Chapter 3. Malicious Bots Threatening Web Applications

Malicious bots pose an increasingly large risk to web applications. The flexibility, increasing sophistication, and power of malicious bots make them formidable threats to your application security. Malicious bots can perform account takeovers, account creations, credit card fraud, massive DDoS attacks, and more. All of these activities can affect performance, availability, and ultimately your bottom line. Considering the severity of the risk posed by malicious bots, this section will focus on explaining how they work, how they most frequently circumvent security measures, and, most importantly, how they can affect your business.

Simply defined, bots—whether malicious or not—are devices that use software to execute commands automatically with little or no human intervention. Bots can be good or bad. Some examples of good bots include media/data bots, copyright bots, and spider bots used by search engines such as Google to crawl web pages and analyze content for inclusion and ranking in search results. Malicious bots include spam/email bots, impersonator bots, zombie bots/botnets, download/transfer bots, spy bots, scraper bots, and click/ad fraud bots.

Complicating defense against malicious bot activity is the fact that you can’t simply block all bot traffic. A surprising amount of modern internet traffic is derived from bot activity. In fact, recent reports indicate that global internet traffic generated from bots is now surpassing ...