Annual Computer Security Applications Conference (ACSAC) 2012

Full Program »

Dissecting Ghost Clicks: Ad Fraud Via Misdirected Human Clicks

FBI's Operation Ghost Click, the largest cybercriminal takedown in history, recently took down an ad fraud infrastructure that affected 4 million users and made its owners 14 million USD over a period of four years. The attackers hijacked clicks and ad impressions on victim machines infected by a DNS changer malware to earn ad revenue fraudulently. We experimented with the attack infrastructure when it was in operation and present a detailed account of the attackers' modus operandi. We also study the impact of this attack on real-world users and find that 37 subscriber lines were impacted in our data set. Also, 20 ad networks and 257 legitimate Web content publishers lost ad revenue while the attackers earned revenue convincing a dozen other ad networks that their ads were served on websites with real visitors. Our work expands the understanding of modalities of ad fraud and could help guide appropriate defense strategies.

Author(s):

Sumayah A. Alrwais    
Indiana University
United States

Christopher W. Dunn    
Indiana University
United States

Minaxi Gupta    
Indiana University
United States

Alexandre Gerber    
AT&T Labs-Research
United States

Oliver Spatscheck    
AT&T Labs-Research
United States

Eric Osterweil    
Verisign Labs
United States

 

Powered by OpenConf®
Copyright©2002-2014 Zakon Group LLC