Category: CS and IS

Academic articles within the disciplines of computer science and information systems.

Posted on

Accountable? The Problems and Solutions of Online Ad Optimization

Edelman, Benjamin. “Accountable? The Problems and Solutions of Online Ad Optimization.” IEEE Security & Privacy 12, no. 6 (November-December 2014): 102-107.

Online advertising might seem to be the most measurable form of marketing ever invented. Comprehensive records can track who clicked what ad–and often who saw what ad–to compare those clicks with users’ subsequent purchases. Ever-cheaper IT makes this tracking cost-effective and routine. In addition, a web of interlocking ad networks trades inventory and offers to show the right ad to the right person at the right time. It could be a marketer’s dream. However, these benefits are at most partially realized. The same institutions and practices that facilitate efficient ad placement can also facilitate fraud. The networks that should be serving advertisers have decidedly mixed incentives, such as cost savings from cutting corners, constrained in part by long-run reputation concerns, but only if advertisers ultimately figure out when they’re getting a bad deal. Legal, administrative, and logistical factors make it difficult to sue even the worst offenders. And sometimes an advertiser’s own staff members prefer to look the other way. The result is an advertising system in which a certain amount of waste and fraud has become the norm, despite the system’s fundamental capability to offer unprecedented accountability.

Posted on

Measuring the Perpetrators and Funders of Typosquatting

Moore, Tyler, and Benjamin Edelman. “Measuring the Perpetrators and Funders of Typosquatting.” Lecture Notes in Computer Science. Springer-Verlag. Financial Cryptography and Data Security: Proceedings of the International Conference 6052 (2010). (Introduction, Web appendix.)

We describe a method for identifying “typosquatting”, the intentional registration of misspellings of popular website addresses. We estimate that at least 938,000 typosquatting domains target the top 3,264 .com sites, and we crawl more than 285,000 of these domains to analyze their revenue sources. We find that 80% are supported by pay-per-click ads, often advertising the correctly spelled domain and its competitors. Another 20% include static redirection to other sites. We present an automated technique that uncovered 75 otherwise legitimate websites which benefited from direct links from thousands of misspellings of competing websites. Using regression analysis, we find that websites in categories with higher pay-per-click ad prices face more typosquatting registrations, indicating that ad platforms such as Google AdWords exacerbate typosquatting. However, our investigations also confirm the feasibility of significantly reducing typosquatting. We find that typosquatting is highly concentrated: of typo domains showing Google ads, 63% use one of five advertising IDs, and some large name servers host typosquatting domains as much as four times as often as the web as a whole.

Posted on

Deterring Online Advertising Fraud Through Optimal Payment in Arrears

Edelman, Benjamin. “Deterring Online Advertising Fraud Through Optimal Payment in Arrears.” Financial Cryptography and Data Security: Proceedings of the International Conference (September 2009). (Springer-Verlag Lecture Notes in Computer Science.) (Featured in Working Knowledge: Reducing Risk with Online Advertising.)

Online advertisers face substantial difficulty in selecting and supervising small advertising partners. Fraud can be well hidden, and limited reputation systems reduce accountability. But partners are not paid until after their work is complete, and advertisers can extend this delay both to improve detection of improper partner practices and to punish partners who turn out to be rule-breakers. I capture these relationships in a screening model with delayed payments and probabilistic delayed observation of agents’ types. I derive conditions in which an advertising principal can set its payment delay to deter rogue agents and to attract solely or primarily good-type agents. Through the savings from excluding rogue agents, the principal can increase its profits while offering increased payments to good-type agents. I estimate that a leading affiliate network could have invoked an optimal payment delay to eliminate 71% of fraud without decreasing profit.

Posted on

Typosquatting: Unintended Adventures in Browsing

Edelman, Benjamin. “Typosquatting: Unintended Adventures in Browsing.” Cybercrime Gets Personal, McAfee Security Journal (fall 2008): 34-37.

Typosquatting is the practice of registering domain names, identical to or confusingly similar to trademarks and famous names, in hopes that users will accidentally request these sites–whereupon they will receive, typically, advertisements. This piece presents the basic typosquatting business model, based on my analysis of more than 80,000 typosquatting domain names. I analyze the advertising intermediaries that make typosquatting profitable, and I assess the legislation and litigation that are beginning to put a check on this practice.

Posted on

Delaying Payment to Deter Online Advertising Fraud

In a new article, I introduce an alternative method of fraud prevention for certain online advertising systems. By delaying payments, a merchant or network differentially harms bad affiliates (who rightly worry they may get caught) without unduly harming good affiliates (who know they’ll get paid, and who receive a bonus in compensation for the delay). With a suitable delay, a merchant or network can deter many bad affiliates while retaining the good.

My working draft:

Optimal Deterrence when Judgment-Proof Agents are Paid in Arrears – with an Application to Online Advertising Fraud

Details on my approach, including initial data on merchants’ and networks’ current payment terms.

(update: published as Edelman, Benjamin. “Deterring Online Advertising Fraud Through Optimal Payment in Arrears.” Financial Cryptography and Data Security: Proceedings of the International Conference (September 2009). (Springer-Verlag Lecture Notes in Computer Science.))