By Carlo Blundo, Stelvio Climato

1
By Carlo Blundo, Stelvio Climato Presented by
Alexander Alexandrov
2
Introduction

• The Internet has become the largest marketplace
  in the world.
• Only in the first half of 2002, US advertisers
  alone spent 3 billion

3
How online advertising works?

• Two major Parties
• Advertiser tries to sell his product, exploits
  the popularity of major web sites (such as search
  engines, portals)
• Hosting company (Server) charges predetermined
  fee either per 1000 impressions or per
  click-through.
• Sometimes Advertising Agencies act as
  intermediaries (e.g. Overture)

4
How to measure site visits?

• Sampling rating systems similar to those used
  for TV programs highly inefficient
• Auditing third party agency collects data from
  the site or monitors existing software
• However subject to hit inflation and hit shaving
  attacks !

5
Existing auditing solutions

• Log analysis examining web server logs. However
  they can be modified easily
• Click-through fraud detection protocols not
  perfect, cannot detect all hit shaving and
  inflation
• Timing functions min time between two
  successive clicks from the same IP not
  foolproof
• Hardware boxes temper-resistant hardware that
  avoids server logs modification and detect
  spoofed IP addresses expensive

6
Metering Systems

• Systems to monitor Web page accesses to measure
  the effectiveness of Internet ads
• Need of a mechanism to insure hit-inflation and
  hit-shaving free environment
• A perfect mechanism will insure
• Security
• Nonrepudiation
• Accuracy
• Efficiency
• Privacy

7
Authenticated Metering Framework

• n Clients, C1,C2, Cn
• Server S
• Audit Agency A
• All agree on a one-way hash function H with
  preimage and collision resistence
• Three phases Initialization, Interaction, and
  Verification

8
Initialization Phase
wk Hk(w0) H(Hk-1(w0) where H2(w0) H(H(w0)),
stores (idc, k, w0), then sends (idc, k, w0) to
the client and (idc, w1) to the server server
adds Lc
9
Interaction
Client sends wk-j Hk j(w0) for the j-th
access, server verifies it matches last stored
value for C by H(wk-j) wk j 1. If yes, it
stores wk-j and increments Lc
10
Verification
Server sends (idc, W, Lc) where idc is the
clients identifier associates with last W and
Lc is the clients counter. A verifies that W
equals HkL c(w0)
11
Evaluation

• Security robust against hit shaving and hit
  inflation, no man-in-the-middle attack
• Nonrepudiation S can show it belongs to the
  hash chain A provided, cannot reconstruct w0
• Accuracy players cannot cheat, therefore what S
  shows is the real number of visits
• Efficiency Minimal trafic between A, S and A,
  C, however significant traffic between C, S
• Privacy Only the agent system can reconstruct
  number of visits. S only knows Lc and idc

12
Implementation

• Prototype for Linux, Netscape 4.76, and Apache
• Efficiency and transparency the biggest problem
• Server grants access only to registered clients
• Two main parts
• Computations performed on the clients computer
• Computations performed on the server that wants
  payment for each access

13
Meter Plug-in

• Plug-in that is downloaded and installed at each
  client that accesses the server
• MIME type x-meter

14
Apache module

• Controls the meter request data, retrieving the
  client ID from the request and the corresponding
  entry stored in its database.
• Limits access to a page unless the client is
  authenticated
• Uses Perl API

15
Limitations

• The client has to register in advance
• When client runs out of authentication tokens, it
  must contact audit agency to renew its
  subscription
• Uses SSL to protect the token exchange and to
  recover phase when Lc gets out of phase