The Reign of Botnets: Defending Against Abuses, Bots and Fraud on the Internet(Tech Today)

A top-to-bottom discussion of website bot attacks and how to defend against them In The Reign of Botnets: Defending Against Abuses, Bots and Fraud on the Internet, fraud and bot detection expert David Senecal delivers a timely and incisive presentation of the contemporary bot threat landscape and the latest defense strategies used by leading companies to protect themselves. The author uses plain language to lift the veil on bots and fraud, making a topic critical to your website's security easy to understand and even easier to implement. You'll learn how attackers think, what motivates them, how their strategies have evolved over time, and how website owners have changed their own behaviors to keep up with their adversaries. You'll also discover how you can best respond to patterns and incidents that pose a threat to your site, your business, and your customers. The book includes: A description of common bot detection techniques exploring the difference between positive and negative security strategies and other key concepts A method for assessing and analyzing bot activity, to evaluate the accuracy of the detection and understand the botnet sophistication A discussion about the challenge of data collection for the purpose of providing security and balancing the ever-present needs for user privacy Ideal for web security practitioners and website administrators, The Reign of Botnets is the perfect resource for anyone interested in learning more about web security. It's a can't-miss book for experienced professionals and total novices alike.

Table of Contents:
Introduction xvii Chapter 1 A Short History of the Internet 1 From ARPANET to the Metaverse 2 The Different Layers of the Web 7 The Emergence of New Types of Abuses 9 The Proliferation of Botnets 11 Quantifying the Bot Traffic Volume on the Internet 14 Botnets Are Unpredictable 16 Bot Activity and Law Enforcement 18 Summary 19 Chapter 2 The Most Common Attacks Using Botnets 21 Account Takeover 22 Data Harvesting 23 Credential Harvesting 26 Account Takeover 31 Targeted ATO Attacks 34 A Credential Stuffing Attack Example 35 Account Opening Abuse 38 The Tree Hiding the Forest 39 Fraud Ring 41 Web Scraping 48 The Intent Behind Scraping by Industry 49 Good Bot Scraping 51 Inventory Hoarding 53 Business Intelligence 55 Scalping: Hype Events 58 Online Sales Events Mania and Scalping 58 The Retailer Botnet Market 59 Anatomy of a Hype Event 61 Carding Attacks 64 Gift Cards 65 Credit Card Stuffing 66 Spam and Abusive Language 66 Summary 67 Chapter 3 The Evolution of Botnet Attacks 69 Incentive vs. Botnet Sophistication 70 HTTP Headers 101 71 Common HTTP Headers 71 Legitimate Browser Signatures 74 Header Signatures from Bot Requests 75 The Six Stages of a Botnet Evolution 77 Stage 1: Deploy the Botnet on a Handful of Nodes Running a Simple Script 77 Stage 2: Scale the Botnet and Impersonate the Browsers' Header Signatures 79 Stage 3: Reverse Engineer JavaScript and Replay Fingerprints 80 Stage 4: Force the Web Security Product to Fail Open 81 Stage 5: Upgrade the Botnet to a Headless Browser 82 Stage 6: Resort to Human/Manual Attack 84 Botnets with CAPTCHA-Solving Capabilities 85 Human-Assisted CAPTCHA Solver 85 Computer Vision 88 The CAPTCHA Solver Workflow 88 AI Botnets 89 The Botnet Market 91 Summary 93 Chapter 4 Detection Strategy 95 Data Collection Strategy 96 Positive vs. Negative Security 98 The Evolution of the Internet Ecosystem 99 The Evolution of Detection Methods 100 Interactive Detection 100 Transparent Detection 103 The State of the Art 106 Transparent Detection Methods 108 Good Bot Detection 109 Good Bot Categories 111 IP Intelligence 115 Cookie Handling 118 JavaScript Execution Handling 119 Device Intelligence 120 Proof of Work 123 Behavioral Biometric Detection 125 Headless Browser Detection 128 User-Behavior Anomaly Detection 130 Email Intelligence 135 Advanced PII Data Assessment 140 Risk Scoring 142 Formula 143 Consuming the Risk Score 144 Summary 145 Chapter 5 Assessing Detection Accuracy 147 Prerequisites 148 High-Level Assessment 149 Website Structure 150 Website Audience 151 Types of Clients 151 Assessing the Shape of the Traffic 152 Quantitative Assessment (Volume) 155 Feedback Loop 156 Response Strategy Assessment 158 Low-Level Assessment 158 IP Intelligence 159 Device Intelligence 163 Assessment Guidelines 168 Identifying Botnets 170 Botnet Case Study 173 The Evening Crawler 174 The Sprint Scraper 175 The Night Crawler 176 The Cloud Scraper 177 Summary 177 Chapter 6 Defense and Response Strategy 179 Developing a Defense Strategy 180 Do-It-Yourself 180 Buying a Bot Management Product from a Vendor 182 Defense in Depth 184 Technology Stack to Defend Against Bots and Fraud 186 Detection Layer to Protect Against Bot Attacks 186 Detection Layer to Protect Against Online Fraud 188 Response Strategies 189 Simple Response Strategies 190 Advanced Response Strategies 191 Operationalization 193 Mapping a Response Strategy to a Risk Category 193 Preparing for Special Events 195 Defending Against CAPTCHA Farms 196 Summary 197 Chapter 7 Internet User Privacy 199 The Privacy vs. Security Conundrum 199 The State of Privacy and Its Effect on Web Security 201 IP Privacy 201 Cookie Tracking Prevention 204 Anti-fingerprinting Technology 206 The Private Access Token Approach 213 The High-Level Architecture 214 The PAT Workflow 214 PAT Adoption 216 Summary 218 References 219 Index 223