SlideShare une entreprise Scribd logo

Clickfraud bot signatures2_wordy

B
bkitts
TechnologieDesign
1  sur  49
ClickFraud: An Overview of the Problem Brendan Kitts Data Mining Aleksander Kolcz Legal Andy Cookson Steve Santorelli Scott Stein Jon Zieger Chris Weinstein Financial Ops Lisa Larsen Anthony Lopez Tim Sloane Viruses / Malware Jeff Williams Ziv Mador Black Ops Ron Mills Tier 2 Support Bridget Bidlack Joseph Morrison Jason Dorsey Kimberly Lancaster Larry Golden Michael Grochau MSN Search Zijian Zheng PR / Planning Jenifer Handler Program Management Ben Herd Brian Burdick Brendan Kitts Email SPAM Geoff Hulten Development Kaz Hank Hoek Julien Beasley Ken Pierce Binu John Rajeev Prasad Tier 3 Support Michael Grochau Matt Rice Display Ads Platform Alam Ali Prasanth Nir Systems Integration Martin Markov Busijness Development Corey Rosemond
"I think something has to be done about this really, really quickly, because I think, potentially, it threatens our business model," George Reyes, Google Chief Financial Officer “Click fraud is the biggest threat to the Internet economy” George Reyes, Google Chief Financial Officer Introduction Prevalence Detection Methods Examples Auction Theory Conclusions “Anyone who says this is not a real challenge is kidding you”, John Slade, Senior Director Product Management, Yahoo! Search Advertisinh Click Fraud
Click Fraud: Reactions Perplexed: "It's hard to tell how big the problem is, but people are looking at it closer and closer as the cost of search advertising goes up," John Squire, VP Business Development, Coremetrics Philosophical: "Click fraud is like a big elephant standing in the middle of the living room. Everyone sees it and knows it's there, but no one is quite sure what to do about it." Lisa Wehr, President, Oneupweb, Hysterical: “Click fraud is ‘rampant’ and ‘staggering’…. it could wipe out ROI in search marketing...”, Stephen Messer, CEO, LinkShare
“Click Fraud: The Google Killer” (WebProNews) “Click Fraud: Is It Happening to YOU?” (French) “Click Fraud Looms as Search Engine Threat” (Associated Press) “The Google Bomb”z(Silicon Valley Daily News) “Fraud A Big Threat” (MSNBC)
Clickfraud Threats
Clicker Viruses and Trojan Horses First observed in 2000 !
115 computer botnet, Google syndication clicker
100,000 computer botnet, Clickbot.A Bots instructed to click no more than 20 times per day. click on ads at a number of adult-oriented sites, which were delivered by a common Web address: www.asdbiz.biz, according to Panda officials. This would bring up adult sites, such as girlsascats.com and virgin-clitors.com. Both of these sites are registered to a possibly-fictional entity dubbed BeatOn in Kirov, Russia. Attempts to reach the Web-site owners were not successful.
Source: http://www.benedelman.org/spyware/images/yahoo-apr06/4/ Spyware – spyware link creation The Spyware - Click-Fraud Connection -- and Yahoo's Role Revisited - Ben Edelman This traffic is notable both because it resulted from spyware installed on my test PC without my consent, and beause it resulted from insertion of advertising links into third parties' web sites (without their consent). In particular, as shown below, this traffic was predicated on Qklinkserver inserting link into the New York Times web site, without its consent and without any on-screen labeling. On a test PC with Qklinkserver, I observed numerous extraneous hyperlinks inserted into third parties' sites. See e.g. the New York Times site below. Note the stray hyperlink labeled "prime minister" -- words that are not actually a hyperlink on the "real" New York Times site, as viewed on uninfected test PCs. The Spyware - Click-Fraud Connection -- and Yahoo's Role Revisited - Ben Edelman This traffic is notable both because it resulted from spyware installed on my test PC without my consent, and beause it resulted from insertion of advertising links into third parties' web sites (without their consent). In particular, as shown below, this traffic was predicated on Qklinkserver inserting link into the New York Times web site, without its consent and without any on-screen labeling. On a test PC with Qklinkserver, I observed numerous extraneous hyperlinks inserted into third parties' sites. See e.g. the New York Times site below. Note the stray hyperlink labeled "prime minister" -- words that are not actually a hyperlink on the "real" New York Times site, as viewed on uninfected test PCs. http://www.benedelman.org/spyware/images/yahoo-apr06/4/video.wmv Qklinkserver.com, Searchdistribution.net, Intermix's Sirsearch
Spyware window opener This page gives screenshots showing on-screen displays after I requested SmartBargains. 180solutions opened a popup substantially covering my initial SmartBargains window. The popup's traffic flowed from 180solutions to Nbcsearch, then to Ditto.com, on to Yahoo Overture, and finally to a Yahoo advertiser -- all without me clicking on any sponsored link. Interestingly and unusually, the harmed Yahoo advertiser here is SmartBargains itself -- the same site I had initially requested. The net effect of this click fraud is to show the user the site the user had requested -- but to show that site also in a second ("double") window. Since users end up at the requested site, users may not notice that anything is wrong. But from an advertiser's perspective, something is very wrong: This process asks SmartBargains to pay Yahoo Overture PPC fees for SmartBargains' own organic traffic -- a bad deal, since Yahoo Overture is providing SmartBargains with no new leads and no genuine value. All testing occurred on March 2, 2006. This page gives screenshots showing on-screen displays after I requested SmartBargains. 180solutions opened a popup substantially covering my initial SmartBargains window. The popup's traffic flowed from 180solutions to Nbcsearch, then to Ditto.com, on to Yahoo Overture, and finally to a Yahoo advertiser -- all without me clicking on any sponsored link. Interestingly and unusually, the harmed Yahoo advertiser here is SmartBargains itself -- the same site I had initially requested. The net effect of this click fraud is to show the user the site the user had requested -- but to show that site also in a second ("double") window. Since users end up at the requested site, users may not notice that anything is wrong. But from an advertiser's perspective, something is very wrong: This process asks SmartBargains to pay Yahoo Overture PPC fees for SmartBargains' own organic traffic -- a bad deal, since Yahoo Overture is providing SmartBargains with no new leads and no genuine value. All testing occurred on March 2, 2006. Source: http://www.benedelman.org/spyware/images/yahoo-apr06/4/ 180 solutions
Ads not doing it for your webpage? Try porn instead! Spyware that replaces Contextual Banner ads http://www.techshout.com/internet/2005/27/ a-trojan-horse-program-that-targets- google-ads-has-been-detected-by-an- indian-web-publisher/
Search Chaff generators
IP Rotators: Anonymizer.com
Open Proxy Lists http://www.samair.ru/proxy/
Commercial Clicker programs
Clicking Agent
Smart HitBot
RobinHood
iFaker
Agloco: Pay you for clicking!
