Clicktok: Click Fraud Detection using Traffic Analysis

03/02/2019
by   Shishir Nagaraja, et al.
0

Advertising is a primary means for revenue generation for millions of websites and smartphone apps (publishers). Naturally, a fraction of publishers abuse the ad-network to systematically defraud advertisers of their money. Defenses have matured to overcome some forms of click fraud but are inadequate against the threat of organic click fraud attacks. Malware detection systems including honeypots fail to stop click fraud apps; ad-network filters are better but measurement studies have reported that a third of the clicks supplied by ad-networks are fake; collaborations between ad-networks and app stores that bad-lists malicious apps works better still, but fails to prevent criminals from writing fraudulent apps which they monetise until they get banned and start over again. This work develops novel inference techniques that can isolate click fraud attacks using their fundamental properties. In the mimicry defence, we leverage the observation that organic click fraud involves the re-use of legitimate clicks. Thus we can isolate fake-clicks by detecting patterns of click-reuse within ad-network clickstreams with historical behaviour serving as a baseline. Second, in bait-click defence. we leverage the vantage point of an ad-network to inject a pattern of bait clicks into the user's device, to trigger click fraud-apps that are gated on user-behaviour. Our experiments show that the mimicry defence detects around 81% of fake-clicks in stealthy (low rate) attacks with a false-positive rate of 110110 per hundred thousand clicks. Bait-click defence enables further improvements in detection rates of 95% and reduction in false-positive rates of between 0 and 30 clicks per million, a substantial improvement over current approaches.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
09/13/2020

Proximity Tracing in an Ecosystem of Surveillance Capitalism

Proximity tracing apps have been proposed as an aide in dealing with the...
research
05/24/2021

Dissecting Click Fraud Autonomy in the Wild

Although the use of pay-per-click mechanisms stimulates the prosperity o...
research
02/05/2020

MadDroid: Characterising and Detecting Devious Ad Content for Android Apps

Advertisement drives the economy of the mobile app ecosystem. As a key c...
research
01/20/2022

Android Malware Detection using Feature Ranking of Permissions

We investigate the use of Android permissions as the vehicle to allow fo...
research
04/27/2021

Metamorphic Detection of Repackaged Malware

Machine learning-based malware detection systems are often vulnerable to...
research
03/16/2020

Characterizing Cryptocurrency Exchange Scams

As the indispensable trading platforms of the ecosystem, hundreds of cry...
research
07/30/2023

Theoretically Principled Trade-off for Stateful Defenses against Query-Based Black-Box Attacks

Adversarial examples threaten the integrity of machine learning systems ...

Please sign up or login with your details

Forgot password? Click here to reset