Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
143 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
46 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

The Devil is in the Details: Analyzing the Lucrative Ad Fraud Patterns of the Online Ad Ecosystem (2306.08418v2)

Published 14 Jun 2023 in cs.CY

Abstract: The online advertising market has recently reached the 500 billion dollar mark. To accommodate the need to match a user with the highest bidder at a fraction of a second, it has moved towards a complex, automated and often opaque model that involves numerous agents and intermediaries. Stimulated by the lack of transparency, but also the enormous potential profits, bad actors have found ways to circumvent restrictions, and generate substantial revenue that can support websites with objectionable or even illegal content. In this work, we evaluate transparency Web standards and show how shady actors take advantage of gaps in these standards to absorb ad revenues while putting the brand safety of advertisers in danger. We collect and study a large corpus of hundreds of thousands of websites and show how ad transparency standards can be abused by bad actors to obscure ad revenue flows. We show how identifier pooling can redirect ad revenues from reputable domains to notorious domains serving objectionable content and that the phenomenon is underestimated by previous studies by a factor of 15. Finally, we publish a Web monitoring service that enhances the transparency of supply chains and business relationships between publishers and ad networks.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (73)
  1. Adalytics. Are google’s ad exchange & fortune 500 advertisers working with treasury sanctioned websites in russia, iran, & syria? https://adalytics.io/blog/adtech-sanctions, 2023.
  2. Clickjacking revisited: A perceptual view of {{\{{UI}}\}} security. In 8th {normal-{\{{USENIX}normal-}\}} Workshop on Offensive Technologies ({normal-{\{{WOOT}normal-}\}} 14), 2014.
  3. Fraud in online classified ads: Strategies, risks, and detection methods: A survey. Journal of Applied Security Research, pages 1–25, 2022.
  4. Anonymous Author. Open-source data and source code. https://anonymous.4open.science/r/Ad-Abuse-4781/, 2023.
  5. Fake news and the economy of emotions: Problems, causes, solutions. Digital journalism, 6(2):154–175, 2018.
  6. A longitudinal analysis of the ads. txt standard. In Proceedings of the Internet Measurement Conference, pages 294–307, 2019.
  7. Brand safety: the effects of controversial video content on pre-roll advertising. Heliyon, 4(12):e01041, 2018.
  8. Market forces: Quantifying the role of top credible ad servers in the fake news ecosystem. In ICWSM, pages 83–94, 2021.
  9. Google Help Center. Exclude specific webpages and videos. https://support.google.com/google-ads/answer/2454012, 2022.
  10. Sudipto Chandra. Lightnovel crawler. https://github.com/dipu-bd/lightnovel-crawler, 2022.
  11. Media Bias/Fact Check. Search and learn the bias of news media. https://mediabiasfactcheck.com/, 2022.
  12. Behind the tube: Exploitative monetization of content on {{\{{YouTube}}\}}. In 31st USENIX Security Symposium (USENIX Security 22), pages 2171–2188, 2022.
  13. The Gaming Commission. The regulator of the gambling sector in belgium. https://www.gamingcommission.be/en, 2023.
  14. Robert Cookson. Jihadi website with beheadings profited from google ad platform. https://www.ft.com/content/b06d18c0-1bfb-11e6-8fa5-44094f6d9c46/, 2016.
  15. Ethan Cramer-Flood. Worldwide ad spending 2022. https://www.insiderintelligence.com/content/worldwide-ad-spending-2022/, 2022.
  16. Leslie Daigle. Whois protocol specification. http://www.ietf.org/rfc/rfc3912.txt, 2004.
  17. Viceroi: Catching click-spam in search ad networks. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 765–776, 2013.
  18. John Ellis. Dear google: Please stop using my advertising dollars to monetize hate speech. https://qz.com/1177168/dear-google-please-stop-using-my-advertising-dollars-to-monetize-hate-speech/, 2018.
