{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 时光不老,我们不散 的问题《Prevention methods for click fraud on advertisemen》','https://www.manongdao.com/q-1267059.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
How can I prevent from abusing by over clicking my ads...or using an automated system, or an iframe with the ad url to inflate the clicks.
I was wondering having the following in place but I was wondering what more can I add and how.
1). Encrypt each ad id and bind the encryption with time, so if the click is within a time limit then approve the click. However there are about 20 ads placeholders shown on some websites at once, so the encryption may be slowed down. Also what sort of encryption can I use? something that can be decrypted or validated within the time limit of the generation of the encrypted link. Also the encryption needs to be very fast. decryption can be a bit slower. For every request there need to be about 20 encryptions on average and there are about 1000 peak requests per second so you can get the picture.
2). Having cookies generated by JavaScript and which means that the ad must have most likely been seen and then clicked on. However the frauds may open the ads in an iframe and then open a link to the ad randomly, which will the clicks look authentic. So are there any improvements that can be made here?
3)Another one was to make sure that if the ad link was opened in an iframe then use the iframe breaking script.
4) Any other suggestions...You can also say the methods used by the advertisers such as adsense but please only keep them relevant to the scale of my situation as it is not even 1% of that of the adsense. I am using a php/mysql/javscript/ajax/json based system.
Protection has to be mainly on the server; anything on the client (browser) is too easily compromised.
Start by do something slightly differently from everyone else. If I were doing this I'd use an image map to partition the image up into 10 (or more) sections and measure the average click frequency of each section. You can use this data to statistically weight the probability that this is a real click based on other clicks. Possibly partition off 0,0 and the extremities.
Also I'd protect this largely on the server by serving up each ad with a unique tracking id and correlating this (on the server) to allow the following to be monitored:
I'd resist the temptation to do too much on the client side as it's far to visible and easier to compromise.
Once you've implemented the above it should be used to produce reports that allow a person to asses the possibility of click fraud, any automated system will never be as good at spotting patterns.
Also worth reading White Paper: ClickTracks Analytics Inc. ClickTracks Approach to Click Fraud Analysis
You have the following choices that you can follow:
For each ad id you can generate a time based encryption. So for example encrypt time with a secret passphrase and then decrypt it with that secret passphrase later.
You can use a public key and private key approach.
You can have a two tier system where an ad is clicked the click is validate to see if it is being loaded in an iframe or if that window is active.
Another method is to look at the transactions that take place. if the visitor has clicked the ad and then look at how many actually reach the destination and for how long.