Measuring Privacy, Security, and

Censorship through the Utilization of

Online Advertising Exchanges

Peter Thomas Zimmerman

A Thesis
Presented to the Faculty
of Princeton University
in Candidacy for the Degree
of Master of Science in Engineering

Recommended for Acceptance

by the Department of
Computer Science
Adviser: Arvind Narayanan

June 2015

c Copyright by Peter Thomas Zimmerman, 2015.

All rights reserved.

 Abstract

Programmatic advertising through Demand Side Platforms (DSPs) has lowered the
barrier to entry for budding online advertisers. This ease of access to sophisticated
demographic targeting mechanisms creates a double-edged sword. On the one hand,
it affords malicious advertisers, or malvertisers, a low-cost platform for the granular
targeting of a large number of users. On the other hand, there exists an opportunity
for researchers to take techniques common to malvertising and combine them with
the targeting capabilities of online ad exchanges to perform global-scale studies.
We study this duality from the perspective of a small online advertiser interfacing
with a DSP to win impressions across the web. Through the purchase of 415,343 ad
impressions across 4 DPSs and 11 ad exchanges, we analyze the features provided by
online ad exchanges that can be utilized for malicious operations as well as for security
and privacy research. We show that malvertisers can circumvent ad review processes,
execute arbitrary JavaScript, or phish credentials from large numbers of users. We
then demonstrate how techniques used for malvertising can be useful for collecting web
measurements. We combine these techniques with targeting mechanisms afforded by
DSPs to perform measurements of in-flight web page alteration and online censorship.
We detect 984 instances of page alteration or script injection within 16 countries.
By analyzing 23,640 HTTP GET requests sent from 3,940 advertisements, we measure
widespread online censorship in China. These results validate our methodology and
encourage the deployment of more sophisticated measurements through online ad
networks.

iii
 Acknowledgements

I would like to thank the Department of Computer Science for the opportunity to
work with, and learn from, top researchers in the field. I would also like to thank
my wife, Janee, for her steadfast support. I would also like to thank my advisor, Ed
Felten, Jen Rexford, Nick Feamster, and the students affiliated with the Center for
IT Policy for their guidance and insights.
This work is the result of collaboration with Arvind Narayanan (Princeton Uni-
versity), Ed Felten (Princeton University), Joe Bonneau (Stanford University), and
Jonathan Mayer (Stanford University).

iv
Contents

Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iii
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iv
List of Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
List of Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii

1 Introduction 1

2 Related Work 4
2.1 Web Measurements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.2 Malvertising . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

3 Methodology 8
3.1 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.1.1 Real-Time Bidding and DSPs . . . . . . . . . . . . . . . . . . 8
3.1.2 Measurement through Ad Exchanges . . . . . . . . . . . . . . 10
3.1.3 Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.2 Ethical Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.3 Research Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

4 Experiments 18
4.1 From Malvertisement to Measurement . . . . . . . . . . . . . . . . . 18
4.1.1 DSP Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

v
 4.1.2 Targeting Evaluation . . . . . . . . . . . . . . . . . . . . . . . 21
4.2 In-Flight Page Alteration . . . . . . . . . . . . . . . . . . . . . . . . . 23
4.2.1 Measurement Process . . . . . . . . . . . . . . . . . . . . . . . 23
4.2.2 Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
4.3 Online Censorship . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.3.1 Measurement Process . . . . . . . . . . . . . . . . . . . . . . . 27
4.3.2 Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
4.4 Ad Platform for Research . . . . . . . . . . . . . . . . . . . . . . . . 31
4.4.1 Challenges and Limitations . . . . . . . . . . . . . . . . . . . 31
4.4.2 Potential for future research . . . . . . . . . . . . . . . . . . . 32

5 Conclusion 34

A Targeted Domains in Malvertising Experiment 35

B Countries Included in Page Alteration Measurement 37

Bibliography 39

vi
List of Tables

3.1 Measurements Enhanced by DSP Features . . . . . . . . . . . . . . . 10

4.1 Evaluation of DSPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

4.2 Web Beacon Analysis of 18 Agencies . . . . . . . . . . . . . . . . . . 23
4.3 Types of Page Alteration Detected . . . . . . . . . . . . . . . . . . . 26
4.4 Results from Known Unblocked Sites . . . . . . . . . . . . . . . . . . 29
4.5 Chinese Online Censorship Measurement . . . . . . . . . . . . . . . . 30

vii
List of Figures

3.1 Overview of RTB Process . . . . . . . . . . . . . . . . . . . . . . . . 9

3.2 Measurement Process through Ads . . . . . . . . . . . . . . . . . . . 12

4.1 Ad Views by 18 U.S. Govt Agencies . . . . . . . . . . . . . . . . . . . 22

4.2 Page Alteration Measurement . . . . . . . . . . . . . . . . . . . . . . 24
4.3 Chinese Online Censorship Ad . . . . . . . . . . . . . . . . . . . . . . 28

viii
Chapter 1

Introduction

Revenues for Internet advertising totaled $23.1 billion in the first six months of 2014
alone, a growth of 15% during the same time span in 2013 [9]. To provide free ac-
cess, publishers sell impressions on their web pages that advertisers can bid on in real
time. The real-time bidding (RTB) process is handled by ad exchanges. Supply Side
Platforms (SSPs) interface directly with ad exchanges; however, in some cases (e.g.,
DoubleClick) the ad exchange and SSP are the same entity. In either case, advertisers
interface with SSPs through Demand Side Platforms (DSPs), which handle the bids
that advertisers are willing to pay in order to win impressions across various online
publishers. DSPs enable advertisers to perform programmatic ad buying. This allows
advertisers to bid on ad impressions in targeted geographic locations or domains and
to display ads only to those users who might act in response to them. Additionally,
DSPs enable growing advertisers to buy impressions through large ad exchanges pre-
viously only accessible to ad agencies with large budgets. However, this low barrier to
entry presents an opportunity for attackers to deploy low cost, far-reaching malicious
code.
Utilizing ad networks to perform malicious operations, or malvertising, is not a
new concept [48, 50, 43]. Increasing levels of sophistication to perform, for example,

1
drive-by-downloads, cross-site scripting attacks, and phishing have led ad networks to
implement defensive measures in the hopes that they might protect publishers [57].
However, with the potential for wide-scale deployment of attack code and ability to
perform target discrimination based on a variety of factors, ad networks continue to
be a favored attack platform which has even garnered the attention of the U.S. Senate
[16, 2, 12].
However, researchers can use some of the techniques common to malvertising for
the purposes of performing web measurements. Previous work has sought to perform
a variety of wide scale measurements but required that users install custom hardware
[51] or browser extensions [24], visit a specific webpage [31], or add custom scripts
to their website [19, 49]. The use of ad networks to perform targeted measurements
does not rely on successful completion of these prerequesites, freeing researchers from
the need to generate awareness of or cooperation with a research project which could
limit the scale of a study. Additionally, researchers can target measurement studies
based on factors such as IP address and geolocation.
Contributions. Taking the perspective of an online advertiser, we analyze the
use of ad exchanges for malicious advertising and research studies. We describe
our experience interfacing with various DSPs and the accuracy of features such as
location targeting. Taking the role of a malvertiser, we present the methods and
review processes that DSPs use to interface with advertisers. We experiment with
how these processes can be subverted, allowing the malvertiser to leverage various
features of the DSP during a malvertising campaign.
We then use these malvertising techniques and DSP targeting features to per-
form two web measurements from browsers in targeted locations, a task that would
otherwise be difficult to perform. First, we measure the existence of in-flight page
alterations across 16 countries. This is typically difficult to measure since it requires
a large number of users to visit a measurement page and report back to researchers

2
what page they received (if they were able to visit a measurement page or upload
their result at all). Second, we measure online censorship in China and compare our
results to current censorship measurement tools to validate our results.
Results. We consider a malvertiser who intends to launch a malvertising cam-
paign against U.S. government agencies. With an ad budget of less than $500, we show
that a malicious advertiser can target specific government agencies, phish user cre-
dentials for any supported domain through the DSP, or execute arbitrary JavaScript
through Flash advertisements.
Second, we detect 984 instances of script injection or in-flight page alteration in
16 countries. Furthermore, we measure Chinese online censorship of six websites
chosen from GreatFire.org [7] and ONI Herdict Web [13]. From 3,940 measurement
samples that amount to 23,640 HTTP GET requests from browsers across China, we
detect a high amount of censorship for commonly blocked sites and a correspondingly
low amount for known unblocked sites. We describe our results in terms of which sites
are typically blocked and why some users are not blocked from accessing commonly
blocked content.
Our experiments highlight the common security implications of online advertising
and indicate that, as third-party injection points into the ad ecosystem gain further
popularity, cost and difficulty of malvertising is only decreasing. The silver lining of
our conclusion is that as researchers, we can take advantage of the same mechanisms
afforded to malvertisers and perform studies of similar low cost and simplicity.

3
Chapter 2

Related Work

Our work complements two existing bodies of research. The first measures a variety
of data points when browsing the web such as privacy settings, security vulnera-
bilities, censorship, network performance, or personalization. These measurements
are typically taken through the use automated crawlers or by recruiting users (e.g.,
crowdsourcing or Mechanical Turk [3]). The second body of research studies the se-
curity implications of various types of malvertising and defenses that might be used
to counter common techniques for launching malvertising campaigns.

2.1 Web Measurements

A common goal for web and network measurement studies is to obtain samples from
the perspective of real users. This has been accomplished in a variety of ways. Sev-
eral studies have taken an approach that involves clients downloading software from
a publisher’s web server. Netalyzr is a signed Java applet that users download when
visiting a participating publisher’s page [31]. This applet runs in the user’s browser
and communicates with several measurement servers to provide network data includ-
ing port filtering, NAT behavior, DNS manipulations, and path MTU sizes. Another
similar method consists of users downloading JavaScript embedded on a publisher’s
4
page. This is useful when a publisher wants to alert a user that the current page has
been modified in-flight before it reached the user’s browser [49]. Publishers can also
embed entire measurement frameworks directly into a page. Encore enables partici-
pating publishers to embed an iframe on their website to measure online censorship.
When a user visits a page with the iframe, the user’s browser attempts to reach a
number of potentially censored sites based on ONI’s Herdict Web [19, 13]. The data
are transmitted back to a collection server that displays online censorship information
for the public.
Measurements can also be performed in a browser extension or mobile app.
Fathom is a Firefox extension that uses JavaScript to measure web page access
failures, network performance in the local and wide area network, and topology
information [24]. Privacy and personalization studies have also used crowd-sourcing
by asking users to install a measurement app on their mobile device or a similar
browser extension [11, 58, 40, 41, 36, 37, 45]. Mechanical Turk has also been used by
a number of studies to obtain samples from users who input data, perform a simple
task, or simply visit a web page [34, 30, 18].
Another common methodology is to deploy automated browsers that crawl the
web and extract measurement samples. Automated measurement platforms can per-
form perform large-scale measurements and in some cases can be configured to mimic
real users. Crawling the web has been useful for several privacy, and personalization
studies [25, 23, 32, 27, 54]. Within the field of web security measurement, we nar-
row our scope to those studies focused on malvertising, which tend to utilize similar
methodologies to those in other web measurements [42, 59, 53]. However, distributed
measurements from automated browsers requires nontrivial infrastructure and syn-
chronization, increasing the amount of time and effort necessary during experiment
setup [58, 27, 40]. Although not an automated platform for web measurement but
rather for direct network measurement, BISmark is an Internet measurement project

5
deployed as firmware installed in participant home routers [51]. Each router collects
and centrally uploads information including web page load times, ISP access link
performance, and user behavior.
Lastly, two studies perform measurements with Flash objects and Google Ad-
Words separately. Huang et al deploy a Flash object on the Facebook homepage to
measure the prevalence of forged Facebook SSL certificates from the perspective of
over three million users [28]. ONeill et al perform a similar measurement through
Google AdWords and detect the deployment of TLS proxies that serve forged certifi-
cates [46].
Our measurement methodology differs from those above in a number of ways.
First, deploying measurement code through online ad networks does not require user
or publisher adoption. As with Encore, measurements are made transparently (i.e.,
with no perceivable performance degradation) when a user visits a web page contain-
ing the ad impression. Furthermore, publishers need only a relationship with an ad
network that we can access from our DSP in order to perform our web measurements.
Similarly, our methodology does not require an awareness campaign that solicits users
to visit a measurement page or install a browser extension. Additionally, we do not
host a Flash socket policy server or create an implementation that depends on one.
This server is used to host a policy file that specifies which domains may open a TCP
socket connection to the domain where the server resides. By not incorporating this
policy server into our methodology, we are able to perform measurements across any
domain for the purposes of online censorship detection.
Second, studies performed using online ad networks can leverage the features pro-
vided by the DSP. This allows researchers to be selective in which geographic regions
to obtain samples, when to take measurements, or which browsers and operating sys-
tems to involve in the study. Achieving this same functionality otherwise includes
heavily promoting a measurement project in different areas of the globe (geographic

6
targeting), setting up responsive measurement pages that respond differently to dif-
ferent user-agents (browser and OS targeting), or periodically shutting down a mea-
surement server or blocking the collection of the results during certain time periods
(time-based measurements).

2.2 Malvertising

Literature in this area typically focuses on the detection of, and defenses against,
malicious advertisements [50]. Provos et al. describe common methods for attackers
to inject malicious content into web browsers, including through the use of malver-
tising [48]. Another study specifically analyzes the prevalence of drive-by-downloads,
a common attack executed by clicking on an ad that directs the user to a malicious
domain [39]. While drive-by downloads can be performed with any ad format, Ford et
al. identify vulnerabilities introduced through Flash advertisements and automated
methods of detection [26]. Other studies attempt to create isolation mechanisms or
similar detection methods that could be used to mitigate the threat of malicious ad-
vertisements [52, 33]. Lastly, Vratonjic et al. analyze ad networks themselves and
find vulnerabilities that allow an attacker to redirect ad revenue streams [55]. Outside
of studies specifically analyzing malicious advertisements, a number of studies have
analyzed the dangers of third-party inclusions [42], browser-based JavaScript malware
[29], and machine-learning-based methods for detecting malicious JavaScript [21].
Our work analyzes techniques that an attacker could use in malvertising campaigns
to phish users or execute malicious JavaScript. We demonstrate the ability to turn
these attack techniques into a web measurement methodology.

7
Chapter 3

Methodology

3.1 Background

Real-time bidding (RTB) allows publishers to sell ad impressions on their website

at prices based on the demographic profile of each visitor. This process is centered
around the ad exchange, which controls the auction and bidding process for available
ad impressions. As an advertiser, we interface with DSPs to leverage mechanisms that
target users based on demographics such as geolocation, operating system, or browser.
We do not set tracking cookies as the ad exchange already conveys demographic
information to the DSP. Through DSPs, we simply take part in bidding on available
ad impressions, treating the relationship between the DSP and ad exchange as a black
box.

3.1.1 Real-Time Bidding and DSPs

Figure 3.1 provides an overview of the process that takes place to display an ad to a
user upon visiting a publisher’s webpage [45]. The user’s browser requests the page (1)
and receives the HTML (2), which will include ad tags for either a publisher’s ad server
or those of various ad exchanges with which the publisher has a business relationship.

8
Ad impressions encoded with the latter take part in the RTB process. The user’s
browser then contacts (3) the Supply Side Platform (SSP), or ad exchange if they are
the same entity, with information such as which publisher the ad is being served and
the dimensions of the impression. At this point, any SSP cookie information for the
user is also communicated to the SSP.

