The Bieber Project: Ad Tech 101, Fake Fans and Adventures in Buying Internet Traffic

Presented at DEF CON 23 (2015), Aug. 8, 2015, 5 p.m. (60 minutes).

In the past year, I found myself immersed in the multi-billion dollar digital advertising industry. This gave me the opportunity to investigate the unique security challenges and issues facing the industry. It was a shock to me at first how complex the advertising ecosystem was particularly in the advent of programmatic advertising. But I dove in head first and learned a lot which I would like to share with my fellow security professionals. During this time, I got involved with unscrupulous publishers, apathetic ad networks, angry advertisers and activist malware researchers. I encountered self proclaimed experts with fantastic claims, vendors using scare tactics, and a glaring disconnect between the security and ad tech worlds. In this presentation, I would like to be able to provide the audience with my experience plus a number of things. Among which are: Provide security professionals a 101 type of introduction to the world of digital advertising ecosystem. Among the things we will tackle is what is programmatic advertising, what the roles are of the different players like ad networks are and how money is made off all this interplay. Provide the audience a perspective on what security challenges the advertising industry is facing and opportunities for us security professionals to be involved. We all know about malvertising and its a big deal to us security guys but there are bigger, and in an advertisers perspective, more relevant issues that needs to be taken care of first. All of this will be discussed in this talk. An introduction about the different and creative ways unscrupulous publishers can pad their earnings. We will be talking about hidden ads, ad stacking, intrusive ads, auto-refreshes, popups, popunders, blackhat SEO techniques and dirty inventory. An in depth discussion on the problems caused by non-human traffic (NHT). We will talk about what it is, why is it a problem, how it is generated, and more importantly, how do we catch it? In fact, this presentation is named the "Bieber Project" which is the experiment which I leveraged to understand non-human traffic and determine how we can identify it. Mark Ryan Talabis is the Chief Security Scientist for zVelo Inc where he conducts research on advertising fraud and non-human traffic. He is also formerly the Director of the Cloud Business Unit of FireEye. He is an alumni member of the Honeynet Project and a member of the anti-malware working group of the Interactive Advertising Bureau (IAB) where he is contributing in the promotion of threat intel sharing across the advertising industry.


Presenters:

  • Mark Ryan Talabis - Chief Security Scientist, zVelo
    Mark Ryan Talabis is the Chief Security Scientist for zVelo Inc where he conducts research on advertising fraud and non-human traffic. He is also formerly the Director of the Cloud Business Unit of FireEye. He is an alumni member of the Honeynet Project and a member of the anti-malware working group of the Interactive Advertising Bureau (IAB) where he is contributing in the promotion of threat intel sharing across the advertising industry. His current work focuses on helping the advertisers and ad networks in finding ways to identify non-human traffic through various browser impression and behavioral based anomaly detection techniques. This also includes work on detecting various impression and click padding techniques by unscrupulous publishers. He is a graduate of Harvard University and is a co-author of two books from Elsevier Syngress: "Information Security Analytics: Finding Security Insights, Patterns, and Anomalies in Big Data" (2014) and "Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis" (2012). Techniqies He has presented in various security and academic conferences and organizations around the world including Blackhat, DEF CON, Shakacon, INFORMS, INFRAGARD, ISSA, and ISACA.

Links:

Similar Presentations: