Smart Mobile Bot Detection Through Behavioral Analysis

  • Iroshan AberathneEmail author
  • Chamila Walgampaya
Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 38)


Mobile advertising became a huge financial pillar due to drastic increase in smartphones and tablets usage in recent years. This huge-revenue ecosystem is severely thwarted by ad fraud due to large sum of money available in this market. Trained botnets and even individuals are hired by click-fraud specialists in order to maximize the revenue of certain users from the ads they publish on their Web sites or to launch an attack between competing businesses. This study proposes a novel and far efficient real-time approach to identify and categorize real mobile users over click bots through behavioral analysis. To validate the effectiveness of our approach, Real Time Mobile Bot Miner (RTMBM), an architecture based on the proposed methodologies has been implemented. The concept behind the RTMBM is how a user reacts to unexpected/dynamic User Interface (UI) changes in a Web page. Experimental results show two unique behavioral patterns of a real mobile user after an unexpected UI change occurred. The results can easily be adapted to any existing Web site to differentiate a given user from a click bot. This could even be more convenient than identifying captchas, filling text, etc.


Mobile click fraud Click bot Behavioral analysis 


  1. 1.
    Cho G, Cho J, Song Y, Choi D, Kim H (2016) Combating online fraud attacks in mobile-based advertising. EURASIP J Inf Secur 2016(1):1CrossRefGoogle Scholar
  2. 2.
    Alrwais SA, Gerber A, Dunn CW, Spatscheck O, Gupta M, Osterweil E (2012) Dissecting ghost clicks: Ad fraud via misdirected human clicks. In: Proceedings of the 28th annual computer security applications conference. ACM, pp 21–30Google Scholar
  3. 3.
    Li W, Li H, Chen H, Xia Y (2015) Adattester: secure online mobile advertisement attestation using trustzone. In: Proceedings of the 13th annual international conference on mobile systems, applications, and services. ACM, pp 75–88Google Scholar
  4. 4.
    Grewal D, Bart Y, Spann M, Zubcsek PP (2016) Mobile advertising: a framework and research agenda. J Mach Learn Res 15(1):99–140Google Scholar
  5. 5.
    Liu B, Nath S, Govindan R, Liu J (2014) DECAF: detecting and characterizing ad fraud in mobile apps. In: 11th USENIX symposium on networked systems design and implementation (NSDI 14), pp 57–70Google Scholar
  6. 6.
    Wilbur KC, Zhu Y (2009) Click fraud. Mark Sci 28(2):293–308CrossRefGoogle Scholar
  7. 7.
    HummingBad Research report FINAL 62916Google Scholar
  8. 8.
    Amini P, Araghizadeh MA, Azmi R (2015) A survey on botnet: classification, detection and defense. In: 2015 International electronics symposium (IES). IEEE, pp 233–238Google Scholar
  9. 9.
    Costa RA, de Queiroz RJ, Cavalcanti ER (2012) A proposal to prevent click-fraud using clickable CAPTCHAs. In: 2012 IEEE sixth international conference on software security and reliability companion (SERE-C). IEEE, pp. 62–67Google Scholar
  10. 10.
    Mann CC (2006) How click fraud could swallow the internet. Wired Mag 17–20Google Scholar
  11. 11.
    Kitts B, Zhang JY, Wu G, Brandi W, Beasley J, Morrill K, Ettedgui J, Siddhartha S, Yuan H, Gao F, Azo P (2015) Click fraud detection: adversarial pattern recognition over 5 years at microsoft. Real world data mining applications. Springer International Publishing, Berlin, pp 181–201Google Scholar
  12. 12.
    Haddadi H (2010) Fighting online click-fraud using bluff ads. ACM SIGCOMM Comput Commun Rev 40(2):21–25MathSciNetCrossRefGoogle Scholar
  13. 13.
    Juels A, Stamm S, Jakobsson M (2007) Combating click fraud via premium clicks. In: USENIX security, vol 70Google Scholar
  14. 14.
    Blundo C, Cimato S (2002) SAWM: a tool for secure and authenticated web metering. In: Proceedings of the 14th international conference on software engineering and knowledge engineering. ACM, pp 641–648Google Scholar
  15. 15.
    Metwally A, Agrawal D, El Abbadi A (2007) Detectives: detecting coalition hit inflation attacks in advertising networks streams. In: Proceedings of the 16th international conference on World Wide Web. ACM, pp 241–250Google Scholar
  16. 16.
    Immorlica N, Jain K, Mahdian M, Talwar K (2005) Click fraud resistant methods for learning click-through rates. In: International workshop on internet and network economics. Springer, Berlin, pp 34–45Google Scholar
  17. 17.
    Crussell J, Stevens R, Chen H (2014) Madfraud: investigating ad fraud in android applications. In: Proceedings of the 12th annual international conference on mobile systems, applications, and services. ACM, pp 123–134Google Scholar
  18. 18.
    Cho G, Cho J, Song Y, Kim H (2015) An empirical study of click fraud in mobile advertising networks. In: 2015 10th International conference on availability, reliability and security (ARES). IEEE, pp 382–388Google Scholar
  19. 19.
    Xu H, Liu D, Koehl A, Wang H, Stavrou A (2014) Click fraud detection on the advertiser side. European symposium on research in computer security. Springer International Publishing, Berlin, pp 419–438Google Scholar
  20. 20.
    Oentaryo RJ, Lim EP, Finegold M, Lo D, Zhu F, Phua C, Cheu EY, Yap GE, Sim K, Nguyen MN, Perera KS (2014) Detecting click fraud in online advertising: a data mining approach. J Mach Learn Res 15(1):99–140MathSciNetGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  1. 1.Faculty of EngineeringUniversity of PeradeniyaPeradeniyaSri Lanka

Personalised recommendations