• Home

  • Documents

  • Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... •...
16
Adblocking and Counter-Blocking Julia E. Powles Emiliano De Cristofaro Hamed Haddadi Steven Murdoch Rishab Nithyanand Sheharbano Khattak Mobin Javed Narseo Vallina- Rodriguez Marjan Falahrastegar

Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Embed Size (px)

Citation preview

Page 1: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Adblocking andCounter-Blocking

JuliaE.Powles

EmilianoDeCristofaro

HamedHaddadi

StevenMurdoch

RishabNithyanand

SheharbanoKhattak

MobinJaved

Narseo Vallina-Rodriguez

MarjanFalahrastegar

Page 2: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Now…oursponsors

Skippingslidein15seconds

Page 3: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Or…Turnoffyouradblocker toproceed

Page 4: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Inthispaper,we…

• Understandthecurrentstateofthecontentprovidervs. adblocker armsrace

AdobeandPageFair 2015adblocking report

August ‘15 March‘16

IABTechLabPublisherAdblocking Primer

March‘16

Eyeo wins5th straightcaseinGermany

Popularwebsitesdeployanti-adblockers

Securityandprivacyactivistsfightback

April ‘16

Andimmediatelyfacemalvertising scares

Page 5: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Inthispaper,we…• Understandthecurrentstateofthecontentprovidervs. adblocker armsrace

• Howwidespreadareanti-adblockers?• Anti-adblockers:Adblocker blockersanddetectors.

• Whatsitesareemployingthem?

• Whoarethemostpopularvendorsofanti-adblockers?

• Howdothepopularanti-adblockerswork?

• Canadblockers blockanti-adblockers?• Or,canadblockers blockadblocker blockers?

Page 6: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Howwidespreadareanti-adblockers?

• CrawlanddownloadallJSes intheAlexaT-5K.• Over200KJSinAlexaT-5K.• Analyzing(functionalityof)eachoneisnotfeasible.

• Observation:MostsitesusethesameJSes.• Boughtfromvendors,partofalibrary,etc.

• ClustersimilarJSes andanalyzeeachcluster.

Page 7: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

ClusteringsimilarJSes

• FormulateastheCliqueFindingproblem.

• Findallcliqueswithedgeweight>=x (say,.80).

• JS1,JS2,andJS4arelikelytohaveidenticalfunctionalityandsourceforsufficientlyhigh“x”.

• Givesalower-boundofsharedJSes:FailswithdifferentlyobfuscatedcodeandcomposedJSes.

JS1

JS3

JS2

JS4

.9

.6

.9

.9 .7

.8

Similarityofcode(TF-IDF)

White-spaceinsensitivePosition insensitiveResistanttonoise

Page 8: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

AnalyzingclustersofJSes

• Characteristics(scriptvendorandfunctionality)ofeachcliqueareidentifiedbyanalyzing:

• Sourcesofscripts.

• Externalresourcesutilizedbythescripts.

• (TF-IDF)Keywordsassociatedwiththescript.

• Manually.

Page 9: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Howwidespreadareanti-adblockers?

• Totalnumberofcliqueswithsize>=5:1882• 1882JSes sharedby5+websites.

• TotalnumberoftrackerJSes:456of1882• 456JSes usedfortrackingsharedby2741websites.

• Totalnumberofanti-adblocker JSes:22of1882• 22JSes usedfordetectingadblockers sharedby335websites.• Thisisalowerbound.

Page 10: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Whatsitesareemployinganti-adblockers?

• McAfee’sURLcategoriesoverthe335identifiedwebsites.

Page 11: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Whoarethepopularanti-adblocking vendors?

Page 12: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Howdoanti-adblockers work?

• Keyidea:Baitobjects.• Example1:UsingabaitDIVelement

var test = document.createElement('div'); //Create a new DIV elementtest.innerHTML = ' ‘; test.className = 'adsbox‘; //Set bait

document.body.appendChild(test); //Add element to document body

if (test.offsetHeight === 0) //Check element height{

document.body.classList.add('adblock');}

Page 13: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Howdoanti-adblockers work?

• Keyidea:Baitobjects.• Example2:UsingbaitJSes

// ads.jsvar foo = False

// main.jsvar foo = True// main.htmlif (foo is True){

document.body.classList.add('adblock');}

Page 14: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Canadblockers blockanti-adblockers?

