Based on the severity of their impact, detection complexity and human-like behavior, the ShieldSquare Dashboard now classifies Bad Bots into 4 generations :

  • 1st Generation Bad Bot
  • 2nd Generation Bad Bot
  • 3rd Generation Bad Bot
  • 4th Generation Bad Bot

1st Generation Bad Bots

These are simple bad bots which attack using basic scripting tools from a limited number of IP addresses.

2nd Generation Bad Bots

These bots operate through website development and testing tools  using ‘headless’ mode. They can maintain cookies and execute JavaScript.

3rd Generation Bad Bots

Bots that use hijacked, full-fledged browsers and can simulate basic human-like interactions, such as keystrokes and mouse movements

4th Generation Bad Bots

These are large-scale, distributed, highly sophisticated and have advanced human-like interaction characteristics

Following are the different types of bad bot categories classified by ShieldSquare.

Bad Bot Generation

Bot Category



1st Generation Bots

Scripted bots

Programmatic browser behavior

Dumb bots with basic programmatic behavior

Bot attacking from Public Cloud

Bot operating from a server hosted in a data center

Bots being operated from a Cloud based data center to generate an attack

Known bad bot signatures

Spoofed browser/User Agent

Bad bots spoofing the useragent of genuine users/legitimate bots or using bad useragents to access the site 

Misbehaving legitimate bots

Commercial bot with malicious intent

Bad traffic generated by commercial bots which are not adding value to your business 

2nd Generation Bots

Reputational Intelligence

Botnet attack trace, Traffic source with bad reputation, User source with bad reputation, Impression matching Collective bot intelligence & honeypots

Active bot signatures caught from ShieldSquare's global collective bot intelligence 

Programmatic Session behavior

Session tampering incident, programmatic session behavior, Signature tampering

Identification of suspicious session behavior on your site/app 

3rd Generation Bots
Malicious browser behaviour

Referrer URL is tampered, 

Programmatic accessing URL identifier, 

Fingerprint test failed / Dynamic Turing test failed, 

Infected device source

Advanced behavior anomaly with multiple validation test failures
Advanced Javascript validation failure

Client side source validation failure, 

Javascript execution failed, 

Automated browser accessing the URLs, 

Spoofed browser impression

Javascript / browser anomaly observation, Identification of automated browser patterns

Misbehaving Users

User source with bad reputation

Identification of suspicious user interaction behavior on your site/app

4th Generation Bots

Emulator tools

Emulator / Impersonator behavior detected

Bots from automated tools attacking Mobile Apps

Low & Slow attack

Programmatic slow bots with signature tampering

Slow trickling bots distributed across longer time frames 

Malicious Intent detected

Suspicious user journey traversal & workflow failure, 

Intent Validation failed, 

Time series analysis check failed, 

Sophisticated bot behavior, 

Behavioral anomaly reported by Machine Learning engine

Sophisticated bots detected by intent based behavior analysis, time series based analysis, browser anomaly detection, clustering based analysis or by any advanced model of Machine learning based bot engine