[PPT] - Combating Click Fraud Using Premium Clicks Sid Stamm , RavenWhite PowerPoint Presentation

SLIDE 1

Combating Click Fraud Using Premium Clicks

Sid Stamm, RavenWhite Inc. and Indiana University

Joint Work With

Ari Juels†, RSA Laboratories, RSA/EMC Corp Markus Jakobsson, RavenWhite Inc.

† Research Performed at RavenWhite Inc.

1

SLIDE 2

M e x i c a n M e x i c a n N

w

w i t h N

w

w i t h J u m p i n g B e a n s ! J u m p i n g B e a n s !

Click Fraud: Old Scam

2

SLIDE 3

Click Fraud: Old Scam

Advertiser

3

SLIDE 4

Click Fraud: Old Scam

Advertiser Publisher

3

SLIDE 5

Click Fraud: Old Scam

Mexican Mexican

Now with Now with Jumping Beans! Jumping Beans!

Mexican Mexican

Now with Now with Jumping Beans! Jumping Beans!

Advertiser Publisher

3

SLIDE 6

Click Fraud: Old Scam

Advertiser Publisher

4

SLIDE 7

Click Fraud: Old Scam

Advertiser Publisher

Mexican Mexican

Now with Now with Jumping Jumping Beans! Beans!

Mexican Mexican

Now with Now with J u m p i n g B e a n s ! J u m p i n g B e a n s !

Mexican Mexican

Now with Now with Jumping Beans! Jumping Beans!

Mexican Mexican

Now with Now with Jumping Beans! Jumping Beans!

4

SLIDE 8

Click Fraud: Old Scam

Advertiser Publisher

Mexic Mexic an an Now Now with with Jumpi Jumpi ng ng Beans Beans ! Mexican Mexican Now with Now with Jumping Beans! Jumping Beans! Mexican Mexican Now with Now with Jumping Beans! Jumping Beans! Mexican Mexican Now with Now with Jumping Beans! Jumping Beans!

TRASH

4

SLIDE 9

Other Forms of Fraud

Dishonest Publisher gives handbills to

people who are not potential customers

Dishonest Competitor takes all of (honest)

Publisher’s flyers

How is the handbill problem solved?

Approach to Think About: What if the Advertiser requires the Publisher to get business cards from each recipient?

5

SLIDE 10

Click Fraud

New Technology not necessarily to blame

(Automation makes it worse, however)

Problem: Advertiser has limited control and

knowledge about Publisher behavior

6

SLIDE 11

Advertiser Publisher

J.com

Syndicator

S.com P.com Customer (Alice)

7

SLIDE 12

Mexican Mexican

Advertiser Publisher

J.com

Syndicator

S.com P.com Customer (Alice)

7

SLIDE 13

Mexican Mexican

Advertiser Publisher

J.com

Syndicator

S.com P.com Customer (Alice)

Mexican Mexican

7

SLIDE 14

Mexican Mexican

Advertiser Publisher

J.com

Syndicator

S.com P.com Customer (Alice)

Mexican Mexican

Welcome To P.com!

Mexican Mexican

7

SLIDE 15

Mexican Mexican

Advertiser Publisher

J.com

Syndicator

S.com P.com Customer (Alice)

Mexican Mexican

Welcome To P.com!

Mexican Mexican

Click!

7

SLIDE 16

Advertiser Publisher

J.com

Syndicator

S.com P.com Customer (Alice)

Welcome To P.com!

Mexican Mexican

8

SLIDE 17

Advertiser Publisher

J.com

Syndicator

S.com P.com Customer (Alice)

8

SLIDE 18

Advertiser Publisher

J.com

Syndicator

S.com P.com Customer (Alice)

8

SLIDE 19

Advertiser Publisher

J.com

Syndicator

S.com P.com Customer (Alice) $$$ $$

M e x i c a n M e x i c a n

Click!

9

SLIDE 20

$$

Publisher Syndicator

S.com P.com Customer (Alice)

M e x i c a n M e x i c a n

Click! Welcome To P.com!

Mexican Mexican

Click!

10

SLIDE 21

$$

Publisher Syndicator

S.com P.com Customer (Alice)

M e x i c a n M e x i c a n

Click! Welcome To P.com!

Mexican Mexican

Click!

