Follow the traffic: Stopping click fraud by disrupting the value chain

Advertising fraud, particularly click fraud, is a growing concern for the online advertising industry. The use of click bots, malware that automatically clicks on ads to generate fraudulent traffic, has steadily increased over the last years. While the security industry has focused on detecting and removing malicious binaries associated with click bots, a better understanding of how fraudsters operate within the ad ecosystem is needed to be able to disrupt it efficiently. This paper provides a detailed dissection of the advertising fraud scheme employed by Boaxxe, a malware specializing in click fraud. By monitoring its activities during a 7-month longitudinal study, we were able to create of map of the actors involved in the ecosystem enabling this fraudulent activity. We then applied a Social Network Analysis (SNA) technique to identify the key actors of this ecosystem that could be effectively influenced in order to maximize disruption of click-fraud monetization. The results show that it would be possible to efficiently disrupt the ability of click-fraud traffic to enter the legitimate market by pressuring a limited number of these actors. We assert that this approach would produce better long term effects than the use of take downs as it renders the ecosystem unusable for monetization.

Ce contenu a été mis à jour le 23 mars 2021 à 17 h 01 min.