Human Clicking Operations • Data World, New Delhi (1) – Rajiv Kumar, CEO – Sells the names of web sites that pay people to click on internet ads for 350 rupees ($6.74). – Kumar claims to have recruited 300 clickers during the last year or so. “We’ve been doing this for a year and a half and haven’t heard of any problems,” Kumar says.
Human Clicking Operations • Shipranet, New Delhi (1) – Jagriti Bora, CEO – Bora has claimed to have recruited about 1,000 clickers. – She says its perfectly all right to click on ads. “There’s nothing wrong with looking through a shop window even if you don’t buy.”, she says.
Legal cases
$90 million (Money bag) Google "failed to take any significant measures to track or prevent click fraud," and "fails to adequately warn its existing and potential customers about the existence of click fraud." Google "failed to take any significant measures to track or prevent click fraud," and "fails to adequately warn its existing and potential customers about the existence of click fraud." Google: Lanes Gifts
Yahoo case: Checkmate Strategic Group $4.95 million (Money bag) Yahoo breached its contract with class members,… by charging and/or overcharging Class Members for clicks that were click fraud, click through fraud, fraudulent clicks, click spam, invalid clicks, unwanted clicks, unqualified clicks, improper clicks, non-converting clicks, inadequately converting clicks, clicks that were not reasonably expected by ClassMembers. Yahoo breached its contract with class members,… by charging and/or overcharging Class Members for clicks that were click fraud, click through fraud, fraudulent clicks, click spam, invalid clicks, unwanted clicks, unqualified clicks, improper clicks, non-converting clicks, inadequately converting clicks, clicks that were not reasonably expected by ClassMembers.
Yahoo case: Crafts by Veronica Ongoing! $$$$ In spite of Defendants’ promise and duty not to place ads in pernicious spyware programs, Defendants have done just that…. By placing Class Members’ ads into illegal platforms such as spyware programs, Defendants wrongfully collect high search engine advertising fees for ads that are actually shown in contexts that are worth far less, if anything…. [allowing search engines to] pocket the difference… Defendants also caused Class Members’ ads to appear within “typosquatting” web sites… [which are] illegal under the Anti-Cybersquatting Consumer Protection Act. Charges: (i) Civil Conspiracy, (ii) unjust enrichment, (iii) breach of contract (iv) violation of NJ Consumer fraud act. Plaintiff demands a trial by jury on all issues so triable. In spite of Defendants’ promise and duty not to place ads in pernicious spyware programs, Defendants have done just that…. By placing Class Members’ ads into illegal platforms such as spyware programs, Defendants wrongfully collect high search engine advertising fees for ads that are actually shown in contexts that are worth far less, if anything…. [allowing search engines to] pocket the difference… Defendants also caused Class Members’ ads to appear within “typosquatting” web sites… [which are] illegal under the Anti-Cybersquatting Consumer Protection Act. Charges: (i) Civil Conspiracy, (ii) unjust enrichment, (iii) breach of contract (iv) violation of NJ Consumer fraud act. Plaintiff demands a trial by jury on all issues so triable.
Samuel Lassoff vrs Google – Samuel Lassoff sues Google, Class action on behalf of residents of NY and NJ. Ongoing! $$$$ Charges: (i) breach of contract, (ii) negligence, (iii) unjust enrichment and (iv) unfair business practices. Charges: (i) breach of contract, (ii) negligence, (iii) unjust enrichment and (iv) unfair business practices.
Microsoft vs Eric Lam and family • 1.5 million in damages • Sued for 750K The Web Giant confronts Microsoft, a slumping stock – and a surge of swindlers clicking on ads, Anthony Effinger and Jonathan Thaw, Bloomberg Markets, May
How do you detect click fraud?
Production performance – Quality separation and Revenue retainedProduction performance – Quality separation and Revenue retained 0 100 200 300 400 500 600 700 800 900 1000 CPA billed CPA filtered 0 10 20 30 40 50 60 70 80 90 100 CPA billed CPA billed 1. Quality billed is extremely stable, even when the environment is subjected to massive shifts in traffic quality. 2. Red line shows Quality of filtered, which is the Quality of the traffic that we pulled out. It fluctuates wildly. Blue shows Quality billed which hovers within 20% over an extended period of time.
Traffic Scorer Smart- pricing adCenter Delivery Engine MB Log Scores Ads Impression / ad call Call for ads Publisher Web Site ARTEMIS Real-time Scoring Engine Minerva Filtration System adCenter Reports Dump and Load OLTP Database BI Database Redirection Server MR Logs FR Logs MC Logs New site Click on Ad Advertiser quality and targeting settings Ad rotation module Publisher Pipeline Advertiser Pipeline PubCenter Reports Publisher Database KPI Excel KPI Cube KPI Pipeline Bot Telemetry Instrumentation Server Blacklist Capture System Automated Crawler System Bot Telemetry Instrumentation Server F.MSN.Co m Log Glaux Data Bridge OLS Stats Minerva training pipeline CPA Glaux OLS File Feature Stats CFR row by rowSnapshot Call for payload FWB Cases Fraud Ops AdUnit BTIS Payload Bot payload Telemetry Third party and internal data sources Third party and internal crawlers Top Bad Feed Microsoft filtration technology architecture
Bot SignaturesBot Signatures 0.8 1 1.2 1.4 1.6 1.8 2 2.2 2.4 2.6 0 0.05 0.1 0.15 0.2 0.25 0.3 0.35 0.4 filtration rate (1==average for population) probability fraud non-fraud Bot signatures: Method for identifying bots in a standard format Allows investigators to calculate true positive, false positive rates. For example graphs like the one at left
Making money by Measuring “fraud”
Google Attacks the Third Parties “third party firms significantly over- estimate the […] amount of “click fraud”. “In one case where 800 paid clicks were marked as “fraudulent”, the rate of conversion for these clicks was 5.1%, which compared favorably with 5.8% overall conversion rate”
Click Quality EnginesClick Quality Engines
Customer control • Valid / invalid is the wrong way to think about this problem – legally, operationally, statistically. – Even customers recognize that invalid clicks are always “shades of grey” • Retroactive credits – Nobody likes them • CPA – Also fraud risk • 3rd parties – Google is currently fighting 3rd parties instead of working with them – 3rd party revenue models include rev recovery and law suits!
Customer control – Advertiser controls the filtration system – Even poor quality clicks may be profitable – junk bonds – No more Invalid/valid – Reduce retroactive credits to near zero – Uses the massive distributed system of advertisers to shut down revenue to fraudsters – Quality bucket is a targeting variable just like age, gender, time-of-day, publisher-site. – 3rd parties plug in their own fraud engines
Click Fraud: An Overview of the Problem • Kitts, B., Zhang, Jingying, Roux, A., Mills, R. (2013), Click Fraud Detection with Bot Signatures, Proceedings of the 2013 IEEE Conference on Intelligence and Security Informatics (ISI IEEE 2013), June, Seattle, WA.