Figure 3.1: Overview of RTB Process

We interface with DSPs and deploy measurement advertisements to browsers through Real-Time
Bidding

The auction then takes place between the SSP and the Demand Side Platforms
(DSPs). The SSP provides the DSPs any available demographic information about the
user based on the cookie ID that was communicated from the user’s browser and the
URL of the publisher. A number of factors drive up the bid that DSPs communicate
back to the SSP (5) including specificity of user information and popularity of the
publisher. The SSP selects the winning bid and communicates an ad tag back to
the user’s browser (6) that directs the user to the corresponding DSP (7). The DSP
serves the ad (8) directly through a CDN or redirects the user to an external ad server
hosted by the advertiser.
9
3.1.2 Measurement through Ad Exchanges

DSPs offer a number of features that can be used for targeted ad serving or sophisti-
cated web measurements. In Table 3.1, we list a variety of measurement studies that
would be enhanced by leveraging these features. These include the ability to retarget
the same user on subsequent page visits (i.e., display the same or similar ad) and how
many times to display the ad to that user over a selected time period [15, 1, 5]. Also,
advertisers can choose to display an ad only to users within a specific geographic
area (e.g., country, city, or zip code), IP address range, or those users with certain
browsers and operating systems.
DSPs also provide in-house tracking pixels for advertisers to monitor the effec-
tiveness of their advertisements. Interestingly, the practice of embedding a piggyback
pixel [10], or adding third-party web beacons in addition to that of the DSP, is not
only allowed but encouraged by DSPs themselves [14]. This allows advertisers to
externally track impressions and conversions outside of the DSP system.

JS
r
gg arg tes

or
se

g
ow

H el
L5
in
R s /D
et Geo

x
ct /Br

et

M
Pi
se ime

T
/

pl ck
Ta IP

t
T

a
e

d
yb
et

oa
rg

rg

r
le

Measurement
Ta

Se

Pi
U

Middlebox Detection • • • •
Network Performance • • • • • •
Censorship Detection • • • • •
MITM Detection • • • • • •
Web Content Modification • • •

Table 3.1: Measurements Enhanced by DSP Features

We interface with DSPs to utilize these features and perform measurements

through ad exchanges. This first involves uploading our advertisement to a DSP
for review and approval. We then participate in the RTB process by placing bids
on available ad impressions with selected targeting features through the DSP. Upon

10
winning a bid, the DSP tracks our winning bid and serves the ad to the user directly
from a server or CDN associated with the DSP.
Our measurement advertisements are written in ActionScript 3 and compiled into
SWF (Flash) objects. This format is supported by the majority of DSPs we encounter
and affords a simple upload to each DSP. The general process for obtaining measure-
ments through our advertisements can be found in Figure 3.2. When a user views
a measurement ad, a web beacon is triggered within the SWF object. This beacon
makes an HTTP GET request to a PHP script on our collection server which logs the
following information in a CSV file:

• Any query string we input from the SWF

• The IP address of the user

• The domain name, if any, of the user’s network

• The user-agent associated with the user

• The referer of the web beacon, indicating what page the ad was displayed

To determine the domain name of the user’s network, we attempt to resolve the
source IP address of the web beacon and log the result if a successful resolution occurs.
Our server also logs any query string sent by the SWF. This query string can be used
for signaling that a particular portion of logic within an ad has completed or that an
error occurred. Additionally, our SWF advertisements calculate a unique ID that is
used to correlate the information obtained by a web beacon to results uploaded by
that user. This ID is sent as a query string.
Following the collection of user information from the web beacon, the advertise-
ment performs the measurement configured in the logic of the SWF. The results from
the measurement are uploaded to our server with a filename that matches the unique
ID of the user.
11
 1 Upload measurement ad to DSP

2 Bid on available ad impressions through DSP

3 DSP tracks a winning bid and displays ad to user

4 Ad web beacon triggered on ad view

5
GET www.researcher.edu/beacon.php?
Log:
Query String
User IP Address
User’s Domain Name
6 Ad performs measurement User-Agent
Referer

7 Ad uploads results for analysis

POST www.researcher.edu/results.zip

User’s Browser Researcher’s Server

Figure 3.2: Measurement Process through Ads

Web beacons are used in conjunction with server-side PHP scripts to obtain user information and
upload results.

3.1.3 Use Cases

Online censorship. Our ability to obtain measurement samples from the perspec-
tive of users in targeted locations is particularly useful for online censorship detection.
The focus of our experiment in Section 4.3 is to detect Chinese network filtering of
entire domains. We do this by implementing an ad that attempts to download a
resource from potentially blocked domains.
When a user requests a resource (e.g., web page or third-part embed) from a
domain which Chinese censors wish to block, a TCP Reset message is sent back to
the user’s machine in response to the resource request [56]. This technique can be
used to terminate established TCP sessions or to prevent the initial establishment
of a TCP connection. Similarly, Chinese Internet routers could simply drop any
packets destined for a blocked domain address, causing TCP timeouts. Lastly, DNS
Poisioning is employed to provide users with incorrect address resolutions for blocked
domains [20].

12
 Chinese online censorship appears to be decentralized, causing heterogeneous poli-
cies to be applied across Internet service providers. Despite the concept of a “Great
Firewall” that filters all content across the entire country, a user’s web browsing ex-
perience depends on the access network through which they reach online content.
Previous work has sought to understand what triggers, or network filters, cause net-
work connections to be terminated between the user and content provider. Other
studies discover censored results from search engines or censorship of blogs and on-
line chat services [35, 4, 17].
A number of mechanisms exist to detect domain censorship. The Collateral Free-
dom Project [4] is an initiative to place censored content within hosting platforms so
widely used that, if blocked, popular demand forces a censorship reversal. To this end,
GreatFire.org [7] has deployed sensors within China on popular hosting platforms
to measure if various domains are reachable from the sensor. This is problematic as
sensor IP addresses become known and are subsequently blocked. IP addresses of
sensor nodes are then changed and the monitoring continues.
Other mechanisms take a decentralized approach. Herdict maintains a website
which reports domain blockages reported by users across the globe [13]. Users submit
reports via a browser extension, the organization’s web page, Twitter, or email. En-
core [19] allows publishers to embed a measurement iframe on their site. When users
visit the page with the embed, domains chosen from Herdict are tested for censor-
ship. These results are collected and displayed for the public at the Encore project
homepage.
In-flight page alteration. An attacker on the network path between a publisher
and a user’s browser has the ability to manipulate web pages downloaded over HTTP.
Pages altered in-flight could contain scripts injected for a variety of purposes, from
logging keystrokes to tracking users across websites. Page alterations could also be
used for an SSL stripping attack [38]. Our experiment in Section 4.2 focuses on de-

13
tecting page alterations by configuring an advertisement to download a measurement
page and analyze it for changes.
There are two similar techniques for executing an SSL stripping attack. In the first
method, a user makes an HTTP request to an online service that only accepts secure
connections. The server responds to any HTTP requests with an HTTP 301-Moved
Permanently message, instructing the user’s browser to access the service at the
location specified in the 301 message. A MITM watches the outbound HTTP request,
intercepts the 301 response from the server, and establishes a secure connection to
the online service provider on behalf of the user. The MITM then sends the plaintext
HTML from the service provider to the user over an HTTP connection, potentially
rewriting links to their insecure versions as we describe below.
A more basic form of this attack involves sites that do not issue a 301 redirect
message. These online service providers rely on secure href attributes of HTML
link tags to include the HTTPS prefix. In this case, a MITM can intercept HTTP
connections, scan the content for HTTPS link tags, and rewrite any link tags with
an HTTP prefix. Users then access insecure versions of web pages after clicking on
these altered links. The MITM is exploiting the fact that users might not notice the
absence of the lock icon in the address bar of their browser.