11

SLIDE 22

Eliminate Bad Clicks?

Industry’s Responsibility
Unusual Economic Incentives
Tuzhilin Report (Lanes Gifts v. Google)
Conceptual Shifts:

per-impression > per-click > per-conversion?

Another approach: embrace good, don’t only

filter bad.

12

SLIDE 23

Customer (Alice) Token Approach

13

SLIDE 24

Customer (Alice) Token Approach

Click!

Publisher Syndicator

S.com P.com

M e x i c a n M e x i c a n

Click!

13

SLIDE 25

Customer (Alice) Token Approach

Click!

Publisher Syndicator

S.com P.com

M e x i c a n M e x i c a n

Click!

13

SLIDE 26

Customer (Alice) Token Approach

Click!

Publisher Syndicator

S.com P.com

M e x i c a n M e x i c a n

Click!

13

SLIDE 27

Token Approach

Token can be used to identify unique visit
Double-Clicks detectable
... Doesn’t Work!
Attacker can delete tokens, but we have to

support browsers without them!

Bots can have tokens too...

14

SLIDE 28

Attestor

A.com Customer (Alice) Token Approach

15

SLIDE 29

Attestor

A.com Customer (Alice) Token Approach $$$

(some transaction

f value)

15

SLIDE 30

Attestor

A.com Customer (Alice) Token Approach $$$

(some transaction

f value)

15

SLIDE 31

Attestor

A.com Customer (Alice) Token Approach

Click!

Publisher Syndicator

S.com P.com

M e x i c a n M e x i c a n

Click!

$$$

(some transaction

f value)

15

SLIDE 32

Token Approach

Token tells a bit about the clicker
E.g., “Alice just bought a new computer”
Must be a rare/one-time event
Like the Business card idea
Unforgeable Tokens (MAC)
Still Doesn’t Work
What about tokenless clicks?

16

SLIDE 33

Token Approach

Token gives a user special “value”
User doesn’t care (or notice)
Users without tokens treated normally
“Premium” clicks are those with tokens
Considered more “valuable”

17

SLIDE 34

First Challenge:

Cross-Domain Token-Passing

Possibility: Cookies
Third Party Cookies
First party + web bugs
Often Blocked!
Possibility: Cache Cookies
JJJ [Oakland ‘06]
Widely Supported
Cache Purging

18

SLIDE 35

Sidebar: Cache Cookies

X.com/cc.html Y.com/img[id].gif

CC: served once for caching 304’ed thereafter

19

SLIDE 36

Second Challenge:

Privacy

User (not click) Profiling
Token Data as Covert Channel
How to eliminate profiling and

covert disclosure?

Client-Readable Tokens
Shared MAC key

20

SLIDE 37

Our Implementation

Advertiser, Syndicator, Attestor, Publisher at

different sites/IPs/domains

Experience same as current systems
Engineering Challenges:
Need to couple token with Publisher ID:
btained from the referrer (via JavaScript)
Token Freshness

21

SLIDE 38

Mobile Implementations?

Web + Mobile = Popular
Iframes vs. Object tag
Wild & Crazy Mobile Browsers

22

SLIDE 39

Mobile Caches?

Internet

23

SLIDE 40

Mobile Caches?

Internet

24

SLIDE 41

Mobile Caches?

Internet

24

SLIDE 42

Mobile Caches?

Internet

24

SLIDE 43

Mobile Caches?

Internet

24

SLIDE 44

Limitations

Far from Perfect...
Malware-driven Clicks
Publisher Scripting Clicks
Token-Harvesting Clicks (not as strong)
Fraudulent or Dishonest Attestor
Better than Just Filtering
Tokens provide positive indicators

25

SLIDE 45

Conclusions

Shift from rejecting to embracing
Turns click payments into authentication
Techniques applicable to other forms

(conversions, impressions)

Future Work:
Which Attestors are Useful?
Mobile Ad Deployment?
Client-side Software?
New Advertising problems?
How much does privacy matter?

26

SLIDE 46

Combating Click Fraud Using Premium Clicks

Sid Stamm, RavenWhite Inc. and Indiana University

Joint Work With

Ari Juels†, RSA Laboratories, RSA/EMC Corp Markus Jakobsson, RavenWhite Inc.

† Research Performed at RavenWhite Inc.

27