Analysis of malicious affiliate network activity as a test case for an investigatory framework.

Miehling, Mathew J, Buchanan, William J, Old, L John, Batey, Alan and Rahman, Arshad (2010) Analysis of malicious affiliate network activity as a test case for an investigatory framework. In: Proceedings of 9th European Conference on Information Warfare and Security. ACI, Greece, p. 209.

Available under License Creative Commons Attribution Non-commercial.

Download (260kB)


Currently there is a great deal of literature surrounding methods that can be used to de-tect click-fraud, but there is very little published work on actual cases of click-through fraud. The aim of this paper is to present the details of a real-life fraud, in order that lessons may be learnt to over-come this type of fraud in the future. The paper outlines a fraud that is suspected to have included both PPC and PPS from fraudulent affiliates.
This paper describes a methodology for the investigation process of affiliate network scams, includ-ing the anonymisation of personal and location details, while providing an analysis of an actual crime. In total, the case examined resulted in an estimated loss of around £200,000 with a further estimated loss of over £200,000 if further transactions had not been cancelled.
The methods used within the scam are outlined using anonymised data, and presented to highlight the malicious activity. This included both pay-per-click and pay-per-sale scams most likely using sto-len identity information. It concludes with the methods that may be helpful in possibly identifying malicious activity with affiliate networks and how a framework can be setup to investigate these crimes.
The current work involves developing an investigatory framework focused on the early detection of electronic fraud, and the work done for this paper will be used as a test case on affiliate fraud data. The future aim of the research is to completely automate the investigatory framework that will allow incident data to be processed so that the context of a crime is not lost, but that it anonymises and protects the identity of those involved.

Item Type: Book Section
Additional Information: ECIW 2010 1-2 July, Thessaloniki, Greece
Uncontrolled Keywords: malicious network activity; investigatory framework; affiliate advertising; click through; fraud; financial services; e-crime;
University Divisions/Research Centres: Faculty of Engineering, Computing and Creative Industries > School of Computing
Dewey Decimal Subjects: 000 Computer science, information & general works > 000 Computer science, knowledge & systems > 004 Data processing & computer science
Library of Congress Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Item ID: 3818
Depositing User: Computing Research
Date Deposited: 31 Aug 2010 15:15
Last Modified: 21 Oct 2014 12:48

Actions (login required)

View Item View Item


Downloads per month over past year

View more statistics

Edinburgh Napier University is a registered Scottish charity. Registration number SC018373