Raj Mahato

Bio: Raj Mahato is an academic researcher from Microsoft. The author has contributed to research in topics: Click fraud & ZeroAccess botnet. The author has an hindex of 2, co-authored 3 publications receiving 31 citations.

Click Fraud Detection: Adversarial Pattern Recognition over 5 Years at Microsoft

Abstract: Microsoft adCenter is the third largest Search advertising platform in the United States behind Google and Yahoo, and services about 10 % of US traffic. At this scale of traffic approximately 1 billion events per hour, amounting to 2.3 billion ad dollars annually, need to be scored to determine if it is fraudulent or bot-generated [32, 37, 41]. In order to accomplish this, adCenter has developed arguably one of the largest data mining systems in the world to score traffic quality, and has employed them successfully over 5 years. The current paper describes the unique challenges posed by data mining at massive scale, the design choices and rationale behind the technologies to address the problem, and shows some examples and some quantitative results on the effectiveness of the system in combating click fraud.

Click fraud botnet detection by calculating mix adjusted traffic value: A method for de-cloaking click fraud attacks that is resistant to spoofing

Abstract: Click Fraud remains one of the most durable fraudulent schemes online. With 50 billion dollars being generated per year by Google alone, a fraudulent publisher is able to capture a significant amount of revenue with a small investment. The most well heeled click fraud attacks employ large distributed botnets, deceptive publisher pages, malware infection, and fake conversion “chaff” in an attempt to cloak fraudulent activity. We describe an algorithm that we call Mix Adjustment which corrects for traffic bias differences. The method is scalable and we show a simple implementation that can be applied to current weblog processing systems. We show two case studies of this algorithm on real fraud detection problems: (a) WOW Bot net detection, (b) Advertiser fraud detection.

Armored ads

Abstract: Ad Servers monetize by sending ads to a requesting publisher which renders them on their web page. The Publisher receives a commission if the ad is clicked. Unfortunately, fraudulent publishers may try to request ads and click on them through a variety of fraudulent schemes including robotic traffic, deceptive placement, and distribution across other sites. Armored ads are designed to thwart these attempts and are also designed to serve as a probe into whether traffic is human or robotic.

An Empirical Study of Click Fraud in Mobile Advertising Networks

Abstract: Smartphone advertisement is increasingly used among many applications and allows developers to obtain revenue through in-app advertising. Our study aims at identifying potential security risks of a type of mobile advertisement where advertisers are charged for their advertisements only when a user clicks (or touches) on the advertisements in their applications. In the Android platform, we design an automated click generation attack and empirically evaluate eight popular advertising networks by performing real attacks on them. Our experimental results show that six advertising networks (75%) out of eight (Millennial Media, App Lovin, Ad Fit, Mdot M, Rev Mob and Cauly Ads) are vulnerable to our attacks. We also discuss how to develop effective defense mechanisms to mitigate such automated click fraud attacks.

Clicktok: click fraud detection using traffic analysis

Abstract: Advertising is a primary means for revenue generation for millions of websites and smartphone apps. Naturally, a fraction abuse ad networks to systematically defraud advertisers of their money. Modern defences have matured to overcome some forms of click fraud but measurement studies have reported that a third of clicks supplied by ad networks could be clickspam. Our work develops novel inference techniques which can isolate click fraud attacks using their fundamental properties. We propose two defences, mimicry and bait-click, which provide clickspam detection with substantially improved results over current approaches. Mimicry leverages the observation that organic clickfraud involves the reuse of legitimate click traffic, and thus isolates clickspam by detecting patterns of click reuse within ad network clickstreams. The bait-click defence leverages the vantage point of an ad network to inject a pattern of bait clicks into a user's device. Any organic clickspam generated involving the bait clicks will be subsequently recognisable by the ad network. Our experiments show that the mimicry defence detects around 81% of fake clicks in stealthy (low rate) attacks, with a false-positive rate of 110 per hundred thousand clicks. Similarly, the bait-click defence enables further improvements in detection, with rates of 95% and a reduction in false-positive rates of between 0 and 30 clicks per million - a substantial improvement over current approaches.

A survey on Botnet: Classification, detection and defense

Abstract: In recent years, Botnets have become an important security problem on the Internet. Botnets have been used for many attacks, such as banking information theft, spam, distributed denial-of-service, identity theft and phishing. Then, they have been proposed as a major research topic in the network security. Although there are several surveys on the Botnets, they usually do not include a complete review on Botnet phenomenon. This paper is a survey on Botnets and provides a brief of classifications, techniques and algorithms of Botnet detection and defense. In this survey, we provide a comparison on existing research. We present an overview of studies on Botnet and discuss in detail including topologies, architectures, communication protocols, infection mechanisms, attacks, purposes, prevention techniques, detection sources and data, detection techniques and algorithms, and response techniques.

Online Ad-fraud in Search Engine Advertising Campaigns

Abstract: Search Engine Advertising has grown strongly in recent years and amounted to about USD 60 billion in 2014. Based on real-world data of online campaigns of 28 companies, we analyse the incident of a hacked campaign-account. We describe the occurred damage, i.e. (1) follow-up consequences of unauthorized access to the account of the advertiser, and (2) limited availability of short-term online campaigns. This contribution aims at raising awareness for the threat of hacking incidents during online marketing campaigns, and provides suggestions as well as recommendations for damage prevention, damage detection and damage limitation.

Fraud Detection and Prevention by using Big Data Analytics

Abstract: A retail sector is a group of organization or people who sell goods or services for gaining income. Fraud is wrongful or criminal activities for the economic and personal benefits. Fraud detection is finding actual or expected fraud which takes place in an organization and in the retail market is one of the challenging aspects. Fraud is mischievous activities occur in retail sector includes shoplifting, skimming, replicating cards from skimmed data, counterfeiting, bar code or POS(Point-of-Sale) manipulation, contamination, mislabeling, substitute cheaper ingredients instead of high-quality ingredients. Fraudulent activities occur in the retail sector by both consumer and supplier. Analyzing financial crimes related to fraudulent activities is difficult where traditional data mining techniques fail to address all of them. Big data analytics is used to identify an unusual pattern to detect and prevent fraud in the retail sector. Various predictive analytics tools are used to handle massive data and their pattern.