1 / 13

Privad : Practical Privacy in Online Advertising

Privad : Practical Privacy in Online Advertising. Saikat Guha Bing Cheng Paul Francis Presented by: Alejandro Moncada. Overview. Goal of Privad How it works? Experimental Evaluation Privacy Analysis Conclusions. Goal of Privad. Online advertisement, major economic force in the Internet

merle
Download Presentation

Privad : Practical Privacy in Online Advertising

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Privad: Practical Privacy in Online Advertising SaikatGuhaBing Cheng Paul Francis Presented by: Alejandro Moncada

  2. Overview • Goal of Privad • How it works? • Experimental Evaluation • Privacy Analysis • Conclusions

  3. Goal of Privad • Online advertisement, major economic force in the Internet • Biggest flaw, it doesn’t provide privacy to users • Major advertisement companies have access to users profiles, leaving users private information at risk • Privacy advocates solution is to eliminate online ads • Not possible, to much revenue • Privad aims to satisify both privacy advocates and online ads companies

  4. How It Works? Ad Dissemination Ad Auctions View/Click Reporting Click-Fraud Defense Reference Monitor User Profiling

  5. How it Works? Ad Dissemination From Google search ads measure: 10% of ads well targeted. Disseminate only this 10%, cost effective. For the 90% left, a better approach is needed Pub-sub mechanism Channels are defined according to a set of attributes at the Broker Set of channels known by clients (Dealer maintain a copy) Client joins a channel if profile match

  6. How it works? Ad Auctions Determine which ads and it what order are shown to the users In Privad, both clients and Broker determine which ads are shown First approach: simple auction - Broker run auction to a pub –sub channel - Ads are ranked, this set is sent to the clients - Clients modify ranking after filtering ads - After a click, broker uses original rank to select the second price Second approach: - Ads are sent to clients with a pub-sub channel - For each ad, client computes a score U between 1 and 5. 5 means a match, else random score - Client sent tuples of (Iid, U) to dealer, for ranking to dealer - Dealer mix tuples before sending them to the broker - At broker, ranking is based on global and user modifiers - Broker sends rank to dealer, and then dealer to client

  7. How it Works? View/Click Reporting Views and click need to be reported to the broker, preserving privacy Report contains ad ID (Aid), publisher ID (Pid), and type of event (click, view) Report is encrypted using Broker public key Report is sent to broker via the dealer Dealer attach a request ID (Rid) to the report and keeps a mapping with the client, for security reasons.

  8. How it Works? Click-Fraud Defense • Users or bots clicking on ads to attack a system • Increase a given advertiser’s costs • Increase revenue of publisher • Increase CTR to benefit an advertiser in auctions • Different prevention mechanisms: • Per-user thresholds: Clients that exceeds thresholds set by the broker are flag as suspicious • Blacklist: Clients that participate in botnets. List is shared with other dealers • Honeyfarms: broker tack publisher, after a match, dealer is asked to flag client • Historical statistics: Dealer and Broker maintain statistics about client behavior • Premium clicks: purchase activity = honest behavior • Bait ads: targeting information of one ad, with content of another ad

  9. How it Works? Reference Monitor • Validates messages in and out Follow Privad protocol • Encrypts outbound messages and decrypts inbound messages • Source of randomness • Provide cover traffic • Delays messages to disrupt timing attacks • Provide auditing book • User Profiling: adds to existing cloud based algorithms while preserving privacy.

  10. Experimental Evaluation Broker: Performance of subscribe and report messages: Achieve a throughput of 6K subscribe and report request/second. All lookups at the broker are O(1). Dealer: Forward 15K requests/second Client: Can populate ads in 31ms Doubleclick took 129ms

  11. Privacy Analysis • Trust Assumptions: Only reference monitor • Covert Channels: Hard to achieve, messages from same source cant be linked. Also the reference model adds delays to prevent attacks • Attacks and Defenses: • Attacker at Client: Attacker installs malware. Privad does not protect against malware • Attacker at Dealer: - Attacker attempts to lear user profile info. Dealer cant inspect content of messages, it only proxies these, everything is encrypted - Dealer uses click-fraud. Broker can detect this behavior - Attack to learn which user send reports. Too much noise to detect the user

  12. Privacy Analysis • Attacker at Broker: • Broker attempts to link messages. Monitor disrupt timing based correlations and Privad messages does not content information that will link two messages. • In second price auctions, broker attempts to link to ads through different pub-subs. Dealer mechanisms avoid these attacks • Broker acts as a dealer and hijack clients messages. Reference monitor can add CA and TLS between client and dealer • Broker creates a unique channel to identify a user. Channels are auditable,

  13. Conclusions • Privad aims to satisfy commercial and private side of online advertising • Future work includes better profiling, how to improve auctions, and how to improve bait approach for click-fraud • Statistical approach to gather more info about users and maintining privacy

More Related