Understanding and Detecting Mobile Ad Fraud through the Lens of Invalid Traffic
| dc.contributor.author | Sun, S. | |
| dc.contributor.author | Yu, L. | |
| dc.contributor.author | Zhang, X. | |
| dc.contributor.author | Xue, M. | |
| dc.contributor.author | Zhou, R. | |
| dc.contributor.author | Zhu, H. | |
| dc.contributor.author | Hao, S. | |
| dc.contributor.author | Lin, X. | |
| dc.contributor.conference | ACM SIGSAC Conference on Computer and Communications Security (CCS) (15 Nov 2021 - 19 Nov 2021 : virtual online) | |
| dc.date.issued | 2021 | |
| dc.description | Session 1D: Authentication and Click Fraud | |
| dc.description.abstract | Along with gaining popularity of Real-Time Bidding (RTB) based programmatic advertising, the click farm based invalid traffic, which leverages massive real smartphones to carry out large-scale ad fraud campaigns, is becoming one of the major threats against online advertisement. In this study, we take an initial step towards the detection and large-scale measurement of the click farm based invalid traffic. Our study begins with a measurement on the device's features using a real-world labeled dataset, which reveals a series of features distinguishing the fraudulent devices from the benign ones. Based on these features, we develop EvilHunter, a system for detecting fraudulent devices through ad bid request logs with a focus on clustering fraudulent devices. EvilHunter functions by 1) building a classifier to distinguish fraudulent and benign devices; 2) clustering devices based on app usage patterns; and 3) relabeling devices in clusters through majority voting. EvilHunter demonstrates 97% precision and 95% recall on a real-world labeled dataset. By investigating a super click farm, we reveal several cheating strategies that are commonly adopted by fraudulent clusters. We further reduce the overhead of EvilHunter and discuss how to deploy the optimized EvilHunter in a real-world system. We are in partnership with a leading ad verification company to integrate EvilHunter into their industrial platform. | |
| dc.description.statementofresponsibility | Suibin Sun, Le Yu, Xiaokuan Zhang, Minhui Xue, Ren Zhou, Haojin Zhu, Shuang Hao, Xiaodong Lin | |
| dc.identifier.citation | Proceedings of the ACM Conference on Computer and Communications Security, 2021, pp.287-303 | |
| dc.identifier.doi | 10.1145/3460120.3484547 | |
| dc.identifier.isbn | 9781450384544 | |
| dc.identifier.issn | 1543-7221 | |
| dc.identifier.orcid | Xue, M. [0000-0001-5411-5039] [0000-0002-9172-4252] | |
| dc.identifier.uri | https://hdl.handle.net/2440/135346 | |
| dc.language.iso | en | |
| dc.publisher | Association for Computing Machinery | |
| dc.relation.grant | http://purl.org/au-research/grants/arc/DP210102670 | |
| dc.rights | © 2021 Association for Computing Machinery. | |
| dc.source.uri | https://dl.acm.org/doi/proceedings/10.1145/3460120 | |
| dc.subject | Invalid traffic | |
| dc.subject | Ad fraud | |
| dc.subject | Click farm | |
| dc.title | Understanding and Detecting Mobile Ad Fraud through the Lens of Invalid Traffic | |
| dc.type | Conference paper | |
| pubs.publication-status | Published |