Clicktok: click fraud detection using traffic analysis

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

Abstract

Advertising is a primary means for revenue generation for millions of websites and smartphone apps. Naturally, a fraction abuse ad networks to systematically defraud advertisers of their money. Modern defences have matured to overcome some forms of click fraud but measurement studies have reported that a third of clicks supplied by ad networks could be clickspam. Our work develops novel inference techniques which can isolate click fraud attacks using their fundamental properties.We propose two defences, mimicry and bait-click, which provide clickspam detection with substantially improved results over current approaches. Mimicry leverages the observation that organic clickfraud involves the reuse of legitimate click traffic, and thus isolates clickspam by detecting patterns of click reuse within ad network clickstreams. The bait-click defence leverages the vantage point of an ad network to inject a pattern of bait clicks into a user's device. Any organic clickspam generated involving the bait clicks will be subsequently recognisable by the ad network. Our experiments show that the mimicry defence detects around 81% of fake clicks in stealthy (low rate) attacks, with a false-positive rate of 110 per hundred thousand clicks. Similarly, the bait-click defence enables further improvements in detection, with rates of 95% and a reduction in false-positive rates of between 0 and 30 clicks per million - a substantial improvement over current approaches.

LanguageEnglish
Title of host publicationWiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks
Place of PublicationNew York
Pages105-116
Number of pages12
ISBN (Electronic)9781450367264
DOIs
Publication statusPublished - 15 May 2019

Fingerprint

Smartphones
Application programs
Websites
Marketing
Experiments

Keywords

  • clickspam
  • advertising
  • click fraud

Cite this

Nagaraja, S., & Shah, R. (2019). Clicktok: click fraud detection using traffic analysis. In WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks (pp. 105-116). New York. https://doi.org/10.1145/3317549.3323407
Nagaraja, Shishir ; Shah, Ryan. / Clicktok : click fraud detection using traffic analysis. WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks. New York, 2019. pp. 105-116
@inproceedings{b01eb02533ae44ec8948d292dcd23cbe,
title = "Clicktok: click fraud detection using traffic analysis",
abstract = "Advertising is a primary means for revenue generation for millions of websites and smartphone apps. Naturally, a fraction abuse ad networks to systematically defraud advertisers of their money. Modern defences have matured to overcome some forms of click fraud but measurement studies have reported that a third of clicks supplied by ad networks could be clickspam. Our work develops novel inference techniques which can isolate click fraud attacks using their fundamental properties.We propose two defences, mimicry and bait-click, which provide clickspam detection with substantially improved results over current approaches. Mimicry leverages the observation that organic clickfraud involves the reuse of legitimate click traffic, and thus isolates clickspam by detecting patterns of click reuse within ad network clickstreams. The bait-click defence leverages the vantage point of an ad network to inject a pattern of bait clicks into a user's device. Any organic clickspam generated involving the bait clicks will be subsequently recognisable by the ad network. Our experiments show that the mimicry defence detects around 81{\%} of fake clicks in stealthy (low rate) attacks, with a false-positive rate of 110 per hundred thousand clicks. Similarly, the bait-click defence enables further improvements in detection, with rates of 95{\%} and a reduction in false-positive rates of between 0 and 30 clicks per million - a substantial improvement over current approaches.",
keywords = "clickspam, advertising, click fraud",
author = "Shishir Nagaraja and Ryan Shah",
year = "2019",
month = "5",
day = "15",
doi = "10.1145/3317549.3323407",
language = "English",
isbn = "978-1-4503-6726-4",
pages = "105--116",
booktitle = "WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks",

}

Nagaraja, S & Shah, R 2019, Clicktok: click fraud detection using traffic analysis. in WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks. New York, pp. 105-116. https://doi.org/10.1145/3317549.3323407

Clicktok : click fraud detection using traffic analysis. / Nagaraja, Shishir; Shah, Ryan.

WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks. New York, 2019. p. 105-116.

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

TY - GEN

T1 - Clicktok

T2 - click fraud detection using traffic analysis

AU - Nagaraja, Shishir

AU - Shah, Ryan

PY - 2019/5/15

Y1 - 2019/5/15

N2 - Advertising is a primary means for revenue generation for millions of websites and smartphone apps. Naturally, a fraction abuse ad networks to systematically defraud advertisers of their money. Modern defences have matured to overcome some forms of click fraud but measurement studies have reported that a third of clicks supplied by ad networks could be clickspam. Our work develops novel inference techniques which can isolate click fraud attacks using their fundamental properties.We propose two defences, mimicry and bait-click, which provide clickspam detection with substantially improved results over current approaches. Mimicry leverages the observation that organic clickfraud involves the reuse of legitimate click traffic, and thus isolates clickspam by detecting patterns of click reuse within ad network clickstreams. The bait-click defence leverages the vantage point of an ad network to inject a pattern of bait clicks into a user's device. Any organic clickspam generated involving the bait clicks will be subsequently recognisable by the ad network. Our experiments show that the mimicry defence detects around 81% of fake clicks in stealthy (low rate) attacks, with a false-positive rate of 110 per hundred thousand clicks. Similarly, the bait-click defence enables further improvements in detection, with rates of 95% and a reduction in false-positive rates of between 0 and 30 clicks per million - a substantial improvement over current approaches.

AB - Advertising is a primary means for revenue generation for millions of websites and smartphone apps. Naturally, a fraction abuse ad networks to systematically defraud advertisers of their money. Modern defences have matured to overcome some forms of click fraud but measurement studies have reported that a third of clicks supplied by ad networks could be clickspam. Our work develops novel inference techniques which can isolate click fraud attacks using their fundamental properties.We propose two defences, mimicry and bait-click, which provide clickspam detection with substantially improved results over current approaches. Mimicry leverages the observation that organic clickfraud involves the reuse of legitimate click traffic, and thus isolates clickspam by detecting patterns of click reuse within ad network clickstreams. The bait-click defence leverages the vantage point of an ad network to inject a pattern of bait clicks into a user's device. Any organic clickspam generated involving the bait clicks will be subsequently recognisable by the ad network. Our experiments show that the mimicry defence detects around 81% of fake clicks in stealthy (low rate) attacks, with a false-positive rate of 110 per hundred thousand clicks. Similarly, the bait-click defence enables further improvements in detection, with rates of 95% and a reduction in false-positive rates of between 0 and 30 clicks per million - a substantial improvement over current approaches.

KW - clickspam

KW - advertising

KW - click fraud

U2 - 10.1145/3317549.3323407

DO - 10.1145/3317549.3323407

M3 - Conference contribution book

SN - 978-1-4503-6726-4

SP - 105

EP - 116

BT - WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks

CY - New York

ER -

Nagaraja S, Shah R. Clicktok: click fraud detection using traffic analysis. In WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks. New York. 2019. p. 105-116 https://doi.org/10.1145/3317549.3323407