Journal of Information Security and Cryptography (Enigma)

Click fraud detection consists of identifying the intention behind received clicks, given only technical data and context information. Reviewing concepts involved in click fraud practices and related work, a system that detects and prevents this type of fraud is proposed and implemented. The system is based and implemented on an ad network, one of the 3 main agents in the online ad environment, and for its validation, 3 servers were used, representing the publisher, the ad network with the system implemented and the announcer, and a bot that attempts to commit a click fraud.

click fraud; online security; bots; system architecture

C. McNair, “US ad spending: eMarketer’s updated estimates and forecast for 2017,” Sep. 2017.

H. Xu, D. Liu, A. Koehl, H. Wang, and A. Stavrou, “Click fraud detection on the advertiser side,” in European Symposium on Research in Computer Security. 1em plus 0.5em minus 0.4em Springer, 2014, pp. 419–438. doi: 10.1007/978-3-319-11212-1_24

N. Daswani, C. Mysen, V. Rao, S. Weis, K. Gharachorloo, and S. Ghosemajumder, “Online advertising fraud,” Crimeware: understanding new attacks and defenses, vol. 40, no. 2, pp. 1–28, 2008.

R. J. Oentaryo, E.-P. Lim, M. Finegold, D. Lo, F. Zhu, C. Phua, E.-Y. Cheu, G.-E. Yap, K. Sim, M. N. Nguyen et al., “Detecting click fraud in online advertising: a data mining approach.” Journal of Machine Learning Research, vol. 15, no. 1, pp. 99–140, 2014

R. Fielding and J. Reschke, “Hypertext transfer protocol (http/1.1): Semantics and content,” Internet Requests for Comments, RFC Editor, RFC 7231, June 2014, http://www.rfc-editor.org/rfc/rfc7231.txt. [Online]. Available: http://www.rfc-editor.org/rfc/rfc7231.txt

R. Fielding and J. Reschke, “Hypertext transfer protocol (http/1.1): Authentication,” Internet Requests for Comments, RFC Editor, RFC 7235, June 2014, http://www.rfc-editor.org/rfc/rfc7235.txt . [Online]. Available: http://www.rfc-editor.org/rfc/rfc7235.txt

B. Kitts, J. Y. Zhang, G. Wu, W. Brandi, J. Beasley, K. Morrill, J. Ettedgui, S. Siddhartha, H. Yuan, F. Gao et al., “Click fraud detection: adversarial pattern recognition over 5 years at microsoft,” in Real World Data Mining Applications. 1em plus 0.5em minus 0.4em Springer, 2015, pp. 181–201. doi: 10.1007/978-3-319-07812-0_10

N. Daswani and M. Stoppelman, “The anatomy of clickbot. a,” in Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets. 1em plus 0.5em minus 0.4em USENIX Association, 2007, pp. 11–11.

J. Leyden, “Botnet implicated in click fraud scam,” May 2006. [Online]. Available: https://www.theregister.co.uk/2006/05/15/google_adword_scam

United States District Court, “Microsoft vs Eric Lam et. al.” 2009.

P. Pearce, C. Grier, V. Paxson, V. Dave, D. McCoy, G. M. Voelker, and S. Savage, “The zeroaccess auto-clicking and search-hijacking click fraud modules,” California Univ Berkeley Dept of Electrical Engineering and Computer Sciences, Tech. Rep., 2013.

C. P. Avila and M. Vijaya, “Click through rate prediction for display advertisement,” International Journal of Computer Applications, vol. 136, no. 1, 2016.

H. B. McMahan, G. Holt, D. Sculley, M. Young, D. Ebner, J. Grady, L. Nie, T. Phillips, E. Davydov, D. Golovin et al., “Ad click prediction: a view from the trenches,” in Proceedings of the 19th ACM SIGKDD international conference on Knowledge discovery and data mining. 1em plus 0.5em minus 0.4em ACM, 2013, pp. 1222–1230. doi: 10.1145/2487575.2488200

S. Thorpe, D. Fize, and C. Marlot, “Speed of processing in the human visual system,” nature, vol. 381, no. 6582, p. 520, 1996. doi: 10.1038/381520a0

Census at School Canada, “Average reaction time”, http://censusatschool.ca/data-results/2016-2017/average-reaction-time/ , 2017.

Human Benchmark, “Reaction time statistics,” https://www.humanbenchmark.com/tests/reactiontime/statistics , 2018.

J. Priebe, “A study of internet users’ cookie and javascript settings,” Apr. 2009. [Online]. Available: http://www.smorgasbork.com/2009/04/29/a-study-of-internet-users-cookie-and-javascript-settings/

A. Winnicki, “Just how many web users really disable cookies or javascript?” Apr. 2016. [Online]. Available: https://blog.yell.com/2016/04/just-many-web-users-disable-cookies-javascript/

P. O’Sullivan, E. H. Stern, R. C. Weir, and B. E. Willner, “Pixel cluster transit monitoring for detecting click fraud,” Feb. 2016, US Patent 9,251,522.

B. E. Willner, E. H. Stern, P. J. O’Sullivan, R. C. Weir, and S. Callanan, “Cursor path vector analysis for detecting click fraud,” Jan. 2015, US Patent 8,938,395.

A. Abraham, “Rule-based expert systems,” Handbook of measuring system design, 2005. doi: 10.1002/0471497398.mm422

K. Dave and V. Varma, “Predicting the click-through rate for rare/new ads,” Center for Search and Information Extraction Lab International Institute of Information Technology Hyderabad, INDIA, 2010. doi: 10.1145/1835449.1835671

B. Miller, P. Pearce, C. Grier, C. Kreibich, and V. Paxson, “What’s clicking what? Techniques and innovations of today’s clickbots,” in International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, 2011, pp. 164–183. doi: 978-3-642-22424-9_10

J. Parsons, “The difference between website impressions and clicks,” Jan. 2015. [Online]. Available: https://growtraffic.com/blog/2015/01/difference-website-impressions-clicks

A. Juels, S. Stamm, and M. Jakobsson, “Combating click fraud via premium clicks.” in USENIX Security Symposium, 2007, pp. 17–26.

S. Clifford, “Microsoft sues three in click-fraud scheme,” Jun. 2009. [Online]. Available: http://www.nytimes.com/2009/06/16/business/media/16adco.html