Recommandé

Social Media’s Influence in Purchase Decision
Social Media’s Influence in Purchase DecisionSocial Media’s Influence in Purchase Decision
Social Media’s Influence in Purchase DecisionHasan Ali MIRZA
 
PPT.pptx
PPT.pptxPPT.pptx
PPT.pptxssuseref08b9
 
Analysis of-credit-card-fault-detection
Analysis of-credit-card-fault-detectionAnalysis of-credit-card-fault-detection
Analysis of-credit-card-fault-detectionJustluk Luk
 
Dark Patterns Report
Dark Patterns ReportDark Patterns Report
Dark Patterns ReportSocial Samosa
 
Pest analysis of the e commerce industry
Pest analysis of the e commerce industryPest analysis of the e commerce industry
Pest analysis of the e commerce industryBadriNarayanan68
 
Computer vision
Computer visionComputer vision
Computer visionSheikh Hussnain
 
Attendance system based on face recognition using python by Raihan Sikdar
Attendance system based on face recognition using python by Raihan SikdarAttendance system based on face recognition using python by Raihan Sikdar
Attendance system based on face recognition using python by Raihan Sikdarraihansikdar
 
Cry foundation SWOT and PEST
Cry foundation SWOT and PESTCry foundation SWOT and PEST
Cry foundation SWOT and PESTRajasimman Rajarajan
 

Recommandé

Social Media’s Influence in Purchase Decision
Social Media’s Influence in Purchase DecisionSocial Media’s Influence in Purchase Decision
Social Media’s Influence in Purchase DecisionHasan Ali MIRZA
 
PPT.pptx
PPT.pptxPPT.pptx
PPT.pptxssuseref08b9
 
Analysis of-credit-card-fault-detection
Analysis of-credit-card-fault-detectionAnalysis of-credit-card-fault-detection
Analysis of-credit-card-fault-detectionJustluk Luk
 
Dark Patterns Report
Dark Patterns ReportDark Patterns Report
Dark Patterns ReportSocial Samosa
 
Pest analysis of the e commerce industry
Pest analysis of the e commerce industryPest analysis of the e commerce industry
Pest analysis of the e commerce industryBadriNarayanan68
 
Computer vision
Computer visionComputer vision
Computer visionSheikh Hussnain
 
Attendance system based on face recognition using python by Raihan Sikdar
Attendance system based on face recognition using python by Raihan SikdarAttendance system based on face recognition using python by Raihan Sikdar
Attendance system based on face recognition using python by Raihan Sikdarraihansikdar
 
Cry foundation SWOT and PEST
Cry foundation SWOT and PESTCry foundation SWOT and PEST
Cry foundation SWOT and PESTRajasimman Rajarajan
 
Organizational Behavior
Organizational BehaviorOrganizational Behavior
Organizational BehaviorPramod Paswan
 
Wipro Corporate Social Responsibility
Wipro Corporate Social ResponsibilityWipro Corporate Social Responsibility
Wipro Corporate Social ResponsibilityItikaVashistha
 
Social media & consumer behavior
Social media & consumer behaviorSocial media & consumer behavior
Social media & consumer behaviorAdam Acar
 
Captcha
CaptchaCaptcha
CaptchaChitra Mudunuru
 
Social Media Marketing In India
Social Media Marketing In IndiaSocial Media Marketing In India
Social Media Marketing In IndiaRajiv Dingra
 
Reliance jio
Reliance jioReliance jio
Reliance jioArjitSharma19
 
Collaborating to enhance opportunities for teaching and learning, and for the...
Collaborating to enhance opportunities for teaching and learning, and for the...Collaborating to enhance opportunities for teaching and learning, and for the...
Collaborating to enhance opportunities for teaching and learning, and for the...Sarah Gallagher
 
Reception booklet la paz 2011
Reception booklet la paz 2011Reception booklet la paz 2011
Reception booklet la paz 2011Luis Antezana
 
