What Does Bothunter Mean?

In IT, a bothunter is a tool provisioned to assess or work with virtual “bots.” A common example of a bothunter is a UNIX utility (known as “BotHunter”) that looks at “bot” behavior within a network.


Techopedia Explains Bothunter

The makers of the Unix BotHunter describe it as a “network defense algorithm” that detects certain kinds of automated scripts such as spambots, worms, adware and different types of malware programs. The BotHunter tool is partially derived from an algorithm referred to as “network dialog correlation” developed in private research by trade groups.

Using the network traffic analysis tool known as Snort, BotHunter analyzes individual data exchanges to figure out whether they represent certain types of malware processes. BotHunter compares its collected processes against models or profiles of various malware infections. In other words, rather than defining actual collected data against the baseline for what is normal in a network, BotHunter tries to use profiles of infection activity to characterize what it finds in a given network cycle.

Automated scripts characterized as “bots” play a wide variety of roles in data transmission across global networks. While some of them can be relatively innocuous, others can be identified as certain types of cyberattacks or hacking. Tools like bothunters help security professionals to build more secure systems and use more network monitoring tools to protect their digital assets.


Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…