Researchers may have solved the click fraud problem
Posted on 27 September 2013.
Click fraud is a considerable drain on the finances of both advertiser and ad networks, but a group of researchers believed that they have managed to create a simple solution that is able to detect all the currently most used click-spam schemes.

"Ad networks today, sadly, rely primarily on security through obscurity to defend against click-spam," noted the researchers, and introduced ViceROI, an algorithm that detects click-spam attacks by working on the premise that click spammers are looking for a higher ROI than ethical business models to offset the risk of getting caught.

"Ad networks today filter click-spam reactively and in an ad-hoc manner when a specific attack is detected (often by the impacted advertiser), the ad networks creates a filter tuned to the detected attack," they explain. "Reactive filtering harms advertisers since attacks may go undetected for months [...] Furthermore, ad-hoc point-solutions are quickly circumvented by attackers, e.g., avoiding the IP blacklist by using a distributed botnet, potentially adding months before the attack is rediscovered by a more savvy advertiser."

In addition to this, the ad networks' tendency to guard their filtering techniques is easily annulled by the never-ending evolution of click-spam malware.

So, the researchers have had the interesting idea of hitting spammers where it hurts - their wallet.

"Viceroi, in essence, flags publishers with anomalously high ROI. While publisher ROI is hard to estimate, in practice we found per-user revenue a close proxy," the researchers explain. "To avoid detection by Viceroi, click-spammers must reduce their per-user revenue to that of an ethical publisher. At which point, without the economic incentive to offset the risk of getting caught (by approaches complementing Viceroi), the net effect is a disincentive to commit click-spam."

And it works. They have tested the algorithm by cooperating with a large real-world ad network, and say that the technique spots six different classes of click-spam attacks - malware-driven, search-hijacking, arbitrage, conversion- fraud, ad-injection, and parked-domains - without additional tuning (for detailed case studies, read the whitepaper).

Viceroi can't "say" for sure that the publishers it spots are definitely click-spammers, but it allows the ad networks to manually review and investigate a much smaller number of potential fraudulent enterprises.









Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //