Understanding user goals in web search
Proceedings of the 13th international conference on World Wide Web
Detectives: detecting coalition hit inflation attacks in advertising networks streams
Proceedings of the 16th international conference on World Wide Web
Combating click fraud via premium clicks
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
SLEUTH: Single-pubLisher attack dEtection Using correlaTion Hunting
Proceedings of the VLDB Endowment
Spamalytics: an empirical analysis of spam marketing conversion
Proceedings of the 15th ACM conference on Computer and communications security
SBotMiner: large scale search bot detection
Proceedings of the third ACM international conference on Web search and data mining
Fighting online click-fraud using bluff ads
ACM SIGCOMM Computer Communication Review
Got traffic?: an evaluation of click traffic providers
Proceedings of the 2011 Joint WICOW/AIRWeb Workshop on Web Quality
Click Trajectories: End-to-End Analysis of the Spam Value Chain
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
What's clicking what? techniques and innovations of today's clickbots
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
Measuring pay-per-install: the commoditization of malware distribution
SEC'11 Proceedings of the 20th USENIX conference on Security
Fashion crimes: trending-term exploitation on the web
Proceedings of the 18th ACM conference on Computer and communications security
User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Measuring and fingerprinting click-spam in ad networks
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
PharmaLeaks: understanding the business of online pharmaceutical affiliate programs
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Dissecting ghost clicks: ad fraud via misdirected human clicks
Proceedings of the 28th Annual Computer Security Applications Conference
Click-fraud monetizing malware: A survey and case study
MALWARE '12 Proceedings of the 2012 7th International Conference on Malicious and Unwanted Software (MALWARE)
Impression fraud in online advertising via pay-per-view networks
SEC'13 Proceedings of the 22nd USENIX conference on Security
DECAF: detecting and characterizing ad fraud in mobile apps
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
Click-spam in online advertising, where unethical publishers use malware or trick users into clicking ads, siphons off hundreds of millions of advertiser dollars meant to support free websites and apps. Ad networks today, sadly, rely primarily on security through obscurity to defend against click-spam. In this paper, we present Viceroi, a principled approach to catching click-spam in search ad networks. It is designed based on the intuition that click-spam is a profit-making business that needs to deliver higher return on investment (ROI) for click-spammers than other (ethical) business models to offset the risk of getting caught. Viceroi operates at the ad network where it has visibility into all ad clicks. Working with a large real-world ad network, we find that the simple-yet-general Viceroi approach catches over six very different classes of click-spam attacks (e.g., malware-driven, search-hijacking, arbitrage) without any tuning knobs.