Page 15: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

TL;DR

• Anti-adblockers areemployedbyatleast 6.7%oftheAlexaT-5K.

• Anti-adblockers aremostlyemployedby“News”websites.

• Anti-adblockers arebeingsuppliedmostlybyadvendors.• PageFair reportshouldbetakenwithagrainofsalt(conflictofinterest).

• Thearmsracehasenteredthenextphase.• Escalationseemslikelyunlessacompromiseisfound(e.g.,Eyeo AAI).

Page 16: Adblockingand Counter-Blocking - USENIX · Adblockingand Counter-Blocking Julia E. Powles ... • Can adblockersblock anti-adblockers? • Or, can adblockers block adblocker blockers?

Upcomingwork

• AutomatedcategorizationofJSes.

• Longitudinalmeasurements.


Measuring and Disrupting Anti-Adblockers Using ...homepage.divms.uiowa.edu/~mshafiq/files/adblock-ndss2018.pdf · Measuring and Disrupting Anti-Adblockers Using Differential Execution

Measuring and Disrupting Anti-Adblockers Using ...homepage.divms.uiowa.edu/~mshafiq/files/adblock-ndss2018.pdf · Measuring and Disrupting Anti-Adblockers Using Differential Execution

Documents
Adblockingand Counter-Blocking - Steven Murdoch · • Anti-adblockers are employed by at least6.7% of the Alexa T-5K. • Anti-adblockers are mostly employed by “News” websites

Adblockingand Counter-Blocking - Steven Murdoch · • Anti-adblockers are employed by at least6.7% of the Alexa T-5K. • Anti-adblockers are mostly employed by “News” websites

Documents
Migration from blocking to non-blocking web frameworks833347/FULLTEXT01.pdf · for assessing profits of migration from blocking to non-blocking JVM web frameworks. Methods. First,

Migration from blocking to non-blocking web frameworks833347/FULLTEXT01.pdf · for assessing profits of migration from blocking to non-blocking JVM web frameworks. Methods. First,

Documents
Measuring adblockers impact on site performance

Measuring adblockers impact on site performance

Engineering
AdTech Gone Wrong: The Regulation of AdBlockers Thomas Höppner, GikII, 25 September 2015, Berlin

AdTech Gone Wrong: The Regulation of AdBlockers Thomas Höppner, GikII, 25 September 2015, Berlin

Documents
Blocking - Habitat Denver of Blocking we install: • Ladder blocking • Deadwood (drywall nailers) • Fire blocking • Kitchen cabinet blocking • Bathroom vanity & cabinet blocking

Blocking - Habitat Denver of Blocking we install: • Ladder blocking • Deadwood (drywall nailers) • Fire blocking • Kitchen cabinet blocking • Bathroom vanity & cabinet blocking

Documents
Zone Blocking Part II - Footwork, Blocking Schemes

Zone Blocking Part II - Footwork, Blocking Schemes

Documents
BLOCKING INSIDE THE FREE BLOCKING ZONE By : Joel Barnes

BLOCKING INSIDE THE FREE BLOCKING ZONE By : Joel Barnes

Documents
ADSD Fall2011 03 Sequential Logic Blocking Non Blocking 30Sep11

ADSD Fall2011 03 Sequential Logic Blocking Non Blocking 30Sep11

Documents
How adblocking is migrating to mobile · (this number excludes content blocking apps, in-app adblockers, and opt-in browser adblockers) There are twice as many mobile adblockers than

How adblocking is migrating to mobile · (this number excludes content blocking apps, in-app adblockers, and opt-in browser adblockers) There are twice as many mobile adblockers than

Documents
Directional Comparison Blocking System Fundamentalspattersonpowerengineers.com/papers/Directional Comparison Blocking... · Directional Comparison Blocking System Fundamentals

Directional Comparison Blocking System Fundamentalspattersonpowerengineers.com/papers/Directional Comparison Blocking... · Directional Comparison Blocking System Fundamentals

Documents
Ad blocking

Ad blocking

Data & Analytics
Measuring and Disrupting Anti- Adblockers Using ... · Measuring and Disrupting Anti-Adblockers Using Differential Execution Analysis Shitong Zhu*, Xunchao Hu†, Zhiyun Qian*, Zubair

