We propose new techniques to combat the problem of click fraud in pay-per-click (PPC) systems. Rather than adopting the common approach of filtering out seemingly fraudulent clicks, we consider instead an affirmative approach that only accepts legitimate clicks, namely those validated through client authentication. Our system supports a new advertising model in which "premium" validated clicks assume higher value than ordinary clicks of more uncertain authenticity. Click validation in our system relies upon sites sharing evidence of the legitimacy of users (distinguishing them from bots, scripts, or fraudsters). As cross-site user tracking raises privacy concerns among many users, we propose ways to make the process of authentication anonymous. Our premium-click scheme is transparent to users. It requires no client-side changes and imposes minimal overhead on participating Web sites.
[1]
Marc Joye,et al.
A Practical and Provably Secure Coalition-Resistant Group Signature Scheme
,
2000,
CRYPTO.
[2]
Markus Jakobsson,et al.
Cache cookies for browser authentication
,
2006,
2006 IEEE Symposium on Security and Privacy (S&P'06).
[3]
Hugo Krawczyk,et al.
Keying Hash Functions for Message Authentication
,
1996,
CRYPTO.
[4]
Markus Jakobsson,et al.
Warkitting: The Drive-by Subversion of Wireless Home Routers
,
2006,
J. Digit. Forensic Pract..
[5]
Alex Tsow.
Phishing with Consumer Electronics - Malicious Home Routers
,
2006,
MTW.
[6]
Markus Jakobsson,et al.
Badvertisements: Stealthy Click-Fraud with Unwitting Accessories
,
2006,
J. Digit. Forensic Pract..
[7]
Markus Jakobsson,et al.
Drive-By Pharming
,
2007,
ICICS.