BOT Detection

An internet bot, is defined as a ‘web robot’, ‘WWW robot’ or simply ‘bot’ and is a software application that runs scripts over the Internet. In other words, a bot is an automated application used to perform simple and repetitive tasks that would be time-consuming, mundane or impossible for a human to perform. As everything else they can be used both for benign and malicious tasks. A logical collection of Internet-connected devices such as computers, smartphones or IoT devices, each of which is running one or more bots is termed a “botnet”. They can be used for a host of operations from distributed denial-of-service attack (DDoS attack) to allowing the attacker to access the device and its connection. Communication channels formed by standards-based network protocols such as IRC and Hypertext Transfer Protocol (HTTP) enables one to direct the activities of these compromised computers. As such, they represent one of the most serious threats to the Internet security today.
Obfuscation of their traffic along with evasion and disruption of legal network traffic being primary objectives stealth is a major issue in the evolution of Botnet architecture. Thus, bot programs are traditionally constructed as clients which communicate via existing servers. This allows remote control and aids in obfuscation. Of late, botnets have begun to rely on existing P2P networks to communicate which eliminates the requirement of a central server for communication.