Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authors: Mona Gandhi, Markus Jakobsson, Jacob Ratkiewicz (Indiana University at Bloomington) Presented By: Lakshmy Mohanan.

Published byBertha Logan Modified over 9 years ago

Similar presentations

Presentation on theme: "Authors: Mona Gandhi, Markus Jakobsson, Jacob Ratkiewicz (Indiana University at Bloomington) Presented By: Lakshmy Mohanan."— Presentation transcript:

1 Authors: Mona Gandhi, Markus Jakobsson, Jacob Ratkiewicz (Indiana University at Bloomington) Presented By: Lakshmy Mohanan

2 What are Badvertisements Facades and Dual Personality pages Making of a Badvertisement Hiding the implementation Prevention Economic impact Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-20132

3 Lecture: Click Fraud  Invalid Clicks  Types of Click Fraud  Why the Click Fraud detection techniques mentioned in the class will not work?  This is a type of Click Laundering mechanism. Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-201313

4 Code that silently generates automatic click-throughs on advertisement banners when users visit the site. Targeted at the unwitting advertiser Appear to be clicked by the legitimate users but are invisible to them. Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-20133

5 Easier than infecting a machine with malware. Not detected by click fraud detection algorithms (since it appears as if click originated from a valid user on an allowed webpage) No user complaints! Random enough to not get detected and wide spread enough to earn a lot of revenue. Worse for the advertiser : Ad is never even seen. Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-20134

6 Dual personality page  appears differently when viewed by different agents. Typically one “personality” of the page may be termed “good,” and the other “evil.” Façade  what the visitors see. Shows them content only, hiding advertisements and auto-clicking. Purpose is to hide the badvertisements from the users. Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-20135

7 Two parts of the attack: Delivery  Brings users to the corrupt information  Brings corrupt information to the users Execution  Causes the automated but invisible display of an advertisement to a targeted user Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-20136

8 Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-20137

9 Known ways to detect click fraud will not work Suspicious Java Script is hard to pinpoint Since crawlers ignore JavaScript Content 1) Large Number of Clicks from the same IP. 2) Statistically learning average click through rates for ads and then detecting deviations. What’s Worse than BAD: JavaScript can be obfuscated to the point that you have to execute the code to know what it does Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-20138

10 From Ad Providers – (and Auditing Spiders) Assigning Unique IDs to visitors entering the dual-personality page via the Façade. When it is given no ID or a visited ID it shows its good side. From Clients Achieved by using the Dual Personality page. Camouflage rules  Don’t “click” all ads.  Chains of colluding sites  Detect if visitor is a human by using CAPTCHAs  Showing the Evil side only if the user has actually used the Façade. (Rather than just visiting it – like the spider)  Check users browser history to determine ‘safeness’  Use spam mails which link to a server that is not listed on search engines Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-20139

11 These can be divided into two classes: Active:-  Active schemes that attempt to seek out instances of click fraud  Interacts with search engines, performs popular searches, and visits the resulting sites(posing as users.) Passive  Watch for click fraud in progress.  Suited for detection of email-instigated click-fraud. Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-201310

12 Revenue for the fraudster is proportional to:  Risk Factor  Number of users attacked.  Probability of showing evil side  Probability that a user will visit the site repeatedly  Average benefit per click What we can Control:- Risk Factor Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-201311

13 Above graph shows how much a fraudster can earn given he carries out n attacks, each with a probability p of being instantly caught. (p increases as more counter measures are put in place) Reward per click is $1.00 Reward Per Click is $0.25 Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-201312

14 Pro  Detailed explanation of concepts  Explains in detail as to why this kind of an attack is a big deal Cons  Does not explain prevention of attacks in as much detail as the method to carry out the attacks  None of the methods of prevention offer 100% protection. Badvertisements: Stealthy Click-Fraud with Unwitting AccessoriesApr-18-201314

Download ppt "Authors: Mona Gandhi, Markus Jakobsson, Jacob Ratkiewicz (Indiana University at Bloomington) Presented By: Lakshmy Mohanan."

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Reinventing Email using REST. Anything addressable by a URI is called a resource GET, PUT, POST, DELETE WebDAV (MOVE, LOCK)

Reinventing using REST. Anything addressable by a URI is called a resource GET, PUT, POST, DELETE WebDAV (MOVE, LOCK)
Tutorial 6 Creating a Web Form

Tutorial 6 Creating a Web Form
Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.

Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.
Understanding and Detecting Malicious Web Advertising

Understanding and Detecting Malicious Web Advertising
Google AdSense Presented by: Naresh Gourishetty.

Google AdSense Presented by: Naresh Gourishetty.
What is WEB SPAM Many slides from a lecture by Marc Najork, Microsoft: “Detecting Spam Web Pages”

What is WEB SPAM Many slides from a lecture by Marc Najork, Microsoft: “Detecting Spam Web Pages”
On the Incoherencies in Web Browser Access Control Policies Authors: Kapil Singh, et al Presented by Yi Yang.

On the Incoherencies in Web Browser Access Control Policies Authors: Kapil Singh, et al Presented by Yi Yang.
The Evolution of Online Advertisement Casey Shannon CompSci 49S February 21, 2008.

The Evolution of Online Advertisement Casey Shannon CompSci 49S February 21, 2008.
Detecting Fraudulent Clicks From BotNets 2.0 Adam Barth Joint work with Dan Boneh, Andrew Bortz, Collin Jackson, John Mitchell, Weidong Shao, and Elizabeth.

Detecting Fraudulent Clicks From BotNets 2.0 Adam Barth Joint work with Dan Boneh, Andrew Bortz, Collin Jackson, John Mitchell, Weidong Shao, and Elizabeth.
Web Page Behavior IS 373—Web Standards Todd Will.

Web Page Behavior IS 373—Web Standards Todd Will.
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.

COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
Lecture 16 Page 1 CS 236 Online Cross-Site Scripting XSS Many sites allow users to upload information –Blogs, photo sharing, Facebook, etc. –Which gets.

Lecture 16 Page 1 CS 236 Online Cross-Site Scripting XSS Many sites allow users to upload information –Blogs, photo sharing, Facebook, etc. –Which gets.
CLICK FRAUD Alexander Tuzhilin By Vinny Rey. Why was the study done? Google was getting sued by advertisers because of click fraud. Google agreed to have.

CLICK FRAUD Alexander Tuzhilin By Vinny Rey. Why was the study done? Google was getting sued by advertisers because of click fraud. Google agreed to have.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.

 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Login Screen This is the Sign In page for the Dashboard Enter Id and Password to sign In New User Registration.

Login Screen This is the Sign In page for the Dashboard Enter Id and Password to sign In New User Registration.
Marketing with YouTube Why is YouTube Important? 3,000,000,000 + Views a Day That’s double the prime-time audience of all 3 major TV networks combined.

Marketing with YouTube Why is YouTube Important? 3,000,000,000 + Views a Day That’s double the prime-time audience of all 3 major TV networks combined.
11 The Ghost In The Browser Analysis of Web-based Malware Reporter: 林佳宜 Advisor: Chun-Ying Huang 2010/3/29.

11 The Ghost In The Browser Analysis of Web-based Malware Reporter: 林佳宜 Advisor: Chun-Ying Huang /3/29.

Similar presentations

Ads by Google