As the Internet continues to grow, the Internet advertising industry flourishes as a means of reaching the appropriate market segments. Internet advertisers provide the monetary incentive for Internet publishers to display advertisements on their Web sites. Internet advertisers and publishers contract through a commissioner that takes care of the accounting issues, and earns a commission on the advertisers' payments. Some publishers are dishonest, and use automation to generate traffic to defraud the advertisers. The commissioner, who is supposed to distinguish fraudulent traffic from normal traffic, cannot track individual computers in order not to violate surfers' privacy.
In this paper, we describe the advertising network model in detail, and share, with the research community, our field experience and concerns about detecting fraudulent publishers. This paper provides a classification of the hit inflation techniques, and stream analysis schemes that would detect fraud attacks of many classes of the proposed classification. For some classes, we abstract detecting their fraud attacks as theoretical stream analysis problems that we propose as open problems. In addition, we consider the problem of detecting automated activities. A framework is outlined for deploying the proposed fraud detection algorithms on a generic architecture. We conclude by some findings of our attempt to detect fraud on a real network.