3.2 Ethical Considerations

To mitigate concerns that users might face punitive action for attempting to access
blocked content, we measure censorship of only those domains which already maintain
a significant third-party presence across the web (see Tables 4.4 and 4.5 for the list
of domains we included in our study). We also measure online censorship of Dropbox
and the New York Times. Embedded objects from domains with a significant third-
party presence will be blocked within the web pages of unblocked domains. At the

14
network level, requests for blocked embedded content is identical to requests sourced
from a Flash object to those same domains.
The third-party presence by Dropbox can be explained by the fact that it is fre-
quently used to embed static content into web pages, similar to the way Amazon S3
is used by many sites. Furthermore, links New York Times articles are frequently
shortened and shared; in fact, an article with a shortened URL is shared, on aver-
age, every four seconds [8]. Users who encounter shortened links are not aware of
the destination without using an un-shortening service. This is unlikely to occur in
practice and, in those countries performing censorship, it results in many requests
(and blocks) to nyt.com.
There are two arguments to this practice. First, attempting to reach content that
is generally agreed upon to be illegal (e.g., child pornography) could potentially trigger
a law enforcement response; however, we do not attempt to contact any illicit domains
with our measurements. Rather, we use a limited number of sites from Herdict [13]
and GreatFire.org [7] that have a significant third-party presence across the web.
Second, a respondent to a survey of 1,175 Chinese Internet users stated that “on some
days, shortly after connecting to Google, he finds that his Internet connection totally
stops working for 15-20 minutes, an experience he describes in English as being put
‘in the penalty box.’ ”[4] However, requests to third-party embedded resources from
Google would trigger this type of response as well, making our methodology no more
harmful or invasive than typical web browsing.
A side-effect of taking the role of an advertiser is that we now have access to similar
data with user privacy implications. Aside from IP address or user-agent information,
piggy-backing tracking pixels can contain the referer of the page that the user visited
when the ad was displayed. Innocuous examples include specific news articles or word
searches in online dictionaries. However, if an advertisement is displayed on a site
that leaks user-identifying information in the URL, the referer could potentially be

15
used to deanonymize visitors. The domains in which we choose to embed our ads do
not contain this identity leak; though, the implication warrants future work.

3.3 Research Questions

At a high-level, we seek to underscore those features offered by DSPs that are desirable
to malvertisers. At the same time, we explore the potential for these features to be
utilized by the research community as a measurement platform. Our work is guided
by the following two research questions:
Q1: Is there a potential for a generalized ad network research platform?
Researchers have an opportunity to take advantage of the same DSP capabilities af-
forded to malvertisers. We seek to determine if the effort-to-payoff ratio is sufficiently
high enough to encourage the establishment of an ongoing relationship with a DSP.
By performing our experiments, we explore if pursuing this relationship is worthwhile
for the research community.
Low barrier to entry for malvertisers. An attacker wishing to deploy a malver-
tising campaign would likely search for a DSP offering a low upfront cost and an
ineffective ad review process while still offering reasonably accurate targeting fea-
tures. Researchers who obtain measurements through ads served directly by DSPs
would seek similar DSP attributes. DSPs that offer simple account creation, a less
rigorous ad review process (which allows for a variety of measurements), and accurate
targeting would be desirable to these researchers. By analyzing a number of DSPs, we
seek to find a trade-off between supported features, low cost, and ad review process
rigor. In Section 4.4.1, we consider the potential for establishing an ad server external
to the DSP which would enable more sophisticated measurements while additionally
removing the ad review requirement.

16
 DSP targeting accuracy. Each DSP offers a different range of targeting options
based on geographic area or IP address range. The ability to accurately deploy
an advertisement is desired for both malvertising and measurements. To evaluate
targeting granularity, we will explore the potential to display ads within a specific
organization. In our experiment, we position ourselves as malvertisers to target U.S.
government agencies in Washington D.C. We do not deliver any malicious code to
viewers of our advertisement, rather we seek to analyze the results of all received web
beacons to determine which agencies could have been affected with a malvertising
campaign. Successful targeting of organizations based on zip code will validate our
subsequent measurement experiments which target users at the country-level.
Q2: Can researchers leverage the capabilities of DSPs for to measure
in-flight page alterations or online censorship?
Based on the accuracy of DSP targeting, we aim to determine the efficacy of ad
networks as a deployment mechanism for measurement. We measure in-flight page
alterations and the existence of SSL stripping attacks against globally dispersed users
[38, 44, 47]. Previous studies measure in-flight page alterations with scripts embedded
on publisher pages or through installed browser plug-ins and extensions. Additionally,
SSL stripping studies have shown this attack is feasible in theory but there have not
be any reported instances in the wild. Using a similar measurement methodology,
we also seek to measure online censorship within China. While there are censorship
measurement schemes currently deployed [7, 13], none take measurements from the
user’s perspective at times or locations determined by the researcher.

17
Chapter 4

Experiments

4.1 From Malvertisement to Measurement

In this experiment, we evaluate the DSP features a malvertiser might use to target
a campaign against specific organizations. Our goal is to determine which features
useful for malvertising can be repurposed for web measurements. To that end, we
assume the role of an attacker who seeks to launch a malvertising campaign against
U.S. government agencies. We first evaluate four DSPs and choose one that provides
accurate targeting at a low cost. Additionally, part of the evaluation process is to
determine what type of ad review process exists (i.e., whether obviously malicious
ads approved for release into the ad ecosystem) and what type of malicious ad could
be approved. The results of our evaluation are summarized in Table 4.1. We only
include DSPs that provide a web interface to their platform, as opposed to those
that offer programmatic interfaces. We assume an attacker who seeks to launch a
malvertising campaign will not possess the large ad budget required to interface with
the latter, nor will the attacker submit to the required additional account verification
performed the DSP.

18
4.1.1 DSP Selection

Each DSP supports the deployment of a Flash advertisement in SWF format written
in ActionScript 3. Ideally, advertisers would accept JavaScript advertisements which
would afford capabilities such as reading HTTP status codes in the browser. Every
DSP we encountered refused to support direct JavaScript advertising from new ad-
vertisers. This is understandable as a method to prevent malicious advertisements
from entering the ad ecosystem through the DSP as ad exchanges will sever rela-
tionships with DSPs known for releasing malicious advertisements. Despite a lack
of direct support for JavaScript, ActionScript offers the ability to execute embedded
or anonymous JavaScript functions by using the ExternalInterface class (likewise,
JavaScript functions can make calls to ActionScript functions). For ActionScript to
execute JavaScript functions, the SWF object must be embedded with the parameter
AllowScriptAccess=“always” or the SWF object must be embedded in a first-party
context. We found that the former was true for ads deployed with two DSPs. This is
significant since an attacker who deploys ads through these DSPs could manipulate
the DOM if the ad is not embedded in an iFrame; or more seriously, an attacker might
have access to user cookie data if the HTTP-only attribute is set to false [60].
ed

?
t

ish JS
or

es
pp

iv
g?
Ph ry
t
ns

os

at
Su

in
te itra
io

re
pt
es

C
rb
nt
O
ng

ro

d
te
a

pf
en

e
ch

or
ut
U

u
ym
Ex

pp
ec

ec
in

Ex

Ex

DSP
Pa

Su
M
#

SiteScout 52 CC,PP $500 N Y I,S

Admedo 28 CC,PP $50 Y Y I,S
ExactDrive UKN CC None Y Y I,S,M,H
Adperium 5 CC,PP,W None N N I,S

Table 4.1: Evaluation of DSPs

CC=Credit Card, PP=PayPal, W=Wire, UKN = Unknown, I=Image, S=SWF, M=media file
(e.g., MOV or MPG), H=HTML

19
 However, researchers could additionally use this capability to execute JavaScript-
based measurements without requiring publisher participation. These measurements
pose no risk for the publisher, particularly when the ad is embedded within an iFrame.
We examine the ability for an attacker to phish users through each DSP. This
attack can be performed by exploiting the practice of embedding piggyback pixels and
lingering browser support for basic HTTP authentication. A web beacon triggered
within the advertisement can be destined to an attacker-controlled server. This server
can respond with 401 Unauthorized, triggering an HTTP authorization prompt to be
displayed to the user. This attack is made more effective by the ability to target
specific domains through the DSP. We create an ad that triggers a 401 Unauthorized
in an attempt to obtain approval through the ad review process. We do not make any
alterations to our advertisement in order for it to be obvious to any human reviewer
that our ad displays an authorization prompt. Despite this, our ad is approved by
three of the DSPs we included in our study. However, we do not take our campaign
active into the ad ecosystem or phish users on the web.
Despite this, by configuring the destination of the web beacon to a collection
server, web beacons can additionally be used by researchers to obtain measurement
samples or upload test results. Our experiments in 4.2 and 4.3 demonstrate this
technique for collecting measurement data.
The upfront deposit required to launch a campaign through each DSP varies. The
larger DSPs require a minimum deposit of at least $50 to active an advertiser account
for the first ad campaign. We discovered a direct correlation between the upfront cost
required to start an ad campaign and the number of ad exchanges supported by the
DSP (which determines the potential scale of the ad campaign). Not surprisingly, the
largest DSP we encountered required the highest deposit of $500 and interfaced with
far more ad exchanges than the other DSPs in our study. Additionally, the largest
DSP offered granular targeting options such as the ability to target the same domain

20
through different ad exchanges. The trade-off for these features is the inability to
execute arbitrary JavaScript through our SWF advertisement. Despite this, we chose
SiteScout [15] as the DSP to launch our experiments.

