New EMA Research Examines the Detection and Prevention of Automated Bot Attacks

Share Article

EMA surveyed 209 respondents to learn how defenders are responding to this increasingly virulent attack vector

The Imitation Game: Detecting and Thwarting Automated Bot Attacks Research Report

The Imitation Game: Detecting and Thwarting Automated Bot Attacks Research Report

In the cat and mouse game between attackers and defenders, defenders appear to be gaining the upper hand through the use of more sophisticated detection and prevention tools

Enterprise Management Associates (EMA™), a leading IT and data management research and consulting firm, released a new research report titled “The Imitation Game: Detecting and Thwarting Automated Bot Attacks” based on criteria defined by Paula Musich, research director of security and risk management at EMA.

Over 20% of all website requests are made by bad bots conducting a range of nefarious activities, including the more ubiquitous application distributed denial of service (DDoS) attacks, as well as price scraping, web fraud, account hijacking, and more. In late 2019, EMA surveyed 209 respondents representing organizations primarily serving North America to learn how defenders are responding to this increasingly virulent attack vector. The research sought respondents primarily in IT and IT security roles representing organizations with at least 500 employees.

52% of respondents indicated that their organization’s public-facing applications had experienced DDoS attacks in the last year, followed by 38% of respondents reporting fake account creation and vulnerability scanning/reconnaissance attacks over that same time period. Depending on the type and size of the organization, the frequency of these attacks ranged anywhere from less than one per day to over 500 times per day.

Attackers continue to up their game by increasing the level of sophistication in their campaigns. The use of simple Python or Perl scripts to mimic the behavior of valid website visitors has given way to the use of Javascript and cookies to appear legitimate. More sophisticated bots even have their own moniker: advanced persistent bots (APBs). These APBs, which make up the lion’s share of all bad bots, can mimic human behavior, seek to bypass CAPTCHAs, hide behind anonymous peer-to-peer proxies, and dynamically rotate IP addresses. Increasingly, attackers try to determine how their bots are initially detected and then reconfigure and relaunch the attack in an effort to evade those detections.

Defenders are responding by turning to a range of different bot detection and mitigation providers, including dedicated bot mitigation vendors, web application firewall providers, content delivery networking services, and others. Such providers are raising the stakes by adding a wider range of telemetry to their solutions and adding new detections that employ machine learning techniques, behavioral analysis, and more on top of existing signatures, challenges, and IP reputation detections.

“Automated bot attacks can cost victim organizations from thousands to millions of dollars annually in lost business, product theft, increased infrastructure costs, and more,” says Musich. In the cat and mouse game between attackers and defenders, though, defenders appear to be gaining the upper hand through the use of more sophisticated detection and prevention tools.”

As organizations build out and manage their defenses against automated bot attacks, they are seeing success in detecting and mitigating the most frequently used attack techniques. This is especially true for application-level DDoS attacks, which the largest percentage of respondents indicated were detected and mitigated in less than one day.

Ultimately, bot defense solutions are enabling users of the technology to limit the amount of damage automated bot attack campaigns are exacting. Respondents in the survey indicated that their use of bot defense technology enabled savings in both fraud resolution and web infrastructure costs.

A detailed analysis of the research findings is available in the report, “The Imitation Game: Detecting and Thwarting Automated Bot Attacks.”

Highlights from the report will be revealed during the free February 11 webinar, “The Imitation Game: Detecting and Thwarting Automated Bot Attacks.”

About EMA
Founded in 1996, EMA is a leading industry analyst firm that provides deep insight across the full spectrum of IT and data management technologies. EMA analysts leverage a unique combination of practical experience, insight into industry best practices, and in-depth knowledge of current and planned vendor solutions to help their clients achieve their goals. Learn more about EMA research, analysis, and consulting services for enterprise line of business users, IT professionals, and IT vendors at http://www.enterprisemanagement.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Visit website