Researchers may have solved the click fraud problem
Posted on 27 September 2013.
Click fraud is a considerable drain on the finances of both advertiser and ad networks, but a group of researchers believed that they have managed to create a simple solution that is able to detect all the currently most used click-spam schemes.

"Ad networks today, sadly, rely primarily on security through obscurity to defend against click-spam," noted the researchers, and introduced ViceROI, an algorithm that detects click-spam attacks by working on the premise that click spammers are looking for a higher ROI than ethical business models to offset the risk of getting caught.

"Ad networks today filter click-spam reactively and in an ad-hoc manner ó when a specific attack is detected (often by the impacted advertiser), the ad networks creates a filter tuned to the detected attack," they explain. "Reactive filtering harms advertisers since attacks may go undetected for months [...] Furthermore, ad-hoc point-solutions are quickly circumvented by attackers, e.g., avoiding the IP blacklist by using a distributed botnet, potentially adding months before the attack is rediscovered by a more savvy advertiser."

In addition to this, the ad networks' tendency to guard their filtering techniques is easily annulled by the never-ending evolution of click-spam malware.

So, the researchers have had the interesting idea of hitting spammers where it hurts - their wallet.

"Viceroi, in essence, flags publishers with anomalously high ROI. While publisher ROI is hard to estimate, in practice we found per-user revenue a close proxy," the researchers explain. "To avoid detection by Viceroi, click-spammers must reduce their per-user revenue to that of an ethical publisher. At which point, without the economic incentive to offset the risk of getting caught (by approaches complementing Viceroi), the net effect is a disincentive to commit click-spam."

And it works. They have tested the algorithm by cooperating with a large real-world ad network, and say that the technique spots six different classes of click-spam attacks - malware-driven, search-hijacking, arbitrage, conversion- fraud, ad-injection, and parked-domains - without additional tuning (for detailed case studies, read the whitepaper).

Viceroi can't "say" for sure that the publishers it spots are definitely click-spammers, but it allows the ad networks to manually review and investigate a much smaller number of potential fraudulent enterprises.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th