An Effective Method for Combating Malicious Scripts Clickbots

  • Yanlin Peng
  • Linfeng Zhang
  • J. Morris Chang
  • Yong Guan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5789)


Online advertising has been suffering serious click fraud problem. Fraudulent publishers can generate false clicks using malicious scripts embedded in their web pages. Even widely-used security techniques like iframe cannot prevent such attack. In this paper, we propose a framework and associated methodologies to automatically and quickly detect and filter false clicks generated by malicious scripts. We propose to create an impression-click identifier which is able to link corresponding impressions and clicks together with a predefined lifetime. The impression-click identifiers are stored in a special data structure and can be later validated upon a click is received. The framework has the nice features of constant-time inserting and querying, low false positive rate and low quantifiable false negative rate. From our experimental evaluation on a primitive PC machine, our approach can achieve a false negative rate 0.00008 using 120MB memory and average inserting and querying time is 3 and 1 microseconds, respectively.


Online Advertising Networks Click Fraud Network Forensics Attack Detection 


  1. 1.
    PricewaterhouseCoopers, Iab internet advertising revenue report, 2008 full-year results,
  2. 2.
    Mitchell, S.P., Linden, J.: Click fraud: What is it and how do we make it go away (December 2006),
  3. 3.
    Survey, O.: Hot topics: Click Fraud Reaches $1.3 Billion, Dictates End of “Don’t ask, Don’t Tell” Era,
  4. 4.
    Click Forensics, Inc., Industry Click Fraud Rate Higher Than Ever Reaching 17.1% in Q4 (2008),
  5. 5.
    Mills, E.: Google Click Fraud Settlement Given Go-Ahead (July 2006),
  6. 6.
    Liedtke, M.: Yahoo Settles Click Fraud Lawsuit (June 2006),
  7. 7.
    Daswani, N., Stoppelman, M.: The Anatomy of Clickbot.A. In: Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets, p. 11 (2007)Google Scholar
  8. 8.
    Think Digit Magazine, Clickety-clack: Googlewhack! (November 2007),
  9. 9.
    Tuzhilin, A.: The Lane’s Gifts v. Google Report. Tech. Rep. (2006),
  10. 10.
    Metwally, A., Agrawal, D., Abbad, A.E., Zheng, Q.: On Hit Inflation Techniques and Detection in Streams of Web Advertising Networks. In: ICDCS 2007, p. 52 (2007)Google Scholar
  11. 11.
    Daswani, N., Mysen, C., Rao, V., Weis, S., Gharachorloo, K., Ghosemajumder, S.: Crimeware: Understanding New Attacks and Defenses, 1st edn., vol. 11, pp. 325–354. Addison-Wesley, Reading (2008)Google Scholar
  12. 12.
    Metwally, A., Agrawal, D., Abbadi, A.E.: Duplicate Detection in Click Streams. In: WWW 2005, pp. 12–21 (2005)Google Scholar
  13. 13.
    Zhang, L., Guan, Y.: Detecting Click Fraud in Pay-Per-Click Streams of Online Advertising Networks. In: ICDCS 2008 (June 2008)Google Scholar
  14. 14.
    Juels, A., Stamm, S., Jakobsson, M.: Combating Click Fraud via Premium Clicks. In: 16th USENIX Security Symposium, pp. 17–26 (2007)Google Scholar
  15. 15.
    Gandhi, M., Jakobsson, M., Ratkiewicz, J.: Badvertisements: Stealthy Click-Fraud with Unwitting Accessories. Journal of Digital Forensic Practice 1(2), 131–142 (2006)CrossRefGoogle Scholar
  16. 16.
    Chellapilla, K., Maykov, A.: A taxonomy of JavaScript redirection spam. In: AIRWeb 2007: Proceedings of the 3rd international workshop on Adversarial information retrieval on the web, pp. 81–88 (2007)Google Scholar
  17. 17.
    Broder, A., Mitzenmacher, M.: Network Applications of Bloom Filters: A Survey. Internet Mathematics 1, 485–509 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
  19. 19.
    McGann, R.: Study: Consumers delete cookies at surprising rate (March 2005),
  20. 20.
    Daswani, N., Kern, C., Kesavan, A.: Foundations of Security: What Every Programmer Needs to Know. Apress (February 2007)Google Scholar
  21. 21.
    Peng, Y., Zhang, L., Chang, J.M., Guan, Y.: An Effective Method for Combating Malicious Scripts Clickbots, Tech Report,

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Yanlin Peng
    • 1
  • Linfeng Zhang
    • 1
  • J. Morris Chang
    • 1
  • Yong Guan
    • 1
  1. 1.Iowa State UniversityAmesUSA

Personalised recommendations