140 likes | 248 Views
Badvertisements : Stealthy Click-Fraud with Unwitting Accessories. Authors: Mona Gandhi, Markus Jakobsson , Jacob Ratkiewicz (Indiana University at Bloomington). Presented By: Lakshmy Mohanan. Overview. What are Badvertisements Facades and Dual Personality pages
E N D
Badvertisements: Stealthy Click-Fraudwith Unwitting Accessories Authors: Mona Gandhi, Markus Jakobsson, Jacob Ratkiewicz (Indiana University at Bloomington) Presented By: LakshmyMohanan
Overview • What are Badvertisements • Facades and Dual Personality pages • Making of a Badvertisement • Hiding the implementation • Prevention • Economic impact Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 2
Where it fits in with the course Lecture: Click FraudInvalid ClicksTypes of Click FraudWhy the Click Fraud detection techniques mentioned in the class will not work? This is a type of Click Laundering mechanism. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 13
BADvertisements Code that silently generates automatic click-throughs on advertisement banners when users visit the site.Targeted at the unwitting advertiserAppear to be clicked by the legitimate users but are invisible to them. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 3
Why is this BAD? Easier than infecting a machine with malware.Not detected by click fraud detection algorithms (since it appears as if click originated from a valid user on an allowed webpage)No user complaints! Random enough to not get detected and wide spread enough to earn a lot of revenue.Worse for the advertiser : Ad is never even seen. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 4
Facades and Dual-Personality Pages Dual personality page appears differently when viewed by different agents.Typically one “personality” of the page may be termed “good,” and the other “evil.” • Façade what the visitors see. • Shows them content only, hiding advertisements and auto-clicking. • Purpose is to hide the badvertisements from the users. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 5
ATTTAAACK! Two parts of the attack:DeliveryBrings users to the corrupt information Brings corrupt information to the usersExecution Causes the automated but invisible display of an advertisement to a targeted user Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 6
Execution Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 7
More BADness.. Known ways to detect click fraud will not work 1) Large Number of Clicks from the same IP. 2) Statistically learning average click through rates for ads and then detecting deviations. Suspicious Java Script is hard to pinpoint Since crawlers ignore JavaScript Content What’s Worse than BAD: JavaScript can be obfuscated to the point that you have to execute the code to know what it does Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 8
Hiding.. From Clients Achieved by using the Dual Personality page. From Ad Providers – (and Auditing Spiders)Assigning Unique IDs to visitors entering the dual-personality page via the Façade. When it is given no ID or a visited ID it shows itsgood side. Camouflage rules Don’t “click” all ads. Chains of colluding sites Detect if visitor is a human by using CAPTCHAs Showing the Evil side only if the user has actually used the Façade. (Rather than just visiting it – like the spider) Check users browser history to determine ‘safeness’ Use spam mails which link to a server that is not listed on search engines Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 9
Detection & Prevention These can be divided into two classes: Active:-Active schemes that attempt to seek out instances of click fraudInteracts with search engines, performs popular searches, and visits the resulting sites(posing as users.)PassiveWatch for click fraud in progress.Suited for detection of email-instigated click-fraud. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 10
Economic Analysis Revenue for the fraudster is proportional to:Risk Factor Number of users attacked. Probability of showing evil side Probability that a user will visit the site repeatedly Average benefit per clickWhat we can Control:- Risk Factor Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 11
Economic Analysis Above graph shows how much a fraudster can earn given he carries out n attacks, each with a probability p of being instantly caught. (p increases as more counter measures are put in place) Reward per click is $1.00 Reward Per Click is $0.25 Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 12
Pros & Cons • Pro • Detailed explanation of concepts • Explains in detail as to why this kind of an attack is a big deal • Cons • Does not explain prevention of attacks in as much detail as the method to carry out the attacks • None of the methods of prevention offer 100% protection. Apr-18-2013 Badvertisements: Stealthy Click-Fraud with Unwitting Accessories 14