4.1.2 Targeting Evaluation

Researchers can target specific organizations. To evaluate the location-based

targeting accuracy of our DSP, we create a SWF advertisement that contains a web
beacon back to an Amazon EC2 instance used for our experiments.
We target our advertisement at the zip codes associated with the U.S. Congress
and additionally at Washington, D.C. We choose to display our ad on 30 domains that
we hypothesize workers in government buildings might visit and that also have a high
number of available impressions for purchase (e.g., reuters.com, washingtonpost.com,
pandora.com). See Appendix A for a full list of sites we target in this experiment. We
deployed our campaign for five hours during a business week and the results are shown
in Figure 4.1. To determine a view from a government agency, we match the source
IP address of the web beacon with known government IP addresses in the WHOIS
database [22] and by interpreting the source domain if the source IP address resolves to
a domain. For example, beacons with a source IP address within the 143.231.0.0/16
address block are from users located at the US House of Representatives. These
beacons resolve to a source domain of housegate10.house.gov.
Figure 4.1 underscores the low cost ability for an attacker to target a malvertising
campaign against specific organizations. Furthermore, analysis of the web beacons
yields interesting results. First, each agency handles network traffic from clients in
different ways. The Department of Justice (DoJ), for example, seems to utilize a
NAT on its network but does not filter web users through an HTTP proxy (or if it
does, it does not scrub the user-agent string). From these user-agent strings, we can

21
further deduce that some users on the DoJ network are still using Windows XP and
therefore constitute an easy target for would-be attackers.

US DoJ
US Senate
DHS
Federal Reserve
NPS
NRL
US House of Rep
Dept of Com
Dept of HUD
Dept of Labor
Dept of Trans
FERC
FHFA
FMSHRC
NOAA
Off of Compt
State Dept
Treasury

0 5 10 15 20 25 30

# Views

Figure 4.1: Ad Views by 18 U.S. Govt Agencies

Is it possible to cheaply target specific organizations? For approximately $130, we won 67,130 ad
impressions during a typical business day. Our advertisement was viewed 119 times across 27 state
and federal government agencies (we show federal agency views here). We highlight that we
achieved views from each of the listed federal agencies after spending approximately $8 during the
first hour of the campaign. This underscores the low cost and effort required to put an
advertisement in front of individuals within targeted organizations. We chose to let the campaign
run over several hours; however, a more patient attacker might execute a malvertising campaign
over days or weeks, achieving a higher number of ad views within these agencies.

Other government organizations seem to be more security-conscious. The U.S.

Senate appears to use an HTTP and HTTPS proxy in addition to a NAT. Addition-
ally, web beacons received from users on U.S. Senate networks do not include any
source domain information. This could be a deliberate security measure to prevent
domain resolution of user generated traffic. We determine the presence of NAT mid-
dleboxes and proxies by calculating a GUID in the ad, which each user uploads in
the query string of the web beacon. This indicates different users viewing the ad
even though the IP address or user-agent might be the same. It could also indicate a

22
refresh of the ad, though we mitigate this confound by limiting the display of our ad
to once every 24 hours (an option the DSP provides to advertisers).

# Instances
NAT Detected 12/18
HTTP Proxy 4/18
HTTPS Proxy 3/18
Src IP Resolves to Domain 17/18
Windows XP Users 1/18

Table 4.2: Web Beacon Analysis of 18 Agencies

This experiment demonstrates the low cost and sophistication necessary for at-
tackers to target a malvertising campaign against specific organizations. However,
researchers can use these same techniques to obtain measurements targeted at spe-
cific locations. Our subsequent experiments leverage the capabilities of a DSP to
perform measurements of in-flight page alteration and Chinese online censorship.

4.2 In-Flight Page Alteration

If an attacker is able to position himself on the network path between clients and
servers, he can attempt to intercept HTTP messages or manipulate web content or
inject scripts into the downloaded pages. This could result in the victim establishing
unencrypted connections or executing malicious code for the purposes of stealing
credentials or online tracking.

4.2.1 Measurement Process

To measure pages altered in-flight, we deploy a SWF advertisement that targets

16 countries. A list of these countries can be found in Appendix B. At a high-
level, our methodology involves retrieving a preconfigured measurement page and, if
any changes are detected, uploading it to our server to determine the source of the
alteration. To detect the presense of an SSL stripping attack, we assume the attacker
23
rewrites links on the intercepted page. This is due to browers blocking Flash Player
access to HTTP status codes (i.e., HTTP redirect messages in this case). We discuss
this limitation in Section 4.4.1.

1 GET researcher.edu/testpage.html

AD

TestPage.html
Page Interception
MD5 Hash Script Injection
4 3 <a href=“https://www…”>
POST results.zip Link Rewriting <a href=“https://www…”>
<a href=“https://www…”>

2 HTTP Response

AlteredTestPage.html

<a href=“http://www…”>
…
<script>….<\script>

Figure 4.2: Page Alteration Measurement

The advertisement downloads our measurement web page via HTTP and calculates the MD5 hash.
If it varies from the correct hash, the altered page is uploaded to our server for analysis.

Similar to our malvertising experiment, we deploy an EC2 instance to use as the

destination for web beacons we embed in our ad for tracking impression views (see
Figure 4.2). This server also hosts a measurement web page that users download and
hash for comparison. The measurement page contains a group of links with HTTPS
prefixes. We compute the MD5 hash of the unaltered measurement page and include
this string as a constant variable in the advertisement code. Lastly, the server also
accepts uploaded comparison results from users. We describe this process in detail
below.
A user visits a page where our advertisement is displayed. The advertisement
includes logic to compute a GUID for the user (we do not set cookies for user tracking).
This GUID is uploaded via HTTP and HTTPS to our server in the query string of

24
the web beacon and logged with additional user information from the web beacon
(e.g., user IP address, referer, etc.).
The ad then downloads the measurement web page hosted on our server and
computes the MD5 hash of the page. To an attacker on the network, the request is
identical to a standard HTTP GET request. If the hash of the downloaded measurement
page differs from that of the unaltered page, the ad compresses and uploads the altered
page to our server via HTTP and HTTPS. We compress the page to circumvent any
filtering or page alteration mechanisms that might modify the uploaded page prior
to it reaching our server. We also upload the measurement results via HTTP and
HTTPS in the event one protocol is blocked or a proxy is deployed to intercept HTTP
POST messages.

4.2.2 Results

We detect 984 instances of in-flight page alterations. With an ad expen-

diture of $370, we obtain 326,734 impressions across 41 domains in 16 countries.
The majority of these were the result of script injections, with others the result of
links being outright removed from our measurement page. For example, a script
tag with a source attribute of http://app.offerbox.com/js/index.php is found in
some cases and http://d.gettvwizard.com/l/load.js in others. Other instances
include seemingly obfuscated JavaScript embedded in-line on the altered page. Other
page alterations include DOM manipulation (i.e., removing line breaks in the HTML)
but no change in the page content. We detect compression of our measurement page
performed at the ISP level, injection of scripts associated with malware (indicating
an infected end host), and meta tag alterations (see Table 4.3). While not all of
these alterations are the result of pages modified by an ISP or network adversary, our
results are consistent with Reis et al [49] for detecting page alterations between the
publisher and user’s browser.

