Follow The Traffic: Stopping Click Fraud By Disrupting The Value Chain

Advertising fraud, particularly click fraud, is a growing concern for the online advertising industry. The use of click bots, malware that automatically clicks on ads to generate fraudulent traffic, has steadily increased over the last years. While the security industry has focused
on detecting and removing malicious binaries associated with click bots, a better understanding of how fraudsters operate within the ad ecosystem is needed to be able to disrupt it efficiently. This paper provides a detailed dissection of the advertising fraud scheme employed by Boaxxe, a malware
specializing in click fraud. By monitoring its activities during a 7-month longitudinal study, we were able to create of map of the actors involved in the ecosystem enabling this fraudulent activity. We then compared different metrics to select the best set of key actors of this ecosystem. We found that the Keyplayer technique is the most suitable to effectively influence this ecosystem in order to maximize disruption of click-fraud monetization. The results show that it would be possible to efficiently disrupt the ability of click-fraud traffic to enter the legitimate market by pressuring a limited number of these actors. We assert that this approach would produce better long term effects than the use of take downs as it
renders the ecosystem unusable for monetization.

Ce contenu a été mis à jour le 26 avril 2017 à 21 h 49 min.