1 / 14

Badvertisements : Stealthy Click-Fraud with Unwitting Accessories

Badvertisements : Stealthy Click-Fraud with Unwitting Accessories. Authors: Mona Gandhi, Markus Jakobsson , Jacob Ratkiewicz (Indiana University at Bloomington). Presented By: Lakshmy Mohanan. Overview. What are Badvertisements Facades and Dual Personality pages

kiaria
Télécharger la présentation

Badvertisements : Stealthy Click-Fraud with Unwitting Accessories

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Badvertisements: Stealthy Click-Fraudwith Unwitting Accessories Authors: Mona Gandhi, Markus Jakobsson, Jacob Ratkiewicz (Indiana University at Bloomington) Presented By: LakshmyMohanan

  2. Overview • What are Badvertisements • Facades and Dual Personality pages • Making of a Badvertisement • Hiding the implementation • Prevention • Economic impact Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 2

  3. Where it fits in with the course Lecture: Click FraudInvalid ClicksTypes of Click FraudWhy the Click Fraud detection techniques mentioned in the class will not work? This is a type of Click Laundering mechanism. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 13

  4. BADvertisements Code that silently generates automatic click-throughs on advertisement banners when users visit the site.Targeted at the unwitting advertiserAppear to be clicked by the legitimate users but are invisible to them. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 3

  5. Why is this BAD? Easier than infecting a machine with malware.Not detected by click fraud detection algorithms (since it appears as if click originated from a valid user on an allowed webpage)No user complaints! Random enough to not get detected and wide spread enough to earn a lot of revenue.Worse for the advertiser : Ad is never even seen. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 4

  6. Facades and Dual-Personality Pages Dual personality page  appears differently when viewed by different agents.Typically one “personality” of the page may be termed “good,” and the other “evil.” • Façade  what the visitors see. • Shows them content only, hiding advertisements and auto-clicking. • Purpose is to hide the badvertisements from the users. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 5

  7. ATTTAAACK! Two parts of the attack:DeliveryBrings users to the corrupt information Brings corrupt information to the usersExecution Causes the automated but invisible display of an advertisement to a targeted user Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 6

  8. Execution Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 7

  9. More BADness.. Known ways to detect click fraud will not work 1) Large Number of Clicks from the same IP. 2) Statistically learning average click through rates for ads and then detecting deviations. Suspicious Java Script is hard to pinpoint Since crawlers ignore JavaScript Content What’s Worse than BAD: JavaScript can be obfuscated to the point that you have to execute the code to know what it does Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 8

  10. Hiding.. From Clients Achieved by using the Dual Personality page. From Ad Providers – (and Auditing Spiders)Assigning Unique IDs to visitors entering the dual-personality page via the Façade. When it is given no ID or a visited ID it shows itsgood side. Camouflage rules  Don’t “click” all ads.  Chains of colluding sites  Detect if visitor is a human by using CAPTCHAs  Showing the Evil side only if the user has actually used the Façade. (Rather than just visiting it – like the spider) Check users browser history to determine ‘safeness’  Use spam mails which link to a server that is not listed on search engines Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 9

  11. Detection & Prevention These can be divided into two classes: Active:-Active schemes that attempt to seek out instances of click fraudInteracts with search engines, performs popular searches, and visits the resulting sites(posing as users.)PassiveWatch for click fraud in progress.Suited for detection of email-instigated click-fraud. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 10

  12. Economic Analysis Revenue for the fraudster is proportional to:Risk Factor Number of users attacked. Probability of showing evil side Probability that a user will visit the site repeatedly Average benefit per clickWhat we can Control:- Risk Factor Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 11

  13. Economic Analysis Above graph shows how much a fraudster can earn given he carries out n attacks, each with a probability p of being instantly caught. (p increases as more counter measures are put in place) Reward per click is $1.00 Reward Per Click is $0.25 Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 12

  14. Pros & Cons • Pro • Detailed explanation of concepts • Explains in detail as to why this kind of an attack is a big deal • Cons • Does not explain prevention of attacks in as much detail as the method to carry out the attacks • None of the methods of prevention offer 100% protection. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 14

More Related