST — auto-reported to mod queue

HumanDefender never auto-removes or auto-bans. Mods see why an account is flagged and decide. The tool informs — humans decide.

How We Built It

Devvit App (TypeScript)

  • CommentSubmit trigger fires on every new comment automatically
  • Three signals computed locally via Reddit API (Karma Ratio, Velocity, Reply-Only)
  • Redis-backed rolling detection log (500 entries per subreddit)
  • Full structured logging with level, event, and timing data
  • 10-test smoke test suite accessible from the mod menu

Cloudflare Edge Worker (ghosthunter.osintnet.uk)

  • Handles the two compute-intensive signals: Linguistic Entropy and Cross-Sub Scatter
  • Shannon entropy analysis on comment token distributions
  • Cross-subreddit burst detection with time-window analysis
  • Sub-100ms global response time

Architecture:

Reddit Comment → Devvit CommentSubmit Trigger → Local: Karma Ratio + Velocity + Reply-Only → Edge Worker: Linguistic Entropy + Cross-Sub Scatter → Composite Ghost Score (0–100) → Mod Note / Auto-Report / Detection Log

Challenges We Ran Into

Devvit fetch constraints — the http capability has strict timeout limits. We built the Cloudflare edge worker to handle compute-intensive signals externally, with graceful degradation to 3-signal local scoring if the edge is unreachable. The system still works even offline.

False positive calibration — behavioral signals can fire on enthusiastic human posters. We calibrated thresholds by testing against known-human and known-bot account profiles, and built full signal transparency into every mod note so mods can always see exactly which signals fired and why.

Redis data model at scale — designing a rolling detection log that stays performant required careful key schema design and TTL management to prevent unbounded growth in large subreddits.

Accomplishments We're Proud Of

  • Zero configuration required — install and it works. Sensible defaults out of the box for any subreddit.
  • Full transparency — every mod note shows the complete signal breakdown, not just a flag. Mods understand why before they act.
  • Built-in observability — 10-test smoke suite lets any mod verify the entire system is functioning at any time.
  • Graceful degradation — if the edge worker is unreachable, HumanDefender falls back to 3-signal local scoring. It never silently fails.
  • Open source — full source on GitHub. MIT license. Reproducible methodology. No black boxes.

What We Learned

Behavioral signals are far more reliable than content filtering for detecting coordinated inauthentic behavior. A bot can write a passable comment. It cannot easily fake a human posting cadence, karma distribution, and cross-community behavior simultaneously across all 5 signals.

Devvit's Redis integration is powerful but requires careful key hygiene. We learned to treat the detection log as a fixed-size ring buffer rather than an ever-growing list.

What's Next

  • Phase 2: Pattern clustering — detect coordinated networks by cross-correlating flagged accounts across subreddits
  • Phase 3: Subreddit-level heat map — visualize bot activity trends over time
  • Phase 4: Configurable thresholds UI — let mods tune signal weights for their community
  • Public API for researchers and civil liberties organizations studying coordinated inauthentic behavior

*Built by **Indica Independent Media

Built With

Share this project:

Updates