персонал 911
персонал 911персонал 911
персонал 911Ольга Черкашина
 
Dawley Let’s get together group
Dawley Let’s get together groupDawley Let’s get together group
Dawley Let’s get together groupPete Jackson
 
A digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektek
A digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektekA digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektek
A digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektekEmil Koplányi
 
04 Alte servicii Web 2.0
04 Alte servicii Web 2.004 Alte servicii Web 2.0
04 Alte servicii Web 2.0Icesicon
 
El medi ambient natural
El medi ambient naturalEl medi ambient natural
El medi ambient naturalIsabel Martí Duran
 
001 Indrumar afaceri ce inseamna sa fii intreprinzator
001 Indrumar afaceri ce inseamna sa fii intreprinzator001 Indrumar afaceri ce inseamna sa fii intreprinzator
001 Indrumar afaceri ce inseamna sa fii intreprinzatorIcesicon
 
Create the Job of Your Dreams - George Brown Oct 2012
Create the Job of Your Dreams - George Brown Oct 2012Create the Job of Your Dreams - George Brown Oct 2012
Create the Job of Your Dreams - George Brown Oct 2012Edwin Jansen
 
Mix adjustment bkitts_presentation_wordy
Mix adjustment bkitts_presentation_wordyMix adjustment bkitts_presentation_wordy
Mix adjustment bkitts_presentation_wordybkitts
 
Soft(ware) skills (konference Devel.cz, 2013)
Soft(ware) skills (konference Devel.cz, 2013)Soft(ware) skills (konference Devel.cz, 2013)
Soft(ware) skills (konference Devel.cz, 2013)David Grudl
 
Ikt szaktan képzése
Ikt szaktan képzéseIkt szaktan képzése
Ikt szaktan képzéseEmil Koplányi
 
Wiki..
Wiki..Wiki..
Wiki..Luis Antezana
 
Digital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDigital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDr. Augustine Fou - Independent Ad Fraud Researcher
 
Mystery Shopping Inside the Ad-Verification Bubble
Mystery Shopping Inside the Ad-Verification BubbleMystery Shopping Inside the Ad-Verification Bubble
Mystery Shopping Inside the Ad-Verification BubbleShailin Dhar
 
Field Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryField Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryDistil Networks
 

Contenu connexe

Tendances

Organizational Behavior
Organizational BehaviorOrganizational Behavior
Organizational BehaviorPramod Paswan
 
Wipro Corporate Social Responsibility
Wipro Corporate Social ResponsibilityWipro Corporate Social Responsibility
Wipro Corporate Social ResponsibilityItikaVashistha
 
Social media & consumer behavior
Social media & consumer behaviorSocial media & consumer behavior
Social media & consumer behaviorAdam Acar
 
Social Media Marketing In India
Social Media Marketing In IndiaSocial Media Marketing In India
Social Media Marketing In IndiaRajiv Dingra
 

Tendances (6)

Organizational Behavior
Organizational BehaviorOrganizational Behavior
Organizational Behavior
 
Wipro Corporate Social Responsibility
Wipro Corporate Social ResponsibilityWipro Corporate Social Responsibility
Wipro Corporate Social Responsibility
 
Social media & consumer behavior
Social media & consumer behaviorSocial media & consumer behavior
Social media & consumer behavior
 
Captcha
CaptchaCaptcha
Captcha
 
Social Media Marketing In India
Social Media Marketing In IndiaSocial Media Marketing In India
Social Media Marketing In India
 
Reliance jio
Reliance jioReliance jio
Reliance jio
 

En vedette

Collaborating to enhance opportunities for teaching and learning, and for the...
Collaborating to enhance opportunities for teaching and learning, and for the...Collaborating to enhance opportunities for teaching and learning, and for the...
Collaborating to enhance opportunities for teaching and learning, and for the...Sarah Gallagher
 
Reception booklet la paz 2011
Reception booklet la paz 2011Reception booklet la paz 2011
Reception booklet la paz 2011Luis Antezana
 
Dawley Let’s get together group
Dawley Let’s get together groupDawley Let’s get together group
Dawley Let’s get together groupPete Jackson
 
A digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektek
A digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektekA digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektek
A digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektekEmil Koplányi
 
04 Alte servicii Web 2.0
04 Alte servicii Web 2.004 Alte servicii Web 2.0
04 Alte servicii Web 2.0Icesicon
 
001 Indrumar afaceri ce inseamna sa fii intreprinzator
001 Indrumar afaceri ce inseamna sa fii intreprinzator001 Indrumar afaceri ce inseamna sa fii intreprinzator
001 Indrumar afaceri ce inseamna sa fii intreprinzatorIcesicon
 
Create the Job of Your Dreams - George Brown Oct 2012
Create the Job of Your Dreams - George Brown Oct 2012Create the Job of Your Dreams - George Brown Oct 2012
Create the Job of Your Dreams - George Brown Oct 2012Edwin Jansen
 
Mix adjustment bkitts_presentation_wordy
Mix adjustment bkitts_presentation_wordyMix adjustment bkitts_presentation_wordy
Mix adjustment bkitts_presentation_wordybkitts
 
Soft(ware) skills (konference Devel.cz, 2013)
Soft(ware) skills (konference Devel.cz, 2013)Soft(ware) skills (konference Devel.cz, 2013)
Soft(ware) skills (konference Devel.cz, 2013)David Grudl
 

En vedette (13)

Collaborating to enhance opportunities for teaching and learning, and for the...
Collaborating to enhance opportunities for teaching and learning, and for the...Collaborating to enhance opportunities for teaching and learning, and for the...
Collaborating to enhance opportunities for teaching and learning, and for the...
 
