Annual Computer Security Applications Conference (ACSAC) 2012

Full Program »

Dissecting Ghost Clicks: Ad Fraud Via Misdirected Human Clicks

Paper
View File
pdf
300KB

Sumayah A. Alrwais
Indiana University
United States

Christopher W. Dunn
Indiana University
United States

Minaxi Gupta
Indiana University
United States

Alexandre Gerber
AT&T Labs-Research
United States

Oliver Spatscheck
AT&T Labs-Research
United States

Eric Osterweil
Verisign Labs
United States

Abstract:
FBI's Operation Ghost Click, the largest cybercriminal takedown in history, recently took down an ad fraud infrastructure that affected 4 million users and made its owners 14 million USD over a period of four years. The attackers hijacked clicks and ad impressions on victim machines infected by a DNS changer malware to earn ad revenue fraudulently. We experimented with the attack infrastructure when it was in operation and present a detailed account of the attackers' modus operandi. We also study the impact of this attack on real-world users and find that 37 subscriber lines were impacted in our data set. Also, 20 ad networks and 257 legitimate Web content publishers lost ad revenue while the attackers earned revenue convincing a dozen other ad networks that their ads were served on websites with real visitors. Our work expands the understanding of modalities of ad fraud and could help guide appropriate defense strategies.

 

Powered by OpenConf®
Copyright ©2002-2012 Zakon Group LLC