25
 To analyze the behavior of the injected scripts, we executed the altered pages in
a browser. This allows us to view network traffic or cookies set as a result of the
script injection. Interestingly, we discover in some cases the browser sending user
IDs to third parties. For example, several instances of obfuscated JavaScript set a
JSESSIONID in a cookie and send it to superfish.com. We also observe JavaScript
downloaded from re.taotaosou.com set a BAIDUID in a cookie and subsequently send
it to hm.baidu.com.
Many of the script injections result in the display of ads. While some of these ads
promoted businesses, several appeared to be attempts at deceptive downloads. For
example, the content of the ad mimics a Windows display which encourages the user
to click and install a required plug-in or install anti-virus software. Although our
measurement page is requested from within our ad, at the network level, the request
looks identical to the user browsing to our page. This seems to indicate the injection
of ads elsewhere within pages where our measurement ad is displayed. Or worse, it
points to the injection of scripts used for tracking purposes. We also discover a small
number of instances where links on our measurement page were removed. In all but
one case, a link to Google was selectively left behind on the page while links to less
popular sites were removed. This might be the result of a more subtle approach to
censorship: prevent linking to less popular domains where detection is less likely to
occur.

# Instances
Script injection only 504
Compression or altered meta tag 427
Script inject, cookie set & sent to 3P 48
Link Removal 5

Table 4.3: Types of Page Alteration Detected

Though we do not detect SSL stripping in the wild, we demonstrate the capability
of deploying measurement code through ad networks that would facilitate future

26
detection. Performing a measurement of this scale would otherwise entail attempts
to recruit users in countries where awareness campaigns might be difficult to execute.
As the probability increases that a country is might be executing an SSL stripping
attack at a large scale, the more difficult it will likely be for researchers to inform
users about a measurement page to visit or a browser extension they might install to
crowd source measurement data.

4.3 Online Censorship

With a wide variety of censored content, censorship techniques, and a common prac-
tice of blocking entire domains (as opposed to specific content within a web page),
China is an obvious choice to deploy and evaluate censorship detection through ad
networks.

4.3.1 Measurement Process

We deploy a SWF advertisement to measure the filtering of six domains within China,
chosen from a Herdict list and GreatFire.org (see Figure 4.3). As a protection
against punitive action against users, we only attempt to measure domains which
have a significant third-party presence on the web (as discussed in Section 3.2). When
a user visits a web page with our advertisement displayed, a request for a known logo
graphic for each domain is sent from the user’s browser. As with our other experi-
ments, a web beacon that includes the GUID of the user (and network information
such as IP address) is triggered within the advertisement and logged at our EC2 in-
stance. A list of contacted domains is updated with the completion status of each
download. We also store the time elapsed between the request and when each graphic
was successfully downloaded. After an overall timeout period expires, any outstand-
ing requests are deemed a failure. The list is compressed, configured with a file name

27
that matches the web beacon GUID, and uploaded to our EC2 instance where we
compare the uploaded results to the web beacon information for the corresponding
user.

.com
cked
unblo
1 GET

2 GET censored.com/icon.png

AD
Censored
Domain
3

Figure 4.3: Chinese Online Censorship Ad

The advertisement attempts to download a logo graphic from potentially blocked domains. After a
timeout, the results of the successful and blocked connections are uploaded to our server.

Before obtaining our measurement samples, we first establish a timeout threshold

that prevents false positives. We encounter another trade off: if the timeout is set
too low, a user with a degraded network connection will log a domain blockage when
network latency was at fault. Set too high and users will navigate away from the
page with our advertisement before the results of their measurement are uploaded.
We establish our timeout threshold by executing a control measurement across known
unblocked domains according to GreatFire.org. These domains were also chosen for
their third-party pervasiveness across the web. We win 12,312 impressions across 16
domains to measure the four known-unblocked domains (see Table 4.4). Of the total
impressions, 3,474 users uploaded measurement results, indicating that the remainder
are the result of blocked outbound connections or that users navigated away from the
page with our advertisement before uploading the data. From this control measure-
28
ment, we calculate an upper bound median latency of approximately three seconds.
For a conservative buffer, we establish a timeout of ten seconds for subsequent mea-
surements.

Domain False Positives Median Latency (s)

Nielson.com 284 2.732
ConversantMedia.com 97 2.342
RadiumOne.com 78 2.097
AddThis.com 52 0.859

Table 4.4: Results from Known Unblocked Sites

Number of blocks reported and median download time by domain out of 3,474 samples taken
during the measurement

4.3.2 Results

Wide-spread heterogeneous censorship. With an ad expenditure of $9.90, we

receive 3,940 measurement samples uploaded by users in China and detect widespread
censorship. This results in an experiment that includes 23,640 online censorship
data points taken from the perspective of users across the country. These samples
are the result of winning 8,908 impressions across 12 domains where we display our
advertisement to measure censorship of six potentially blocked sites (see Table 4.5).
Our measurement indicates near complete blocking of five of the six domains we
included in our study. Surprisingly, we discover almost no censorship of nyt.com.
Our measurement data is consistent with data retrieved from GreatFire.org and
Herdict; however, we notice GreatFire.org measures blocking of nyt.com at 100%.
Our measurement data shows almost no blocking of this domain during the time
period we tested. This discrepancy could be due to sensor IP blocking or DNS
poisoning of the sensor source network. Users that do experience blocked access to
nyt.com (which seemingly includes GreatFire.org sensors) could be experiencing
the effect of an ISP-specific censorship policy which we discuss below.

29
 Domain # Blocked % Blocked Med Latency (s)
Twitter 3785 96% 2.579
Dropbox 3773 95% 4.426
YouTube 3752 95% 1.509
Facebook 3725 94% 2.058
Google 3644 92% 3.571
NY Times 282 7% 2.18

Table 4.5: Chinese Online Censorship Measurement

Blocks reported by users and median download time by domain out of 3,940 samples taken during
the measurement

We uncover a heterogeneous implementation of online censorship policy within

China. For sites that are considered seemingly 100% blocked (e.g., Twitter or Drop-
box), we measure some users successfully connecting to the domain. Analyzing the
web beacons of those users able to successfully connect to blocked domains, we deter-
mine that blocking does indeed occur at the ISP level (as opposed to policies applied
at the city level). For example, we analyzed the results uploaded from three users in
Beijing, each with a different ISP. One user was able to access YouTube, Facebook,
and nyt.com despite the former two sites known to be heavily blocked in China. The
next user was only able to access nyt.com and the last user in this group was not
able to access any of the domains we measured. Likewise, we find blocking policies
to be homogeneous within ISPs.
This methodology differs from other censorship detection mechanisms.
First, it highlights the low cost and simplicity with which researchers can execute tar-
geted measurements through online ad networks. Additionally, measuring from the
vantage point of users on access networks provides reliable measurements that do not
require periodic configuration changes, as is the case with GreatFire.org when cen-
sors discover the IP addresses associated with measurement nodes. By leveraging the
location targeting capabilities of a DSP, researchers can obtain a measurement sample
from select countries across any domain with which the publisher has a relationship
with a supported ad network.

30
 Furthermore, conducting measurements through ad networks reflects a similar
motivation as that of the Collateral Freedom Project itself. In order to prevent
measurements from being taken, Chinese censors would be forced to block requests
to ad networks. As advertising is a major source of revenue for online publishers, it
seems reasonable that if this blocking were to occur, popular demand would force a
reversal as was the case with GitHub censorship in 2013 [6]. As an alternative, our
beacons could be blocked by censors by denying access to our EC2 instance IP or
domain. However, we can simply change the destination address of the web beacons
in our advertisements.

4.4 Ad Platform for Research

Utilizing ad networks to deploy malicious advertisements or measurement code poses

not only technical challenges, but those related to interfacing with DSPs as well. We
describe the limitations of our ActionScript advertisement implementation and issues
that arise when establishing a business relationship with various DSPs.

4.4.1 Challenges and Limitations

We discover a balance between DSP size, ad review rigor, and targeting

features provided. In addition to the higher probability of a manual review process,
we discovered that smaller DSPs are sometimes more careful about which advertisers
they choose establish a relationship. At a basic level, we encountered a small DSP
that refused to open an account for an advertiser with an email address from a free
email provider (i.e., we need a business email from a domain we presumably paid
for). Other DSPs require phone verification of an account holder prior to account
activation.

