"We have spent over a year tracking the bad guys attacking advertising," says White Ops CEO, Michael Tiffany. "This code started out robbing online banks—but apparently, it's easier, safer, and more profitable to steal from the $36 billion spent yearly on online advertising."
Dan Kaminsky, Chief Scientist of White Ops and the well-known security researcher who led the all-time largest synchronized fix to the Internet, adds, "Ad fraud has become the primary cash out point for Internet fraudsters. This is what is getting average people's computers broken into, compromising their privacy and undermining the very foundations of Internet safety. Something must be done, and we're doing it."
Kaminsky continues: "Some people assume fraud is just a 'cost of doing business,' and is evenly distributed at some affordable single digit rate. What we are actually finding is wide variability—some sites are remarkably clean, with less than a percentage point of fraud. Others have fraud rates exceeding 90%." Tiffany concludes: "It's not merely the 'dregs of the Internet' that get infested. Major properties are getting raided. They often don't know. We're helping them find out and stop paying these thieves."
The fundamental consequence is that anyone who pays for advertising on the Internet is likely paying for ad impressions that never actually occur, rending the traditional advertising metric of CPM (cost per thousand impressions) meaningless.
The White Ops solution introduces the fundamental metric that matters: "Cost per Human," the real cost of reaching humans that will ultimately buy products or services—not bots, which do nothing but falsely inflate metrics.
By applying the techniques of Side Channel Analysis (the practice of looking at specific characteristics of a signal to determine the nature of the signal itself) to review several thousand variables in signals leaked during individual user sessions, White Ops is able to accurately differentiate, in real time, between a human and machine-driven ad request, regardless of the sophistication of the bot programmer.
This approach varies from the methods generally employed by current fraud detection services, which rely on statistical and predictive analysis to detect impression fraud. While that type of anomaly detection has its strengths, it is usually dependent upon a large body of historical, static data that, at most, uncovers simple, unsophisticated methods of fraud. This makes it difficult to detect the more advanced bot types that incorporate randomness and change in their behavior models.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.