Alexey Kuzovkin: How to defend against advanced DDoS attacks and bots?


Kuzovkin Alexey Viktorovich is the general director of “Infosoft” company, ex-chairman of the board of directors in company group “Armada”.

Experts note that the volume and number of automated attacks grows significantly from year to year. In addition to the usual DDoS, specialists mention illegal site scanning, parsing, account stealing, and hacks of business logic systems and smartphone applications. To successfully fight against unauthorized actions of hacker bots, you can use the Servicepipe tool. This solution effectively prevents potential DDoS attacks, both network and application layer.

More about bot functionality

Automated bots are actively used on the internet for a number of tasks. Their absence would not guarantee the stable functioning of major websites and web resources, such as search engines. Nevertheless, automated tools are being implemented to the same extent by scammers who embed bots into controlled networks called botnets. These, in turn, include in their structure bots of a virus nature that function on hacked gadgets with access to the Internet. The botnet problem is regularly compounded by the steadily increasing number of low-cost Internet of Things devices. The vast majority are characterized by weak security and easy-to-guess passwords. This nuance simplifies the process of forming large botfamilies with about hundreds of thousands of individual elements.

How bots work and why they are dangerous

Dangerous bot activity can appear in the following forms:

  •  DoS and DDoS attacks of all kinds;
  •  stealing of profiles, passwords, logins;
  •  illegal copying of content;
  • generation of false registration requests, fraudulent password recovery to other people’s accounts;
  • collecting personal information for spam mailing;
  • generation of false purchase requests for goods or services;
  •  artificial overloading of call centres;
  •  mass registrations in order to earn bonuses and other benefits.

Standard anti-bot tactics

Classic bot-protection tactics include the following:

  • CAPTCHA (a form of the Turing test, the most popular and frequently used method to fight bots, involving the use of images, letters or numbers);
  • Behavioural analysis (this tactic involves purposefully ignoring a number of requests for thorough analysis);
  •  Limits with adherence to IP addresses (fixing a limit on the number of content actions to be carried out);
  •  WAP (tools for resisting external threats, mostly for web apps).

Innovative approach to security with Servicepipe Cybert

The Servicepipe tool is equipped with special functionality to identify and block any, even individual, requests from new powerful bots. Maximum response accuracy is realised through a generalised analysis of a number of factors and criteria, among which:

  •  technical and statistical factors;
  • machine learning;
  • ex post facto behavioral analysis.

The combination of automated detection software, powerful capacity even under heavy loads and machine learning tools builds the potential to identify bot requests among current user traffic. The product provides strong protection against DDoS attacks, vulnerability scanning, account and access data theft, parsing, harmful attacks on business logic and unauthorised exploitation of mobile APIs.


Comments are closed.