Reception booklet la paz 2011
Reception booklet la paz 2011Reception booklet la paz 2011
Reception booklet la paz 2011
 
персонал 911
персонал 911персонал 911
персонал 911
 
Dawley Let’s get together group
Dawley Let’s get together groupDawley Let’s get together group
Dawley Let’s get together group
 
A digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektek
A digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektekA digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektek
A digitális írástudás fejlesztését elősegítő kutatási-fejlesztési projektek
 
04 Alte servicii Web 2.0
04 Alte servicii Web 2.004 Alte servicii Web 2.0
04 Alte servicii Web 2.0
 
El medi ambient natural
El medi ambient naturalEl medi ambient natural
El medi ambient natural
 
001 Indrumar afaceri ce inseamna sa fii intreprinzator
001 Indrumar afaceri ce inseamna sa fii intreprinzator001 Indrumar afaceri ce inseamna sa fii intreprinzator
001 Indrumar afaceri ce inseamna sa fii intreprinzator
 
Create the Job of Your Dreams - George Brown Oct 2012
Create the Job of Your Dreams - George Brown Oct 2012Create the Job of Your Dreams - George Brown Oct 2012
Create the Job of Your Dreams - George Brown Oct 2012
 
Mix adjustment bkitts_presentation_wordy
Mix adjustment bkitts_presentation_wordyMix adjustment bkitts_presentation_wordy
Mix adjustment bkitts_presentation_wordy
 
Soft(ware) skills (konference Devel.cz, 2013)
Soft(ware) skills (konference Devel.cz, 2013)Soft(ware) skills (konference Devel.cz, 2013)
Soft(ware) skills (konference Devel.cz, 2013)
 
Ikt szaktan képzése
Ikt szaktan képzéseIkt szaktan képzése
Ikt szaktan képzése
 
Wiki..
Wiki..Wiki..
Wiki..
 

Similaire à Clickfraud bot signatures2_wordy

Mystery Shopping Inside the Ad-Verification Bubble
Mystery Shopping Inside the Ad-Verification BubbleMystery Shopping Inside the Ad-Verification Bubble
Mystery Shopping Inside the Ad-Verification BubbleShailin Dhar
 
Field Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryField Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryDistil Networks
 
Ias guide ad fraud essentials_2017 (1)
Ias guide ad fraud essentials_2017 (1)Ias guide ad fraud essentials_2017 (1)
Ias guide ad fraud essentials_2017 (1)Wossname
 
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-ThreatsThe Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats- Mark - Fullbright
 
Programmatic Ad Fraud
Programmatic Ad FraudProgrammatic Ad Fraud
Programmatic Ad FraudTed Politidis
 
Introduction to malvertising
Introduction to malvertising Introduction to malvertising
Introduction to malvertising Mohd Arif
 
Ad Blight - Web 2.0 Expo (SF09)
Ad Blight - Web 2.0 Expo (SF09)Ad Blight - Web 2.0 Expo (SF09)
Ad Blight - Web 2.0 Expo (SF09)Jonathan Hochman
 
Bot how to find them 2014_27_03
Bot how to find them 2014_27_03Bot how to find them 2014_27_03
Bot how to find them 2014_27_03IABmembership
 
Iab bots how to_find_them_webinar_2014_03_27
Iab bots how to_find_them_webinar_2014_03_27Iab bots how to_find_them_webinar_2014_03_27
Iab bots how to_find_them_webinar_2014_03_27IABmembership
 
Digital Disguise1
Digital Disguise1Digital Disguise1
Digital Disguise1cocopopz
 
DEFCON 23 - Mark Ryan Talabis - The Bieber Project
DEFCON 23 - Mark Ryan Talabis - The Bieber ProjectDEFCON 23 - Mark Ryan Talabis - The Bieber Project
DEFCON 23 - Mark Ryan Talabis - The Bieber ProjectFelipe Prado
 
What is online ad fraud and what does um do about it
What is online ad fraud and what does um do about itWhat is online ad fraud and what does um do about it
What is online ad fraud and what does um do about itAlan King
 

Similaire à Clickfraud bot signatures2_wordy (20)

Digital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fouDigital ad fraud superheroes the good guys by augustine fou
Digital ad fraud superheroes the good guys by augustine fou
 
Mystery Shopping Inside the Ad-Verification Bubble
Mystery Shopping Inside the Ad-Verification BubbleMystery Shopping Inside the Ad-Verification Bubble
Mystery Shopping Inside the Ad-Verification Bubble
 
Field Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad InventoryField Guide for Validating Premium Ad Inventory
Field Guide for Validating Premium Ad Inventory
 
Ias guide ad fraud essentials_2017 (1)
Ias guide ad fraud essentials_2017 (1)Ias guide ad fraud essentials_2017 (1)
Ias guide ad fraud essentials_2017 (1)
 
IAB Best Practices Traffic Fraud Final
IAB Best Practices Traffic Fraud FinalIAB Best Practices Traffic Fraud Final
IAB Best Practices Traffic Fraud Final
 
ComplianceBrief
ComplianceBriefComplianceBrief
ComplianceBrief
 
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-ThreatsThe Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
 
Independent Objective Reviews of Anti-Fraud Companies by Augustine Fou
Independent Objective Reviews of Anti-Fraud Companies by Augustine FouIndependent Objective Reviews of Anti-Fraud Companies by Augustine Fou
Independent Objective Reviews of Anti-Fraud Companies by Augustine Fou
 
Internet Marketing Quiz
Internet Marketing QuizInternet Marketing Quiz
Internet Marketing Quiz
 
Programmatic Ad Fraud
Programmatic Ad FraudProgrammatic Ad Fraud
Programmatic Ad Fraud
 
Display Ad Fraud Explainer by Augustine Fou
Display Ad Fraud Explainer by Augustine FouDisplay Ad Fraud Explainer by Augustine Fou
Display Ad Fraud Explainer by Augustine Fou
 
Introduction to malvertising
Introduction to malvertising Introduction to malvertising
Introduction to malvertising
 
