Battling the Bots

Bot traffic actually exceeds human traffic on the internet, which is an alarming statement.

According to a security report by Imperva, bots are responsible for 52 percent of web traffic.

Botnets are a type of malware that allows an attacker to take control over an affected computer. They are typically linked together as part of a whole network of infected machines, also known as a “botnet”.

According to PYMNTS’ Q4 2016 Global Fraud Attack Index TM “Botnets are booming – the rate of attacks featuring botnets rose by 47 percent Q3 2015 and Q2 2016.”

Botnets are being used to target a range of industries including online merchants, ticket purchasing services, the travel industry and digital advertising.

Fortunately, technology exists that can help.

One signature quality behind bot attacks is their high rate of speed. Some solutions work by flagging devices that are used to perform multiple unusual behaviors at a high rate of speed. If a device performs multiple login attempts on multiple accounts over a short period of time, this could signal the use of a bot.

However, many of these bot detection tools fall short of true identification because they rely on IP addresses or cookies in their model. This method of identification is easily thwarted by sophisticated bots that change their IP address continually or clear/disallow cookies.

The next generation of bot-prevention tools involve device intelligence, device fingerprinting, malware detection, machine learning, and behavioral analysis. This model relies more on identifying the bot at the root, at the device level. Such solutions employ both static techniques, such as detecting malware on the device, and a more complete behavioral analysis—that is, detecting a high number of attempts or unusual traffic patterns.

Companies doing business online would be wise to invest in sophisticated device intelligence, machine learning, and authentication technology to help distinguish bot traffic form legitimate traffic.