Bots, or nonhuman automated tools, are growing in popularity and create a real threat to websites and applications. Bots are ideal workers for repetitive and complex tasks and can easily and efficiently run on different hosts and cloud services or as malware on infected machines. Bots are participating in different types of attacks impacting all types of applications and businesses—performing the entire scale of attacks from scraping, account abuse (account creation or account takeover), credit card and coupon guessing, application layer distributed denial of service (L7 DDoS), scalping, and click fraud. Bots range in complexity and abilities from simple scripts to full browser-based tools that can render complex pages and even solve CAPTCHA challenges.
Ido Safruti and Ariel Sirota review how bots work, explain how to operate a few common bots, and, most importantly, show what you can do to detect and block malicious activity while enabling your users and good bots to work uninterrupted. In order to detect and protect from different bots, Ido and Ariel first introduce a few common bots used by attackers, like PhantomJS and Selenium, to create a testing environment and verify that we can efficiently detect such tools. Ido and Ariel then explore a variety of techniques and open source tools and libraries you can use in order to detect different bots and outlines the things to consider when blocking them, once suspecting a request as being originated by a bot, such as:
Ido Safruti is the cofounder and CTO at PerimeterX, which is building a behavior-based web security service. Previously, Ido headed a product group in Akamai focusing on web performance and scalability. Ido joined Akamai through the acquisition of Cotendo, where he led product and strategy. His earlier roles include GM in charge of product engineering and operation, R&D manager, chief scientist, and head of engineering at various companies and the Israeli intelligence, where he focused on high-capacity, large-scale web and network services and cybersecurity systems.
Ariel Sirota is vice president of engineering at PerimeterX. Ariel has over 19 years of experience in building network security products and managing large product development and engineering teams. Previously, Ariel headed the engineering organization, including a team of over 80 developers, at Check Point Software Technologies, focusing on endpoint security and security management products, was R&D manager and head of engineering at BMC Software, and held leadership positions at New Dimension Software prior to its acquisition by BMC.
©2016, O’Reilly UK Ltd • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org