Countering click spam: Researchers test new algorithm to detect, combat fraudulent clicks online

Nov 04, 2013
Countering click spam: Researchers test new algorithm to detect, combat fraudulent clicks online
Anatomy of a click

(Phys.org) —When is a click not a click? When an advertising network registers a click on one of their online advertisements, how can it be sure that a single consumer – a "pair of eyeballs" in Madison Avenue jargon – and not a malware computer program, is behind that one click? Or that the viewer's click was intentional, not induced by deceptive or misleading advertising?

Click-spam has become a little-known way of life on the Internet. Little known, compared to other types of spam, because much of the fraud is targeted at the , rather than at consumers directly. So what happens when an automated system can "click" on hundreds of ads in less than a second?

Given that U.S. online advertising tops $36 billion a year, even a small fraction of fraudulent clicks on Web advertisements adds up.

"Hundreds of millions of dollars are siphoned off in ad revenues based on illicit click-spam schemes," said University of California, San Diego computer science and engineering postdoctoral researcher Vacha Dave. "We knew click-spam was out there, but the hard part was how to prove the fraud scientifically. So we came up with an approach based on what the most frequent scams have in common."

"Vacha has become a real expert on click fraud in Web ," said CSE professor Geoffrey Voelker, who is affiliated with Calit2's Qualcomm Institute. "The approach she designed was recently put in place by a major ad network and has had an immediate major impact."

In a paper to be presented November 7 in the "Web Attacks" session of the ACM Conference on Computer and Communications Security in Berlin, Germany, Dave (pronounced dah-veh) will spell out a new approach to fighting click-spam. She and her co-authors Yin Zhang at the University of Texas at Austin and Saikat Guha at Microsoft Research India came up with a catchy name for the algorithm they created to catch click-spam in search ad networks. They call it ViceROI, and it's designed to be deployed at the ad network where it has visibility into all ad clicks.

"We designed ViceROI based on the intuition that click-spam is a profit-making business that needs to deliver higher return on investment – ROI – for click-spammers than other ethical business models in order to offset the downside risk of getting caught," said the researcher. "Click-spam publishers should therefore have inordinately high return on investment." Figuring out actual ROI can be difficult because ad networks jealously guard their data, so the researchers employed revenue-per-user estimates as a close proxy for ROI.

Dave was in a unique position with her colleagues to test what they call the "simple-but-general ViceROI approach." They were given access to real-world data from a large ad network.

Until now, the UC San Diego researcher said, ad networks typically responded to click-spam reactively. They would react after an advertiser complained about being billed excessively because of click-spam, e.g., if it was getting thousands of clicks from the same IP address and none of the clicks led to paid transactions. The ad network would simply block or filter clicks from that IP address going forward. But the lack of transparency has often led to click-spam not being uncovered for years at a time (in one case cited by the paper, four years and $14 million in fraudulent clicks, uncovered after the fact). In other cases, an offender could get around a filter by using a distributed botnet to make the same number of clicks, but all from different IP addresses to avoid detection.

According to Dave, she tested the ViceROI algorithm on a real-world dataset. Out of the tens of thousands of publishers in the data set, ViceROI flagged several hundred which apparently were resorting to click-spam of various sorts. The researchers then investigated manually roughly one-hundred of the flagged publishers. The result: they found at least three spam publishers in each of six types of click-spam: conversion fraud; ad injection; search hijacking; malware; arbitrage; and parked domains.

"The ViceROI approach flags click-spam through all these mechanisms and… is resilient against click-spammers using larger botnets over time," reported the paper's authors, adding that their approach "ranked among the best existing filters deployed by the ad-network today while being far more general."

As part of their research, the team also placed so-called "bluff" ads. Bluffs are nonsensical and therefore highly unlikely to be clicked on by consumers. So if the ad started attracting clicks, the assumption was that they were most likely coming from click-spammers – allowing the researchers to assess the accuracy of their algorithm by using bluff as benchmarks for comparison.

Another challenge, according to Dave, is tracing where fraudulent clicks come from.  "Botnets and botmasters make it very difficult to be certain about the source of click-spam," said the UCSD researcher. "Even ad networks are reluctant to talk openly about what's being done to combat fraud in this area, because it will inevitably lead spammers to find new ways around new technologies put in place at the ad-network level."

The Conference on Computer and Communications Security (CCS) runs Nov. 4-8. It's the flagship annual conference of ACM's Special Interest Group on Security, Audit and Control (SIGSAC). Information security researchers, practitioners, developers and users worldwide attend CCS to explore cutting-edge ideas and results.

Explore further: Spanish scientists create algorithms to measure sentiment on social networks

More information: www.sigsac.org/ccs/CCS2013/index.html

Related Stories

Fighting back against click-spam

Aug 16, 2012

Remember that time, a decade or so ago, when spam was the scourge of the Internet, when the sheer volume of junk email threatened to engulf legitimate correspondence and short-circuit the promise of the digital ...

Hacker 'botnet' hijacked online searches

Feb 07, 2013

Software titan Microsoft and computer security giant Symantec said Thursday that they smashed a hacker-infected computer network that was hijacking Internet searches.

Spammers target Facebook

Apr 04, 2011

Interested in a free iPad like the one your Facebook friend got by filling out a survey?

Yahoo! in online ad alliance with Google

Feb 07, 2013

Yahoo! on Wednesday announced an advertising alliance with Google, the company that dethroned the pioneering Internet firm in the world of Internet search.

Recommended for you

Taxi app Uber defies ban in Spain

16 hours ago

Smartphone car-ride service Uber vowed Friday to keep operating in Spain despite a ban following a lawsuit by taxi drivers and said it would fight the case in court.

Sony film mess reflects gadgets-entertainment gap

Dec 26, 2014

Sony's iconic gadgetry and the star appeal of Hollywood may have appeared to be a perfect match when the electronics giant bought Columbia Pictures in 1989. A quarter century later, it's apparent that Sony ...

Streaming release of 'Interview' test for industry

Dec 25, 2014

Sony's "The Interview" has been a hacking target, a punchline and a political lightning rod. Now, with its release online at the same time it debuts in theaters, it has a new role: a test for a new kind of ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

KBK
1 / 5 (1) Nov 04, 2013
So.... the unwanted spammers rebel against being spammed. Too bad. I thought they deserved each other.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.