Browse > Article
http://dx.doi.org/10.13089/JKIISC.2017.27.2.213

A Study on Internet Advertisement Injection  

Cho, Sanghyun (Naver Corporation)
Choi, Hyunsang (Naver Corporation)
Kim, Young-Gab (Sejong University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.27, no.2, 2017 , pp. 213-222 More about this Journal
Abstract
Online advertisement has many benefits comparing to offline advertisement but it also has many challenging problems by online ad abuses. Advertisement injection (Ad injection) is one of the threats that surreptitiously inserts advertisements without a permission of site owners. Users are exposed to additional ads and redundant web traffic by injected ads can cause a service quality problem. Moreover, advertisers can have economic loss when injected ads are different from original ones. Although ad injection leads to these problems it has not been fully studied yet. A few ad injection researches are done by online advertising providers such as Google. In this paper, we analyze ad injection activities to Korean major portal, Naver. We classify 6 types of ad injections and describe their characteristics by analyzing 27 downloaders and 199 installed programs.
Keywords
Internet advertisement; ad injection; abusing;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Hong il Lee, Cheol Park, Youn Jin Lee, "A Typology and Effects of Internet Advertising according to the customer relationship stages", Proceedings of the Korea Society of Information Technology Applications Conference, pp. 3-6, Nov. 2003
2 Google Security Blog, "New Research: The Ad Injection Economy", https://security.googleblog.com/2015/05/new-research-ad-injection-economy.html
3 Brad Miller, Paul Pearce, Chris Grier, Christian Kreibich, and Vern Paxson, "What's clicking what? techniques and innovations of today's clickbots", In Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), pp. 164-183, Jul. 2011.
4 Paul Pearce, Vacha Dave, Chris Grier, Kirill Levchenko, Saikat Guha, Damon McCoy, Vern Paxson, Stefan Savage, and Geoffrey M Voelker. "Characterizing Large-Scale Click Fraud in ZeroAccess", ACM Conference on Computer and Communications Security (CCS), pp. 141-152, Nov. 2014.
5 Zhou Li, Kehuan Zhang, Yinglian Xie, Fang Yu, and XiaoFeng Wang, "Knowing your enemy: understanding and detecting malicious web advertising", ACM conference on Computer and Communications Security (CCS), pp. 674-686, Oct. 2012
6 Gabi Nakibly, Jaime Schcolnik and Yossi Rubin. "Website-Targeted False Content Injection by Network Operators", 25th USENIX Security Symposium (USENIX Security 16), pp. 227-244, Aug. 2016
7 Muhammad Ahmad Bashir, Sajjad Arshad, William Robertson, Christo Wilson, "Tracing Information Flows Between Ad Exchanges Using Retargeted Ads", 25th USENIX Security Symposium (USENIX Security 16), pp. 481-496, Aug. 2016
8 Alexandros Kapravelos, Chris Grier, Neha Chachra, Christopher Kruegel, Giovanni Vigna, and Vern Paxson, "Hulk: Eliciting Malicious Behavior in Browser Extensions", 23th USENIX Security Symposium (USENIX Security 16), pp. 641-654, Aug. 2014
9 Kurt Thomas, Elie Bursztein, Chris Grier, Grant Ho, Nav Jagpal, Alexandros Kapravelos, Damon McCoy, Antonio Nappa, Vern Paxson, Paul Pearce, Niels Provos, and Moheeb Abu Rajab. "Ad Injection at Scale: Assessing Deceptive Advertisement Modifications", Proceedings of the IEEE Symposium on Security and Privacy, May. 2015
10 Statcount, http://gs.statcounter.com