Google And The Click Fraud Menace
Google And The Click Fraud MenaceGoogle And The Click Fraud Menace
Google And The Click Fraud Menace
 
Ad Blight - Web 2.0 Expo (SF09)
Ad Blight - Web 2.0 Expo (SF09)Ad Blight - Web 2.0 Expo (SF09)
Ad Blight - Web 2.0 Expo (SF09)
 
Bot how to find them 2014_27_03
Bot how to find them 2014_27_03Bot how to find them 2014_27_03
Bot how to find them 2014_27_03
 
Iab bots how to_find_them_webinar_2014_03_27
Iab bots how to_find_them_webinar_2014_03_27Iab bots how to_find_them_webinar_2014_03_27
Iab bots how to_find_them_webinar_2014_03_27
 
Digital Disguise1
Digital Disguise1Digital Disguise1
Digital Disguise1
 
Why Fraud detection doesn't work
Why Fraud detection doesn't workWhy Fraud detection doesn't work
Why Fraud detection doesn't work
 
DEFCON 23 - Mark Ryan Talabis - The Bieber Project
DEFCON 23 - Mark Ryan Talabis - The Bieber ProjectDEFCON 23 - Mark Ryan Talabis - The Bieber Project
DEFCON 23 - Mark Ryan Talabis - The Bieber Project
 
What is online ad fraud and what does um do about it
What is online ad fraud and what does um do about itWhat is online ad fraud and what does um do about it
What is online ad fraud and what does um do about it
 

Plus de bkitts

Tv trends definitive3_nofinancials_20150524_outgoing
Tv trends definitive3_nofinancials_20150524_outgoingTv trends definitive3_nofinancials_20150524_outgoing
Tv trends definitive3_nofinancials_20150524_outgoingbkitts
 
Sunday vball
Sunday vballSunday vball
Sunday vballbkitts
 
RecSys 2014 Tectonic shifts in television advertising including targeting and...
RecSys 2014 Tectonic shifts in television advertising including targeting and...RecSys 2014 Tectonic shifts in television advertising including targeting and...
RecSys 2014 Tectonic shifts in television advertising including targeting and...bkitts
 
Tectonic shifts icdm2012_1_outgoing
Tectonic shifts icdm2012_1_outgoingTectonic shifts icdm2012_1_outgoing
Tectonic shifts icdm2012_1_outgoingbkitts
 
Ita05 agents presentation
Ita05 agents presentationIta05 agents presentation
Ita05 agents presentationbkitts
 
Ad serving kdd2008_2
Ad serving kdd2008_2Ad serving kdd2008_2
Ad serving kdd2008_2bkitts
 

Plus de bkitts (6)

Tv trends definitive3_nofinancials_20150524_outgoing
Tv trends definitive3_nofinancials_20150524_outgoingTv trends definitive3_nofinancials_20150524_outgoing
Tv trends definitive3_nofinancials_20150524_outgoing
 
Sunday vball
Sunday vballSunday vball
Sunday vball
 
RecSys 2014 Tectonic shifts in television advertising including targeting and...
RecSys 2014 Tectonic shifts in television advertising including targeting and...RecSys 2014 Tectonic shifts in television advertising including targeting and...
RecSys 2014 Tectonic shifts in television advertising including targeting and...
 
Tectonic shifts icdm2012_1_outgoing
Tectonic shifts icdm2012_1_outgoingTectonic shifts icdm2012_1_outgoing
Tectonic shifts icdm2012_1_outgoing
 
Ita05 agents presentation
Ita05 agents presentationIta05 agents presentation
Ita05 agents presentation
 
Ad serving kdd2008_2
Ad serving kdd2008_2Ad serving kdd2008_2
Ad serving kdd2008_2
 

Dernier

MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 

Dernier (20)

MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

Clickfraud bot signatures2_wordy

  • 1. ClickFraud: An Overview of the Problem Brendan Kitts Data Mining Aleksander Kolcz Legal Andy Cookson Steve Santorelli Scott Stein Jon Zieger Chris Weinstein Financial Ops Lisa Larsen Anthony Lopez Tim Sloane Viruses / Malware Jeff Williams Ziv Mador Black Ops Ron Mills Tier 2 Support Bridget Bidlack Joseph Morrison Jason Dorsey Kimberly Lancaster Larry Golden Michael Grochau MSN Search Zijian Zheng PR / Planning Jenifer Handler Program Management Ben Herd Brian Burdick Brendan Kitts Email SPAM Geoff Hulten Development Kaz Hank Hoek Julien Beasley Ken Pierce Binu John Rajeev Prasad Tier 3 Support Michael Grochau Matt Rice Display Ads Platform Alam Ali Prasanth Nir Systems Integration Martin Markov Busijness Development Corey Rosemond
  • 2. "I think something has to be done about this really, really quickly, because I think, potentially, it threatens our business model," George Reyes, Google Chief Financial Officer “Click fraud is the biggest threat to the Internet economy” George Reyes, Google Chief Financial Officer Introduction Prevalence Detection Methods Examples Auction Theory Conclusions “Anyone who says this is not a real challenge is kidding you”, John Slade, Senior Director Product Management, Yahoo! Search Advertisinh Click Fraud
  • 3. Click Fraud: Reactions Perplexed: "It's hard to tell how big the problem is, but people are looking at it closer and closer as the cost of search advertising goes up," John Squire, VP Business Development, Coremetrics Philosophical: "Click fraud is like a big elephant standing in the middle of the living room. Everyone sees it and knows it's there, but no one is quite sure what to do about it." Lisa Wehr, President, Oneupweb, Hysterical: “Click fraud is ‘rampant’ and ‘staggering’…. it could wipe out ROI in search marketing...”, Stephen Messer, CEO, LinkShare
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12. “Click Fraud: The Google Killer” (WebProNews) “Click Fraud: Is It Happening to YOU?” (French) “Click Fraud Looms as Search Engine Threat” (Associated Press) “The Google Bomb”z(Silicon Valley Daily News) “Fraud A Big Threat” (MSNBC)
  • 13.
  • 15. Clicker Viruses and Trojan Horses First observed in 2000 !
  • 16. 115 computer botnet, Google syndication clicker
  • 17. 100,000 computer botnet, Clickbot.A Bots instructed to click no more than 20 times per day. click on ads at a number of adult-oriented sites, which were delivered by a common Web address: www.asdbiz.biz, according to Panda officials. This would bring up adult sites, such as girlsascats.com and virgin-clitors.com. Both of these sites are registered to a possibly-fictional entity dubbed BeatOn in Kirov, Russia. Attempts to reach the Web-site owners were not successful.
  • 18. Source: http://www.benedelman.org/spyware/images/yahoo-apr06/4/ Spyware – spyware link creation The Spyware - Click-Fraud Connection -- and Yahoo's Role Revisited - Ben Edelman This traffic is notable both because it resulted from spyware installed on my test PC without my consent, and beause it resulted from insertion of advertising links into third parties' web sites (without their consent). In particular, as shown below, this traffic was predicated on Qklinkserver inserting link into the New York Times web site, without its consent and without any on-screen labeling. On a test PC with Qklinkserver, I observed numerous extraneous hyperlinks inserted into third parties' sites. See e.g. the New York Times site below. Note the stray hyperlink labeled "prime minister" -- words that are not actually a hyperlink on the "real" New York Times site, as viewed on uninfected test PCs. The Spyware - Click-Fraud Connection -- and Yahoo's Role Revisited - Ben Edelman This traffic is notable both because it resulted from spyware installed on my test PC without my consent, and beause it resulted from insertion of advertising links into third parties' web sites (without their consent). In particular, as shown below, this traffic was predicated on Qklinkserver inserting link into the New York Times web site, without its consent and without any on-screen labeling. On a test PC with Qklinkserver, I observed numerous extraneous hyperlinks inserted into third parties' sites. See e.g. the New York Times site below. Note the stray hyperlink labeled "prime minister" -- words that are not actually a hyperlink on the "real" New York Times site, as viewed on uninfected test PCs. http://www.benedelman.org/spyware/images/yahoo-apr06/4/video.wmv Qklinkserver.com, Searchdistribution.net, Intermix's Sirsearch
  • 19. Spyware window opener This page gives screenshots showing on-screen displays after I requested SmartBargains. 180solutions opened a popup substantially covering my initial SmartBargains window. The popup's traffic flowed from 180solutions to Nbcsearch, then to Ditto.com, on to Yahoo Overture, and finally to a Yahoo advertiser -- all without me clicking on any sponsored link. Interestingly and unusually, the harmed Yahoo advertiser here is SmartBargains itself -- the same site I had initially requested. The net effect of this click fraud is to show the user the site the user had requested -- but to show that site also in a second ("double") window. Since users end up at the requested site, users may not notice that anything is wrong. But from an advertiser's perspective, something is very wrong: This process asks SmartBargains to pay Yahoo Overture PPC fees for SmartBargains' own organic traffic -- a bad deal, since Yahoo Overture is providing SmartBargains with no new leads and no genuine value. All testing occurred on March 2, 2006. This page gives screenshots showing on-screen displays after I requested SmartBargains. 180solutions opened a popup substantially covering my initial SmartBargains window. The popup's traffic flowed from 180solutions to Nbcsearch, then to Ditto.com, on to Yahoo Overture, and finally to a Yahoo advertiser -- all without me clicking on any sponsored link. Interestingly and unusually, the harmed Yahoo advertiser here is SmartBargains itself -- the same site I had initially requested. The net effect of this click fraud is to show the user the site the user had requested -- but to show that site also in a second ("double") window. Since users end up at the requested site, users may not notice that anything is wrong. But from an advertiser's perspective, something is very wrong: This process asks SmartBargains to pay Yahoo Overture PPC fees for SmartBargains' own organic traffic -- a bad deal, since Yahoo Overture is providing SmartBargains with no new leads and no genuine value. All testing occurred on March 2, 2006. Source: http://www.benedelman.org/spyware/images/yahoo-apr06/4/ 180 solutions
  • 20. Ads not doing it for your webpage? Try porn instead! Spyware that replaces Contextual Banner ads http://www.techshout.com/internet/2005/27/ a-trojan-horse-program-that-targets- google-ads-has-been-detected-by-an- indian-web-publisher/
  • 22.
  • 29.
  • 31. Agloco: Pay you for clicking!
