What is a bot: types and functions

Roughly half of all internet traffic today consists of bots that are used to simulate human com­mu­ni­ca­tion in social networks, search for content online for companies, perform search engine op­ti­miza­tion, automate customer service and carry out criminal ac­tiv­i­ties such as data theft, scams, and DDoS attacks.

Bots are digital tools and, like any tool, can be used for good or for bad. In order to un­der­stand how bots can support companies by au­tomat­ing simple, repet­i­tive tasks or in what ways your own cy­ber­se­cu­ri­ty needs to be beefed up, you need to be familiar with bots and what they can do.

The term “bot” comes from the English word “robot”. Similar to me­chan­i­cal robots, internet bots are pro­grammed to perform specific repet­i­tive tasks. To do so, they execute clearly defined commands through al­go­rithms and scripts which they can do faster than any human could. Bots are thus computer programs that operate au­tonomous­ly and au­to­mat­i­cal­ly and do not depend on human input or su­per­vi­sion to perform their functions.

The first internet bot was the World Wide Web Wanderer. First deployed in 1993, it measured the growth of the internet and stored data in the Wandex index. Nowadays, the range of ap­pli­ca­tions for bots is much more diverse. They can be used as chatbots for customer service, social bots in social networks, web crawlers to analyze websites or even as botnets for spam and phishing attacks.

The easiest way to explain how bots work is to compare them with physical robots. Unlike physical robots, they do not consist of physical machine parts, such as screws, screw threads, plastic, and wires. They are instead made up of code. The code contains the required commands and in­struc­tions for telling the bot how to com­mu­ni­cate actively with or in response to human users, systems or other bots.

Designing bots can be very simple. However, modern bots also use complex code and ar­ti­fi­cial in­tel­li­gence which can sometimes make them hard to dis­tin­guish from human users in a social network. Nowadays, even your average Joe can program a bot. There are numerous tools and in­ter­faces available online that enable users to program both simple and complex bots. For example, Twitter allows you to create your own chatbots for tweets, retweets, and likes.

Below, you will find a snippet of code from a chatbot. In this example, the bot uses the XML-based de­scrip­tion markup language AIML, which is fre­quent­ly used for chatbots.

Bots can perform various simple or complex tasks depending on the al­go­rithms defined in the code. Com­mu­ni­ca­tion usually occurs via internet-based platforms and services, such as instant messaging (IM) or Internet Relay Chat (IRC).

The functions and tasks a bot can perform are as diverse as the range of ap­pli­ca­tions on the internet. The most common functions of a bot include:

• Sup­port­ing com­mu­ni­ca­tion services on instant messaging platforms (e.g. Facebook, Twitter, and WhatsApp);
   
• Au­tonomous data scraping (i.e. data col­lect­ing) and data crawling in which the in­for­ma­tion on a website is searched through, analyzed, and indexed using keywords, pattern matching, and hashtags;
   
• Sim­u­lat­ing and au­tomat­ing pre­de­fined com­mu­ni­ca­tion using specific keywords, al­go­rithms and hashtags (e.g. in chats, on websites, and in customer service);
   
• Using the in­ter­faces of other ap­pli­ca­tions and bots to perform ad­di­tion­al functions (e.g. col­lect­ing and pre­sent­ing data from weather or traffic apps);
   
• Offering and per­form­ing automated services, such as trans­lat­ing, per­son­al­ized ad­ver­tis­ing, and placing orders;
   
• Per­form­ing game functions (e.g. chess); and
   
• Building botnets to create computer networks for the purposes of data theft, scams, and DDoS attacks.

A bot consists of three basic com­po­nents:

1. Ap­pli­ca­tion logic or workflow logic: This is the ex­e­cutable, machine-readable code written by the pro­gram­mer to define the bot’s functions and tasks.
    
2. Database: This contains essential data and in­for­ma­tion that the program can access to perform its function. The database can be actively extended, as is the case with search engine bots (i.e. web crawlers).
    
3. API (ap­pli­ca­tion pro­gram­ming interface): These pro­gram­ming in­ter­faces enable pro­gram­mers to access the functions of other ap­pli­ca­tions without having to write them them­selves. Using specific code in­ter­faces, APIs can integrate foreign software commands into the bot’s code to extend the bot’s functions. For example, a chatbot can integrate the function of a road traffic app into its code to provide traffic in­for­ma­tion to its users via the interface.

Simple bots use the concept of rule-based “if-then-else” pro­gram­ming to execute clear, pre­de­fined commands and tasks. Modern bots are now able to further evolve using ar­ti­fi­cial in­tel­li­gence to extend their own databases and learn new functions and terms. Bots can thus be cat­e­go­rized into rule-based bots and self-learning bots.

Rule-based bots and self-learning bots can be further cat­e­go­rized into five groups based on their primary functions:

1. En­ter­tain­ments bots
2. Com­mer­cial bots
3. Service bots
4. Message bots
5. Malware bots

Bots can be used for a wide range of ap­pli­ca­tions on the internet and are all similar in that they can be used for both legal and illegal purposes.

Commonly used good bots include:

• Social bots: This is a col­lec­tive term for all bots that operate on social media and perform automated tasks related to online support, FAQs, direct messaging, com­ment­ing on posts as well as likes, shares, retweets and follows.
   
• Web crawlers: This type of bot collects and analyzes data and in­for­ma­tion from websites to extend the functions of search engines and com­par­i­son portals, register and index new web content, create links and optimize search requests.
   
• Chat bots: These imitate human chat users and simulate natural com­mu­ni­ca­tion. For example, they can be used as rec­og­niz­able bots in customer service to accept customer service requests and process FAQ requests or as covert bots to simulate real users.
   
• Gaming bots: These are bots that appear in video games as fake players (i.e. non-player char­ac­ters).
   
• Shopping bots: These bots are used to compare online prices and search for the cheapest offers or to select the most popular shopping websites for users.
   
• Mon­i­tor­ing bots: These are used to monitor the status of a website or system.

While bots have many positive functions and numerous services, such as search engines, instant messaging, and com­par­i­son portals, would be im­pos­si­ble without them, they generally have a bad rep­u­ta­tion due to malware and hacker attacks. This is because many bots are developed specif­i­cal­ly for the purpose of per­form­ing illegal and harmful ac­tiv­i­ties.

The following are some types of malware or malicious bots:

• Pro­pa­gan­da or ma­nip­u­la­tive bots: These are social bots that simulate user profiles, shape digital opinions, and spread political messages, fake news, and con­spir­a­cy theories. They can also react to comments and posts based on keywords.
   
• Scam/phishing bots: These bots commit data theft through pseudo-links, fake emails and fake websites.
   
• Key­log­ging bots: These bots are used to log message traffic or to record, store, and forward all activity on a computer.
   
• File-sharing bots: These bots respond to targeted search requests and offer users a link to the desired search term. When the user clicks on the link, the bot can infect the computer.
   
• Spam bots: These bots send large amounts of spam emails and use the address books and contacts of un­sus­pect­ing users to expand the reach of their spam in a targeted manner.
   
• Zombie bots: Zombie bots are computers that have been infected by malware or that have been in­te­grat­ed into a botnet to provide computing power for large-scale botnet attacks. It is often difficult to identify com­pro­mised computers that are part of a botnet.
   
• Botnets: A botnet is a col­lec­tion of infected computers that are connected together in a network and employed by malware bot users for DDoS attacks.

Malware bots are used for a variety of illegal ac­tiv­i­ties. These include:

• Carrying out data and identity theft by scraping, phishing and key­log­ging sensitive in­for­ma­tion, such as passwords, banking in­for­ma­tion, and addresses;
   
• Per­form­ing dis­trib­uted denial-of-service attacks (DDoS) which can paralyze servers by over­load­ing them with massive amounts of data traffic;
   
• Using backdoors in computer security systems to infect those systems; and
   
• Re­trans­mit­ting spam to redirect data packets.

The following are the five most common large-scale bot attacks:

• DDoS attacks: These are used to target and overload servers (see above).
   
• Spamming and traffic mon­i­tor­ing: This is used for over­load­ing mail servers or carrying out large-scale data theft.
   
• Denial of inventory attacks: These attacks target online shops to list their products as “not available”.
   
• Scraping attacks: These are used to steal and sell data.
   
• Cre­den­tial stuffing attacks: These attacks use stolen account in­for­ma­tion to carry out automated, large-scale login attempts.