31
 Small DSPs seem to provide an injection point for arbitrary JavaScript but do not
appear to have the reach or granular targeting capabilities of larger DSPs. They also
appear more likely to place a human in the ad review process. On the other hand,
larger DSPs are more restrictive in supported ad formats; however, in addition to no
manual ad review process, we demonstrate that this lack of support is out-weighed
by the targeting capabilities of a larger platform.
Flash ad limitations. The most basic reason we would receive an ad review
rejection is due to a landing page that doesn’t match our advertisement or if the
landing page redirects the user to a different page. Initially, our advertisement was
for a fictitious organization and linked to ubuntu.com. This was refused by all DSPs
we included in our study. However, half of the DSPs approved an ad whose landing
page redirected to a different URL as long as the first page in the redirect chain
matched the advertisement. This leaves open the possibility of a redirect chain that
leads to a malicious domain, resulting in a drive-by download.
Next, Adobe Flash Player introduces its own limitations. While ActionScript
3 contains classes that allow developers to access HTTP headers or status codes,
these are not accessible in Flash Player. Our page alteration measurement could be
enhanced with access to these attributes. We note that a Flash socket policy server
could be used to open TCP connections and read HTTP responses; however, we do
not utilize this capability in our measurements in an effort to identically mimic web
browsing traffic as an ethical consideration (as opposed to generating spurious HTTP
requests through a TCP socket that might raise suspicion towards the user).

4.4.2 Potential for future research

Our work encourages the deployment of more sophisticated measurements through

online ad networks. While our SWF advertisement encounters limitations that de-
crease its usefulness for many measurements, advertisements written in JavaScript or

32
HTML5 show potential for future experiments. Many DSPs provide the capability for
advertisers to host their advertisements externally from the DSP. To do so, selected
advertisers must build a trusted relationship with the DSP since those advertisers
would not be subject to any ad review process within the DSP.
Our experiments could benefit from this type of relationship. In our page al-
teration measurement, we could detect a MITM downgrading our connection to an
HTTPS-only online service provider. To do so, we would establish a location on
our server that always redirects the user to the secure version of the page. A web
beacon to the insecure version of the page would be triggered, and the absence of a
301 message would indicate an attacker downgrading the connection but not altering
secure links on the page. Similarly, a censorship measurement with access to HTTP
status codes could confidently distinguish blocked connections from excessive network
latency.
In addition to deploying JavaScript or HTML5 measurement ads, researchers could
take full advantage of programmatic advertising by also interfacing with those DSPs
that do not offer web interfaces. A programmatic interface provides the additional
benefit of deploying dynamic measurements that trigger actions based on the result of
a sample. For example, when a web beacon signals a blocked domain, measurement
ad targeting is adjusted to those areas to receive rapid feedback on newly censored
domains.

33
Chapter 5

Conclusion

Demand Side Platforms and programmatic ad buying provide advertisers a low-cost

ability to target a large number of users based on granular factors such as IP address,
geographic location, or browser vendor. We demonstrate that the real-time bidding
process creates a two-edged sword. These features can be easily leveraged by attackers
determined to launch malicious advertising campaigns against specific organizations.
However, researchers can utilize these same targeting features and malvertising tech-
niques to deploy web measurements on a global-scale. Our future work focuses on
building a business relationship with a DSP which would enable sophisticated mea-
surement systems. The potential for performing a variety of measurement studies
only increases with the pervasiveness of online advertising.

34
Appendix A

Targeted Domains in Malvertising

Experiment

1. bbc.com

2. huffingtonpost.com

3. usatoday.com

4. pandora.com

5. foxnews.com

6. espn.com

7. theguardian.com

8. weather.com

9. washingtonpost.com

10. reuters.com

11. live.com

35
12. nytimes.com

13. accuweather.com

14. bing.com

15. nfl.com

16. cnn.com

17. yahoo.com

18. about.com

19. yelp.com

20. forbes.com

21. bostonherald.com

22. facebook.com

23. youtube.com

36
Appendix B

Countries Included in Page

Alteration Measurement

1. Bahrain

2. China

3. Cuba

4. Egypt

5. India

6. Iran

7. Pakistan

8. Russia

9. Syrian Arab Republic

10. Turkey

11. United Arab Emirates

37
12. Australia

13. France

14. Jordan

15. North Korea

16. Venezuela

38
Bibliography

[1] Admedo: Accessible programmatic advertising. http://www.admedo.com.

[2] Advertising firms struggle to kill malvertisements. http://arstechnica.

com/security/2014/09/advertising-firms-struggle-to-kill-
malvertisements/.

[3] Amazon mechanical turk. https://www.mturk.com.

[4] Collateral freedom: A snapshot of chinese internet users circumventing censor-

ship. http://openitp.org/pdfs/CollateralFreedom.pdf.

[5] Exactdrive. http://www.exactdrive.com.

[6] Google can bring an end to censorship in 10 days. here’s how.

https://en.greatfire.org/blog/2013/nov/google-can-bring-end-
censorship-10-days-heres-how.

[7] Greatfire.org: Online censorship in china. https://en.greatfire.org.

[8] How often is the times tweeted? http://open.blogs.nytimes.com/2010/04/

15/how-often-is-the-times-tweeted/.

[9] Iab internet advertising revenue report. http://www.iab.net/media/file/

IAB_Internet_Advertising_Revenue_Report_HY_2014_PDF.pdf.

[10] Iab wiki: Web beacon. http://www.iab.net/wiki/index.php/Web_beacon.

[11] Metaphone: The sensitivity of telephone metadata. http://webpolicy.org/

2014/03/12/metaphone-the-sensitivity-of-telephone-metadata.

[12] Online advertising and hidden hazards to consumer security and data pri-
vacy. http://www.hsgac.senate.gov/media/permanent-subcommittee-
on-investigations-releases-report-online-advertising-and-hidden-
hazards-to-consumer-security-and-data-privacy-.

[13] Opennet initiative’s herdict web. http://www.herdict.org/web.

[14] Sitescout ad server. http://www.sitescout.com/ad-server.

[15] Sitescout rtb - demand side platform. http://www.sitescout.com/rtb.

39
[16] Yahoo malvertising attack linked to larger malware scheme. http:
//www.networkworld.com/article/2173311/byod/yahoo-malvertising-
attack-linked-to-larger-malware-scheme.html.

[17] David Bamman, Brendan O’Connor, and Noah Smith. Censorship and deletion
practices in chinese social media. First Monday, 17(3), 2012.

[18] Joseph Bonneau and Stuart Schechter. Towards reliable storage of 56-bit secrets
in human memory. In Proceedings of the 23rd USENIX Security Symposium,
August 2014.

[19] Sam Burnett and Nick Feamster. Encore: Lightweight measurement of web
censorship with cross-origin requests. arXiv preprint arXiv:1410.1211, 2014.

[20] Richard Clayton, Steven J Murdoch, and Robert NM Watson. Ignoring the great
firewall of china. In Privacy Enhancing Technologies, pages 20–35. Springer,
2006.

[21] Marco Cova, Christopher Kruegel, and Giovanni Vigna. Detection and analysis
of drive-by-download attacks and malicious javascript code. In Proceedings of the
19th international conference on World wide web, pages 281–290. ACM, 2010.

[22] Leslie Daigle. Whois protocol specification. 2004.

[23] Amit Datta, Michael Carl Tschantz, and Anupam Datta. Automated exper-
iments on ad privacy settings: A tale of opacity, choice, and discrimination.
arXiv preprint arXiv:1408.6491, 2014.

[24] Mohan Dhawan, Justin Samuel, Renata Teixeira, Christian Kreibich, Mark All-
man, Nicholas Weaver, and Vern Paxson. Fathom: A browser-based network
measurement platform. In Proceedings of the 2012 ACM conference on Internet
measurement conference, pages 73–86. ACM, 2012.

[25] Steven Englehardt, Christian Eubank, Peter Zimmerman, Dillon Reisman, and
Arvind Narayanan. Web privacy measurement: Scientific principles, engineering
platform, and new results, 2014.