  • 32. Human Clicking Operations • Data World, New Delhi (1) – Rajiv Kumar, CEO – Sells the names of web sites that pay people to click on internet ads for 350 rupees ($6.74). – Kumar claims to have recruited 300 clickers during the last year or so. “We’ve been doing this for a year and a half and haven’t heard of any problems,” Kumar says.
  • 33. Human Clicking Operations • Shipranet, New Delhi (1) – Jagriti Bora, CEO – Bora has claimed to have recruited about 1,000 clickers. – She says its perfectly all right to click on ads. “There’s nothing wrong with looking through a shop window even if you don’t buy.”, she says.
  • 35. $90 million (Money bag) Google "failed to take any significant measures to track or prevent click fraud," and "fails to adequately warn its existing and potential customers about the existence of click fraud." Google "failed to take any significant measures to track or prevent click fraud," and "fails to adequately warn its existing and potential customers about the existence of click fraud." Google: Lanes Gifts
  • 36. Yahoo case: Checkmate Strategic Group $4.95 million (Money bag) Yahoo breached its contract with class members,… by charging and/or overcharging Class Members for clicks that were click fraud, click through fraud, fraudulent clicks, click spam, invalid clicks, unwanted clicks, unqualified clicks, improper clicks, non-converting clicks, inadequately converting clicks, clicks that were not reasonably expected by ClassMembers. Yahoo breached its contract with class members,… by charging and/or overcharging Class Members for clicks that were click fraud, click through fraud, fraudulent clicks, click spam, invalid clicks, unwanted clicks, unqualified clicks, improper clicks, non-converting clicks, inadequately converting clicks, clicks that were not reasonably expected by ClassMembers.
  • 37. Yahoo case: Crafts by Veronica Ongoing! $$$$ In spite of Defendants’ promise and duty not to place ads in pernicious spyware programs, Defendants have done just that…. By placing Class Members’ ads into illegal platforms such as spyware programs, Defendants wrongfully collect high search engine advertising fees for ads that are actually shown in contexts that are worth far less, if anything…. [allowing search engines to] pocket the difference… Defendants also caused Class Members’ ads to appear within “typosquatting” web sites… [which are] illegal under the Anti-Cybersquatting Consumer Protection Act. Charges: (i) Civil Conspiracy, (ii) unjust enrichment, (iii) breach of contract (iv) violation of NJ Consumer fraud act. Plaintiff demands a trial by jury on all issues so triable. In spite of Defendants’ promise and duty not to place ads in pernicious spyware programs, Defendants have done just that…. By placing Class Members’ ads into illegal platforms such as spyware programs, Defendants wrongfully collect high search engine advertising fees for ads that are actually shown in contexts that are worth far less, if anything…. [allowing search engines to] pocket the difference… Defendants also caused Class Members’ ads to appear within “typosquatting” web sites… [which are] illegal under the Anti-Cybersquatting Consumer Protection Act. Charges: (i) Civil Conspiracy, (ii) unjust enrichment, (iii) breach of contract (iv) violation of NJ Consumer fraud act. Plaintiff demands a trial by jury on all issues so triable.
  • 38. Samuel Lassoff vrs Google – Samuel Lassoff sues Google, Class action on behalf of residents of NY and NJ. Ongoing! $$$$ Charges: (i) breach of contract, (ii) negligence, (iii) unjust enrichment and (iv) unfair business practices. Charges: (i) breach of contract, (ii) negligence, (iii) unjust enrichment and (iv) unfair business practices.
  • 39. Microsoft vs Eric Lam and family • 1.5 million in damages • Sued for 750K The Web Giant confronts Microsoft, a slumping stock – and a surge of swindlers clicking on ads, Anthony Effinger and Jonathan Thaw, Bloomberg Markets, May
  • 40. How do you detect click fraud?
  • 41. Production performance – Quality separation and Revenue retainedProduction performance – Quality separation and Revenue retained 0 100 200 300 400 500 600 700 800 900 1000 CPA billed CPA filtered 0 10 20 30 40 50 60 70 80 90 100 CPA billed CPA billed 1. Quality billed is extremely stable, even when the environment is subjected to massive shifts in traffic quality. 2. Red line shows Quality of filtered, which is the Quality of the traffic that we pulled out. It fluctuates wildly. Blue shows Quality billed which hovers within 20% over an extended period of time.
  • 42. Traffic Scorer Smart- pricing adCenter Delivery Engine MB Log Scores Ads Impression / ad call Call for ads Publisher Web Site ARTEMIS Real-time Scoring Engine Minerva Filtration System adCenter Reports Dump and Load OLTP Database BI Database Redirection Server MR Logs FR Logs MC Logs New site Click on Ad Advertiser quality and targeting settings Ad rotation module Publisher Pipeline Advertiser Pipeline PubCenter Reports Publisher Database KPI Excel KPI Cube KPI Pipeline Bot Telemetry Instrumentation Server Blacklist Capture System Automated Crawler System Bot Telemetry Instrumentation Server F.MSN.Co m Log Glaux Data Bridge OLS Stats Minerva training pipeline CPA Glaux OLS File Feature Stats CFR row by rowSnapshot Call for payload FWB Cases Fraud Ops AdUnit BTIS Payload Bot payload Telemetry Third party and internal data sources Third party and internal crawlers Top Bad Feed Microsoft filtration technology architecture
  • 43. Bot SignaturesBot Signatures 0.8 1 1.2 1.4 1.6 1.8 2 2.2 2.4 2.6 0 0.05 0.1 0.15 0.2 0.25 0.3 0.35 0.4 filtration rate (1==average for population) probability fraud non-fraud Bot signatures: Method for identifying bots in a standard format Allows investigators to calculate true positive, false positive rates. For example graphs like the one at left
  • 44. Making money by Measuring “fraud”
  • 45. Google Attacks the Third Parties “third party firms significantly over- estimate the […] amount of “click fraud”. “In one case where 800 paid clicks were marked as “fraudulent”, the rate of conversion for these clicks was 5.1%, which compared favorably with 5.8% overall conversion rate”
  • 46. Click Quality EnginesClick Quality Engines
  • 47. Customer control • Valid / invalid is the wrong way to think about this problem – legally, operationally, statistically. – Even customers recognize that invalid clicks are always “shades of grey” • Retroactive credits – Nobody likes them • CPA – Also fraud risk • 3rd parties – Google is currently fighting 3rd parties instead of working with them – 3rd party revenue models include rev recovery and law suits!
  • 48. Customer control – Advertiser controls the filtration system – Even poor quality clicks may be profitable – junk bonds – No more Invalid/valid – Reduce retroactive credits to near zero – Uses the massive distributed system of advertisers to shut down revenue to fraudsters – Quality bucket is a targeting variable just like age, gender, time-of-day, publisher-site. – 3rd parties plug in their own fraud engines
  • 49. Click Fraud: An Overview of the Problem • Kitts, B., Zhang, Jingying, Roux, A., Mills, R. (2013), Click Fraud Detection with Bot Signatures, Proceedings of the 2013 IEEE Conference on Intelligence and Security Informatics (ISI IEEE 2013), June, Seattle, WA.