  19. Badvertisements: Stealthy click-fraud with unwitting accessories. Journal of Digital Forensic Practice, 1(2):131–142, 2006.
  20. Best paper – follow the money: Understanding economics of online aggregation and advertising. In Proceedings of the 2013 Conference on Internet Measurement Conference, IMC ’13, page 141–148, New York, NY, USA, 2013. Association for Computing Machinery.
  21. Google. Certified publishing partner. https://www.google.com/ads/publisher/partners/, 2023.
  22. Google. Google safe browsing. https://transparencyreport.google.com/safe-browsing/search, 2023.
  23. Google. Identifying sellers through sellers.json. https://support.google.com/authorizedbuyers/answer/9895942, 2023.
  24. Google. See how much you could earn from adsense. https://adsense.google.com/start/#calculator, 2023.
  25. On the infrastructure providers that support misinformation websites. In Proceedings of the International AAAI Conference on Web and Social Media, volume 16, pages 287–298, 2022.
  26. James Hercher. Google strengthens ads.txt enforcement. https://www.adexchanger.com/ad-exchange-news/google-strengthens-ads-txt-enforcement/, 2018.
  27. NortonLifeLock Inc. Is this website safe. https://safeweb.norton.com/, 2023.
  28. The menlo report: Ethical principles guiding information and communication technology research. Available at SSRN 2445102, 2012.
  29. The economics of “fake news”. IT Professional, 19(6):8–12, 2017.
  30. IAB Technology Laboratory. Brand safety & suitability. https://www.iab.com/topics/brand-safety/.
  31. IAB Technology Laboratory. sellers.json specification. https://iabtechlab.com/wp-content/uploads/2019/07/Sellers.json_Final.pdf, 2019.
  32. IAB Technology Laboratory. ads.txt crawler. https://github.com/InteractiveAdvertisingBureau/adstxtcrawler, 2020.
  33. IAB Technology Laboratory. ads.txt specification version 1.1. https://iabtechlab.com/wp-content/uploads/2022/04/Ads.txt-1.1.pdf, 2033.
  34. An audit of facebook’s political ad policy enforcement. In 31st USENIX Security Symposium (USENIX Security 22), pages 607–624, 2022.
  35. Tranco: A research-oriented top sites ranking hardened against manipulation. In Network and Distributed System Security Symposium, NDSS ’21, 2019.
  36. Sara Lebow. Worldwide digital ad spend will top $600 billion this year. https://www.insiderintelligence.com/content/worldwide-digital-ad-spend-will-top-600-billion-this-year, 2023.
  37. Adcube: Webvr ad fraud and practical confinement of third-party ads. In USENIX Security Symposium, pages 2543–2560, 2021.
  38. Similarweb LTD. Website traffic - check and analyze any website. https://www.similarweb.com/, 2023.
  39. From whois to whowas: A large-scale measurement study of domain registration privacy under the gdpr. In NDSS, 2021.
  40. A study of the partnership between advertisers and publishers. In Passive and Active Measurement: 22nd International Conference, PAM 2021, Virtual Event, March 29–April 1, 2021, Proceedings 22, pages 564–580. Springer, 2021.
  41. Understanding the detection of view fraud in video content portals. In Proceedings of the 25th International Conference on World Wide Web, pages 357–368, 2016.
  42. Online tracking and publishers’ revenues: An empirical analysis. In Workshop on the Economics of Information Security, 2019.
  43. Your online interests: Pwned! a pollution attack against targeted advertising. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 129–140, 2014.
  44. Trend Micro. Site safety center. https://global.sitesafety.trendmicro.com/, 2023.
  45. Christine Moorman. Return to normalcy? leading marketing in a post-covid era. https://cmosurvey.org/return-to-normalcy-leading-marketing-in-a-post-covid-era/, 2022.
  46. A case study in monetizing piracy: Mangaowl and chessmoba.us. https://deepsee.io/blog/a-case-study-in-monetizing-piracy, 2021.
  47. So that’s how breitbart is still making money. https://checkmyads.org/branded/so-thats-how-breitbart-is-still-making/, 2020.
  48. Kargo’s "no fake news" guarantee is fake news. https://checkmyads.org/branded/kargos-no-fake-news-guarantee-is/, 2021.
  49. NextDNS. Piracy blocklists. https://github.com/nextdns/piracy-blocklists, 2022.
  50. Youradvalue: Measuring advertising price dynamics without bankrupting user privacy. Proceedings of the ACM on Measurement and Analysis of Computing Systems, 5(3):1–26, 2021.
  51. Leveraging google’s publisher-specific ids to detect website administration. In Proceedings of the ACM Web Conference 2022, WWW ’22, page 2522–2531, New York, NY, USA, 2022. Association for Computing Machinery.
  52. Who funds misinformation? a systematic analysis of the ad-related profit routines of fake news sites. In Proceedings of the ACM Web Conference 2023, WWW ’23, page 2765–2776, New York, NY, USA, 2023. Association for Computing Machinery.
  53. If you are not paying for it, you are the product: How much do advertisers pay to reach you? In Proceedings of the 2017 Internet Measurement Conference, pages 142–156, 2017.
  54. Establishing trust in online advertising with signed transactions. IEEE Access, 9:2401–2414, 2020.
  55. Reddit. Ads.txt is already a complete joke, look at what revcontent requires publishers to put up. https://www.reddit.com/r/adops/comments/9uzv9r/adstxt_is_already_a_complete_joke_look_at_what/, 2018.
  56. Reddit. About chill-game or any other domains, we might use in the future! https://www.reddit.com/r/AnimeOWL/comments/jth9do/about_chillgame_or_any_other_domains_we_might_use/, 2020.
  57. Reddit. So mangago has new sites and i have a question on if they’re safe. https://www.reddit.com/r/mangago/comments/p4hmtr/so_mangago_has_new_sites_and_i_have_a_question_on/, 2021.
  58. Ethical research standards in a world of big. F1000Research, 3, 2014.
  59. The risk of programmatic advertising: Effects of website quality on advertising effectiveness. International Journal of Research in Marketing, 38(3):663–677, 2021.
  60. SimilarWeb. Top animation and comics websites. https://www.similarweb.com/top-websites/arts-and-entertainment/animation-and-comics/, 2022.
  61. Impression fraud in on-line advertising via pay-per-view networks. In USENIX Security Symposium, pages 211–226, 2013.
  62. SSLTrust. Free website safety & security check. https://www.ssltrust.com.au/ssl-tools/website-security-check, 2023.
  63. Understanding fraudulent activities in online ad exchanges. In Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, pages 279–294, 2011.
  64. Understanding and detecting mobile ad fraud through the lens of invalid traffic. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pages 287–303, 2021.
  65. Joe Tacopino. Mercedes-benz, honda among companies with ads on jihadist websites. https://nypost.com/2017/02/09/mercedes-benz-honda-among-companies-with-ads-on-jihadist-websites/, 2017.
  66. TagoDR. Manga onlineviewer. https://github.com/TagoDR/MangaOnlineViewer, 2022.
  67. Magnite Team. On content standards. https://www.magnite.com/blog/on-content-standards/, 2020.
  68. Ad injection at scale: Assessing deceptive advertisement modifications. In 2015 IEEE Symposium on Security and Privacy, pages 151–167. IEEE, 2015.
  69. Anshuman Verma. Awesome anime sources. https://github.com/anshumanv/awesome-anime-sources, 2022.
  70. VirusTotal. https://www.virustotal.com, 2023.
  71. Bad news: Clickbait and deceptive ads on news and misinformation websites. In Workshop on Technology and Consumer Protection, 2020.
  72. All your clicks belong to me: Investigating click interception on the web. In USENIX Security Symposium, pages 941–957, 2019.
  73. Dissecting click fraud autonomy in the wild. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pages 271–286, 2021.
Citations (2)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets