Click fraud

Abstract: Systems and methods for detecting instances of click fraud are disclosed. Click fraud occurs when, for example, a user, malware, bot, or the like, clicks on a pay per click advertisement (e.g., hyperlink), a paid search listing, or the like without a good faith interest in the underlying subject of the hyperlink. Such fraudulent clicks can be expensive for an advertising sponsor. Statistical information, such as ratios of unpaid clicks to pay per clicks, are extracted from an event database. The statistical information of global data is used as a reference data set to compare to similar statistical information for a local data set under analysis. In one embodiment, when the statistical data sets match relatively well, no click fraud is determined to have occurred, and when the statistical data sets do not match relatively well, click fraud is determined to have occurred.

Abstract: This paper provides a detailed case study of the architecture of the Clickbot. A botnet that attempted a low-noise click fraud attack against syndicated search engines. The botnet of over 100,000 machines was controlled using a HTTP-based botmaster. Google identified all clicks on its ads exhibiting Clickbot. Alike patterns and marked them as invalid. We disclose the results of our investigation of this botnet to educate the security research community and provide information regarding the novelties of the attack.

Abstract: With the rapid growth of the Internet, online advertisement plays a more and more important role in the advertising market. One of the current and widely used revenue models for online advertising involves charging for each click based on the popularity of keywords and the number of competing advertisers. This pay-per-click model leaves room for individuals or rival companies to generate false clicks (i.e., click fraud), which pose serious problems to the development of healthy online advertising market. To detect click fraud, an important issue is to detect duplicate clicks over decaying window models, such as jumping windows and sliding windows. Decaying window models can be very helpful in defining and determining click fraud. However, although there are available algorithms to detect duplicates, there is still a lack of practical and effective solutions to detect click fraud in pay-per-click streams over decaying window models. In this paper, we address the problem of detecting duplicate clicks in pay-per-click streams over jumping windows and sliding windows, and are the first that propose two innovative algorithms that make only one pass over click streams and require significantly less memory space and operations. GBF algorithm is built on group Bloom filters which can process click streams over jumping windows with small number of sub-windows, while TBF algorithm is based on a new data structure called timing Bloom filter that detects click fraud over sliding windows and jumping windows with large number of sub-windows. Both GBF algorithm and TBF algorithm have zero false negative. Furthermore, both theoretical analysis and experimental results show that our algorithms can achieve low false positive rate when detecting duplicate clicks in pay-per-click streams over jumping windows and sliding windows.

Abstract: Improved capabilities are disclosed for receiving a request to connect to sponsored content from a mobile communication facility, receiving information relating to a characteristic associated with the mobile communication facility, and assessing the appropriateness of the request based at least in part on the information relating to the characteristic. Based at least in part on the assessed appropriateness, a mobile communication facility user's assess to content may be determined. These and other capabilities are employed to decrease the likelihood of fraudulent user interaction with content presented to a mobile communication facility.