Pop-up Ads

Ads with countdown

Disguised Ads

Normal Ads

Security Issues

• Malware
• Browser tracking
• Redirect
• Fishing

User Experience

• Annoying
• Time-wasting
• Accessibility

Chrome 內建

競賽1

• 使用者部署防廣告插件
• rule based blocking
• 廣告商就要想辦法bypass
• 更改id or script名稱

競賽2

• 廣告商部署anti-adblock
• 常見的方式有：
  • 檢測廣告區塊高度
  • 檢測廣告可見數
  • 加載額外的ads.js來輔助判斷
• 使用者就要想辦法不要被發現有用adblock

競賽3

• 使用者部署active ad blocker
• 建立已知anti-adblocker code的signature(ex: AST)
• load頁面時即時比對，找出並block anti-adblocker
• 範例：anti-adblocker killer

Why AdvertiXement?

More Concentration

More Accessibility

Less Annoying

Better Privacy

Accidental Clicks?

• Malware
• Browser tracking
• Redirect
• Fishing

Rejection Fails

Obfuscation

Masking Succeeds

Masking Covers

DEMO

Browser

Filter List

DEMO

->

Another DEMO

Passive Protection

•  Less Clickjacking.
• Less Phishing.
• No methods to detect.

Ad Redirection

• Less Malicious Tackers.
• Less loading time
• More Condensed.
• 讓你的視窗充滿行健 :) .

AdvertiXment

Finally...

Ad Time:
Do you know 行健？

Sponsor us! facebook.com/008god

Advantage

• Harder to detection
• Harder to obfuscate

Disadvantage

• Still rule based
• Filter list is hard to maintain
• Not suitable for other type of ads

GREAT CANNON!?

Future work - ML&VPN

Main Contribution

• 分析廣告的安全性議題並尋求解法
•  survey 目前的網路廣告的形式
• 了解 blocker 的競賽現狀與突破點
• 提出AdvertiXment

References

• https://csultimates.net/blog/2017/12/17/bypass-ad-block-detection-in-any-website/
• http://justcode.ikeepstudying.com/2015/06/%E7%BD%91%E9%A1%B5%E6%A3%80%E6%B5%8B-adblock-%E7%9A%84-6-%E7%A7%8D%E6%96%B9%E6%B3%95/
• https://www.getit01.com/p20171221133142/
• https://blog.chromium.org/2018/02/how-chromes-ad-filtering-works.html