[26] Sean Ford, Marco Cova, Christopher Kruegel, and Giovanni Vigna. Analyzing
and detecting malicious flash advertisements. In Computer Security Applications
Conference, 2009. ACSAC’09. Annual, pages 363–372. IEEE, 2009.

[27] Aniko Hannak, Piotr Sapiezynski, Arash Molavi Kakhki, Balachander Krishna-
murthy, David Lazer, Alan Mislove, and Christo Wilson. Measuring personaliza-
tion of web search. In Proceedings of the 22nd international conference on World
Wide Web, pages 527–538. International World Wide Web Conferences Steering
Committee, 2013.

40
[28] Lin Shung Huang, Alex Rice, Erling Ellingsen, and Collin Jackson. Analyzing
forged ssl certificates in the wild. In Security and Privacy (SP), 2014 IEEE
Symposium on, pages 83–97. IEEE, 2014.

[29] Martin Johns. On javascript malware and related threats. Journal in Computer
Virology, 4(3):161–178, 2008.

[30] Patrick Gage Kelley, Saranga Komanduri, Michelle L Mazurek, Richard Shay,
Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, and Julio
Lopez. Guess again (and again and again): Measuring password strength by
simulating password-cracking algorithms. In Security and Privacy (SP), 2012
IEEE Symposium on, pages 523–537. IEEE, 2012.

[31] Christian Kreibich, Nicholas Weaver, Boris Nechaev, and Vern Paxson. Netalyzr:
illuminating the edge network. In Proceedings of the 10th ACM SIGCOMM
conference on Internet measurement, pages 246–259. ACM, 2010.

[32] Balachander Krishnamurthy and Craig Wills. Privacy diffusion on the web: a
longitudinal perspective. In Proceedings of the 18th international conference on
World wide web, pages 541–550. ACM, 2009.

[33] Zhou Li, Kehuan Zhang, Yinglian Xie, Fang Yu, and XiaoFeng Wang. Knowing
your enemy: understanding and detecting malicious web advertising. In Proceed-
ings of the 2012 ACM conference on Computer and Communications Security,
pages 674–686. ACM, 2012.

[34] Yabing Liu, Krishna P Gummadi, Balachander Krishnamurthy, and Alan Mis-
love. Analyzing facebook privacy settings: user expectations vs. reality. In
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement
conference, pages 61–70. ACM, 2011.

[35] Rebecca MacKinnon. China’s” networked authoritarianism”. Journal of Democ-

racy, 22(2):32–46, 2011.

[36] Anirban Majumder and Nisheeth Shrivastava. Know your personalization:

Learning topic level personalization in online services. In Proceedings of the
22nd international conference on World Wide Web, pages 873–884. International
World Wide Web Conferences Steering Committee, 2013.

[37] Delfina Malandrino, Andrea Petta, Vittorio Scarano, Luigi Serra, Raffaele
Spinelli, and Balachander Krishnamurthy. Privacy awareness about information
leakage: Who knows what about me? In Proceedings of the 12th ACM workshop
on Workshop on privacy in the electronic society, pages 279–284. ACM, 2013.

[38] Moxie Marlinspike. More tricks for defeating ssl in practice. Black Hat USA,
2009.

41
[39] Niels Provos Panayiotis Mavrommatis and Moheeb Abu Rajab Fabian Monrose.
All your iframes point to us. In 17th USENIX Security Symposium, pages 1–22,
2008.
[40] Jakub Mikians, László Gyarmati, Vijay Erramilli, and Nikolaos Laoutaris. De-
tecting price and search discrimination on the internet. In Proceedings of the
11th ACM Workshop on Hot Topics in Networks, pages 79–84. ACM, 2012.
[41] Jakub Mikians, László Gyarmati, Vijay Erramilli, and Nikolaos Laoutaris.
Crowd-assisted search for price discrimination in e-commerce: first results. arXiv
preprint arXiv:1307.4531, 2013.
[42] Nick Nikiforakis, Luca Invernizzi, Alexandros Kapravelos, Steven Van Acker,
Wouter Joosen, Christopher Kruegel, Frank Piessens, and Giovanni Vigna. You
are what you include: Large-scale evaluation of remote javascript inclusions.
In Proceedings of the 2012 ACM conference on Computer and communications
security, pages 736–747. ACM, 2012.
[43] Nick Nikiforakis, Federico Maggi, Gianluca Stringhini, M Zubair Rafique, Wouter
Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna, and Stefano
Zanero. Stranger danger: exploring the ecosystem of ad-based url shortening
services. In Proceedings of the 23rd international conference on World wide web,
pages 51–62. International World Wide Web Conferences Steering Committee,
2014.
[44] Nick Nikiforakis, Yves Younan, and Wouter Joosen. Hproxy: Client-side de-
tection of ssl stripping attacks. In Detection of Intrusions and Malware, and
Vulnerability Assessment, pages 200–218. Springer, 2010.
[45] Lukasz Olejnik, Tran Minh-Dung, Claude Castelluccia, et al. Selling off privacy
at auction. 2013.
[46] Mark O’Neill, Scott Ruoti, Kent Seamons, and Daniel Zappala. Tls proxies:
Friend or foe? arXiv preprint arXiv:1407.7146, 2014.
[47] Alberto Ornaghi and Marco Valleri. Man in the middle attacks demos. Blackhat
[Online Document], 2003.
[48] Niels Provos, Dean McNamee, Panayiotis Mavrommatis, Ke Wang, Nagendra
Modadugu, et al. The ghost in the browser analysis of web-based malware. In
Proceedings of the first conference on First Workshop on Hot Topics in Under-
standing Botnets, pages 4–4, 2007.
[49] Charles Reis, Steven D Gribble, Tadayoshi Kohno, and Nicholas C Weaver. De-
tecting in-flight page changes with web tripwires. In NSDI, volume 8, pages
31–44, 2008.
[50] Aditya K Sood and Richard J Enbody. Malvertising–exploiting web advertising.
Computer Fraud & Security, 2011(4):11–16, 2011.
42
[51] Srikanth Sundaresan, Sam Burnett, Nick Feamster, and Walter De Donato. Bis-
mark: A testbed for deploying measurements and applications in broadband
access networks. In Proc. of USENIX Annual Technical Conference. USENIX,
2014.

[52] Mike Ter Louw, Karthik Thotta Ganesh, and VN Venkatakrishnan. Adjail: Prac-
tical enforcement of confidentiality and integrity policies on web advertisements.
In USENIX Security Symposium, pages 371–388, 2010.

[53] Steven Van Acker, Nick Nikiforakis, Lieven Desmet, Wouter Joosen, and Frank
Piessens. Flashover: Automated discovery of cross-site scripting vulnerabilities
in rich internet applications. In Proceedings of the 7th ACM Symposium on
Information, Computer and Communications Security, pages 12–13. ACM, 2012.

[54] Thomas Vissers, Nick Nikiforakis, Nataliia Bielova, and Wouter Joosen. Crying
wolf? on the price discrimination of online airline tickets. HotPETS, 2014.

[55] Nevena Vratonjic, Julien Freudiger, and Jean-Pierre Hubaux. Integrity of the
web content: The case of online advertising. In CollSec, 2010.

[56] Nicholas Weaver, Robin Sommer, and Vern Paxson. Detecting forged tcp reset
packets.

[57] Yinglian Xie, Fang Yu, Zhou Li, and Xiaofeng Wang. Determining legitimate
and malicious advertisements using advertising delivery sequences, June 19 2012.
US Patent App. 13/527,586.

[58] Xinyu Xing, Wei Meng, Dan Doozan, Nick Feamster, Wenke Lee, and Alex C
Snoeren. Exposing inconsistent web search results with bobble. In Passive and
Active Measurement, pages 131–140. Springer, 2014.

[59] Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz,

Christopher Kruegel, and Giovanni Vigna. The dark alleys of madison avenue:
Understanding malicious advertisements. In Proceedings of the 2014 Conference
on Internet Measurement Conference, pages 373–380. ACM, 2014.

[60] Yuchen Zhou and David Evans. Why arent http-only cookies more widely de-
ployed. Proceedings of 4th Web, 2, 2010.

43