Techniques for optimizing authentication challenges for detection of malicious attacks

What is claimed is: 1. A method for optimizing segregation between human-operated clients and machine-operated clients accessing computing resources, comprising: receiving, from a client, an authentication request, wherein the authentication request is received in response to a redirect request sent from a remote server to the client; dynamically selecting at least one authentication challenge from a plurality of different authentication challenges wherein the selection of the at least one authentication challenge is based at least on an indication of ongoing attacks and an indication of a type of the ongoing attacks; sending the at least one selected authentication challenge to the client; determining whether a notification call is received from the client during a predefined time interval; and upon receiving the notification call during the predefined time interval, confirming that the client passes the at least one selected authentication challenge, wherein when the client passes the at least one selected authentication challenge the client is identified as a human-operated client. 2. The method of claim 1 , wherein confirming that the client passes the at least one selected authentication challenge further comprises: generating an authentication object using a set of parameters included in the redirect request; and providing the authentication object to the remote server. 3. The method of claim 2 , wherein the set of parameters includes at least one of: a random string, a random number, a medium access control (MAC) address, a source IP address of the client, a fingerprint of the client, a time stamp, a uniform resource locator (URL) of a protected entity, and a destination IP address of a tenant. 4. The method of claim 2 , wherein at least one parameter of the set of parameters is encrypted. 5. The method of claim 1 , wherein the redirect request is generated by the remote server when the client attempts to access a computing resource of a protected entity. 6. The method of claim 1 , wherein the predefined time interval is set based on a round trip time (RTT) between a protected entity and the remote server. 7. The method of claim 1 , wherein upon confirming that the client passes the authentication challenge, the client is allowed to access a protected entity without further authentication during a predefined time period, wherein the predefined time period is set by at least an aging timer. 8. The method of claim 1 , wherein the client that fails the at least one selected authentication challenge is identified as a malicious machine-operated client. 9. The method of claim 8 , further comprising: gathering information related to the malicious machine-operated client; creating a profile for the malicious machine-operated client; and saving the profile in a reputation database. 10. The method of claim 1 , further comprising: generating the at least one selected authentication challenge, wherein the at least one selected authentication challenge is programmed to detect if the client is a human-operated client. 11. The method of claim 10 , wherein the at least one selected authentication challenge is at least one of: a polymorphic script, a challenge that requires user interaction, and an obfuscated challenge. 12. The method of claim 1 , wherein the selection of the at least one authentication challenge is further based on at least one of: a service assigned to a resource of a protected entity, a time, a date, a geographical location of the client, a profile of the client, and an indication from a reputation database. 13. The method of claim 1 , further comprising: upon failing to confirm that the client passes the at least one selected authentication challenge, selecting a new authentication challenge. 14. The method of claim 13 , wherein selecting the new authentication challenge is based on an escalation scenario. 15. The method of claim 14 , wherein the escalation scenario defines a certain order to execute a set of different authentication challenges, wherein the order of execution is determined based on at least one of: a type of attack, properties of the client, and a type of a protected entity. 16. The method of claim 10 , wherein the generated authentication challenge is embedded in a piece of code executed by the client. 17. The method of claim 1 , further comprising: detecting if the client is connected to any of: a content delivery network (CDN), and a proxy server. 18. The method of claim 17 , further comprising: matching a source Internet protocol (IP) address designated in the received authentication request to a source IP of the client; and detecting the client as connected to any of the content delivery network (CDN) and the proxy server when the source IP address of the client and the source IP address designated in the received authentication request do not match. 19. The method of claim 18 , wherein the client is determined to be unauthenticated when the client is connected to any one of: the CDN, and the proxy. 20. The method of claim 19 , further comprising: uniquely identifying at least the client from a plurality of clients connected through the CDN based on a fingerprint of each client. 21. The method of claim 20 , wherein the CDN multiplexes transmission control protocol (TCP) sessions for the plurality of clients. 22. The method of claim 1 , wherein the method is performed by at least one challenge machine allocated on demand for generating the at least one selected authentication challenge, wherein the at least one challenge machine is operable in a cloud computing platform and is de-coupled from the remote server. 23. A non-transitory computer readable medium having stored thereon instructions for causing one or more processing units to execute a method comprising: receiving, from a client, an authentication request, wherein the authentication request is received in response to a redirect request sent from a remote server to the client; dynamically selecting at least one authentication challenge from a plurality of different authentication challenges wherein the selection of the at least one authentication challenge is based at least on an indication of ongoing attacks and an indication of a type of the ongoing attacks; sending the at least one selected authentication challenge to the client; determining whether a notification call is received from the client during a predefined time interval; and upon receiving the notification call during the predefined time interval, confirming that the client passes the at least one selected authentication challenge, wherein when the client passes the at least one selected authentication challenge the client is identified as a human-operated client. 24. A challenge machine for authenticating clients accessing computing resources, comprising: a processing circuitry; and a memory communicatively connected to the processing circuitry, the memory containing instructions that, when executed by the processing circuitry, configure the challenge machine to: receive, from a client, an authentication request, wherein the authentication request is received in response to a redirect request sent from a remote server to the client; dynamically select at least one authentication challenge from a plurality of different authentication challenges wherein the selection of the at least one authentication challenge is based at least on an indication of a type of