Analysis of Malicious Affiliate Network Activity as a Test Case for an Investigatory Framework
Rahman, A. (2010). Analysis of Malicious Affiliate Network Activity as a Test Case for an Investigatory Framework. In: (Ed.) 9th European Conference on Information Warfare and Security, , () ( ed.). (pp. ). Greece: . .
Currently there is a great deal of literature surrounding methods that can be used to detect click-fraud, but there is very little published work on actual cases of click-through fraud. The aim of this paper is to present the details of a real-life fraud, in order that lessons may be learnt to overcome this type of fraud in the future. The paper outlines a fraud that is suspected to have included both PPC and PPS from fraudulent affiliates.
This paper describes a methodology for the investigation process of affiliate network scams, includ-ing the anonymisation of personal and location details, while providing an analysis of an actual crime. In total, the case examined resulted in an estimated loss of around £200,000 with a further estimated loss of over £200,000 if further transactions had not been cancelled.
The methods used within the scam are outlined using anonymised data, and presented to highlight the malicious activity. This included both pay-per-click and pay-per-sale scams most likely using sto-len identity information. It concludes with the methods that may be helpful in possibly identifying malicious activity with affiliate networks and how a framework can be setup to investigate these crimes.
The current work involves developing an investigatory framework focused on the early detection of electronic fraud, and the work done for this paper will be used as a test case on affiliate fraud data. The future aim of the research is to completely automate the investigatory framework that will allow incident data to be processed so that the context of a crime is not lost, but that it anonymises and protects the identity of those involved.
Director of CDCS
+44 131 455 2759
Areas of Expertise
See all areas of expertise
Electronic information now plays a vital role in almost every aspect of our daily lives. So the need for a secure and trustworthy online infrastructure is more important than ever. without it, not only the growth of the internet but our personal interactions and the economy itself could be at risk.