Measuring and Disrupting Anti- Adblockers Using ... · Measuring and Disrupting Anti-Adblockers Using Differential Execution Analysis Shitong Zhu*, Xunchao Hu†, Zhiyun Qian*, Zubair

Documents
Blocking shematic

Blocking shematic

Documents
blocking 101

blocking 101

Documents
BLOCKING IT ALL STARTS HERE. BLOCKING Today, we will focus on blocking. Why? Because blocking is offense and offense is blocking – Period. There are two

BLOCKING IT ALL STARTS HERE. BLOCKING Today, we will focus on blocking. Why? Because blocking is offense and offense is blocking – Period. There are two

Documents
Bullet Blocking One for Western Blotting · Bullet Blocking One for Western Blotting Blindingly fast, blocking in 5 min! Bullet Blocking One is a blocking reagent for western blotting,

Bullet Blocking One for Western Blotting · Bullet Blocking One for Western Blotting Blindingly fast, blocking in 5 min! Bullet Blocking One is a blocking reagent for western blotting,

Documents
WHO · Valve’s counter-measures • Two-factor authentication either by email or mobile Steam Guard application. • Blocking URL’s throughout Steam. • Captcha on trades (briefly),

WHO · Valve’s counter-measures • Two-factor authentication either by email or mobile Steam Guard application. • Blocking URL’s throughout Steam. • Captcha on trades (briefly),

Documents
Measuring and Disrupting Anti- Adblockers Using ...€¦ · Improving Adblockers • Avoiding Anti-adblockers with JavaScript Rewriting • Hiding Adblockers with API Hooking (stealthy

Measuring and Disrupting Anti- Adblockers Using ...€¦ · Improving Adblockers • Avoiding Anti-adblockers with JavaScript Rewriting • Hiding Adblockers with API Hooking (stealthy

Documents
A Comparison of Blocking & Non-Blocking Synchronization

A Comparison of Blocking & Non-Blocking Synchronization

Documents
Blocking Freedom

Blocking Freedom

Documents
Basic Blocking

Basic Blocking

Documents
Blocking the pipeline for rural gentrification: where are ... · The appeal of rural places for counter-urban migrants • Fuelled by imaginations of idyllic rurality (security, safety,

Blocking the pipeline for rural gentrification: where are ... · The appeal of rural places for counter-urban migrants • Fuelled by imaginations of idyllic rurality (security, safety,

Documents
BLOCKING AND BRACING Blocking & Bracing. BLOCKING AND BRACING Blocking & Bracing 2 Blocking and Bracing

BLOCKING AND BRACING Blocking & Bracing. BLOCKING AND BRACING Blocking & Bracing 2 Blocking and Bracing

Documents
WordPress.com...Inside Runs, Counter Plays, and Sweeps Run Number Modifiers Rush Columns Blocking Value (BV) +4(+5) Exceptional Blockers Tackle Value (TV) 4(-5) Exceptional Tacklers

WordPress.com...Inside Runs, Counter Plays, and Sweeps Run Number Modifiers Rush Columns Blocking Value (BV) +4(+5) Exceptional Blockers Tackle Value (TV) 4(-5) Exceptional Tacklers

Documents
Neuromuscular blocking

Neuromuscular blocking

Health & Medicine
12 Blocking

12 Blocking

Documents
Write Blocking CSC 485/585. Objectives Understand the concept of write blocking Understand hardware write blocking Understand software write blocking

Write Blocking CSC 485/585. Objectives Understand the concept of write blocking Understand hardware write blocking Understand software write blocking

Documents
Understanding Verilog Blocking and Non-blocking Assignments

Understanding Verilog Blocking and Non-blocking Assignments

Documents
Blocking “ccTLD Blocking”, “Strict Geo-location · 2016-01-26 · Blocking – “ccTLD Blocking”, “Strict Geo-location Blocking” or a “Country Lens Approach”? Dan

Blocking “ccTLD Blocking”, “Strict Geo-location · 2016-01-26 · Blocking – “ccTLD Blocking”, “Strict Geo-location Blocking” or a “Country Lens Approach”? Dan

Documents