Proactive and Reactive Mechanisms for Protecting ads on the Internet from Adware and Malware

Sarangi, Abinash

Home // AFIN 2017, The Ninth International Conference on Advances in Future Internet // View article

Proactive and Reactive Mechanisms for Protecting ads on the Internet from Adware and Malware

Authors:
Abinash Sarangi

Keywords: adware prevention; javascript; page validation rules, mutation observer; malicious code injection, malware prevention, web security

Abstract:
Ads on websites and search engines such as Bing and Google help keep the internet services free and accessible to all. These ads are vulnerable to malicious attacks by adware, malware on user’s machine and user agent. As internet grows adware are adopting sophisticated mechanism running as browser plugin or a background service and attack on selective sites. Adware and malware attack is a several billion-dollar industry on its own and is being democratized by advanced tools such as black hole exploit kit. A simple adware acting as a browser plugin can manipulate DOM of any website (e.g. Bing or Google) and replace the original ads with its own, hence stealing revenue from these companies. Our research showed at least 4.5% of Bing users had some form of a adware or malware which inserted unwanted content into Bing’s search engine results page resulting in several million dollars of revenue impact. This is true for google, Facebook and any such internet service which monetizes using ads. The real challenge of this problem is, the malicious program is running on the user’s machine and internet services are accessed using web browsers on that machine, limiting what such a service provider can do to prevent the adware from within the webpage itself. This is the very reason why web services have not been successful in dealing with the malware/adwares. We researched and experimented several mechanisms and built a JavaScript based framework which can consume a rule set generated by server to validate the state of the website and ensure its integrity. The framework being JavaScipt based can run seamless on all (modern) browsers and devices from within the website yet protect the webpage from malicious program running on the user’s machine at higher privilege. The framework uses the unique rule set pertaining to the current page and allow only valid mutation to the DOM from known sources to the website. If any mutation fails the validation, the DOM is restored to the state prior to the mutation. This mechanism ensures even if a user’s machine has malicious programs or adwares, attempting to steal ad revenue, the webpage can protect is from within and hence ultimately save significant ad revenue. This research has been implemented and thoroughly measured for success and effectiveness. Security of websites and services are a growing challenge and the future internet needs more research and awareness in the field to deal with any vulnerability or exploits that may exist.

Pages: 1 to 5

Copyright: Copyright (c) IARIA, 2017

Publication date: September 10, 2017

Published in: conference

ISSN: 2308-4340

ISBN: 978-1-61208-583-8

Location: Rome, Italy

Dates: from September 10, 2017 to September 14, 2017