What is BotHunter?
In IT, a sub-program is a tool that is provided to evaluate or work with virtual 'bots'. A typical example of a subfolder is a UNIX utility (known as 'BotHunter') that looks at 'bot' behavior on a network.
The makers of Unix BotHunter describe it as a 'network defense algorithm' that detects certain types of automated scripts such as spambots, worms, adware, and various types of malware programs. The BotHunter tool is derived in part from an algorithm known as 'network dialogue correlation', which was developed in private research by trade groups.
With the help of the network traffic analysis tool Snort, BotHunter analyzes the individual data exchanges to find out whether they represent certain types of malware processes. BotHunter compares its collected processes with models or profiles of various malware infections. In other words, rather than baseline what is normal on a network to define actual data collected, BotHunter seeks to use infectious activity profiles to characterize what is found in a given network cycle.
Automated scripts known as 'bots' play a variety of roles in transferring data over global networks. While some of them can be relatively harmless, others can be identified as certain types of cyberattack or hacking. With tools like both tools, security professionals can build more secure systems and use more network monitoring tools to protect their digital assets.