The Community for Technology Leaders
2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE) (2017)
Urbana, IL, USA
Oct. 30, 2017 to Nov. 3, 2017
ISBN: 978-1-5386-3976-4
pp: 240-251
Weihang Wang , Department of Computer Science, Purdue University, West Lafayette, Indiana, USA
Yonghwi Kwon , Department of Computer Science, Purdue University, West Lafayette, Indiana, USA
Yunhui Zheng , IBM T.J. Watson Research Center, Yorktown Height, New York, USA
Yousra Aafer , Department of Computer Science, Purdue University, West Lafayette, Indiana, USA
I-Luk Kim , Department of Computer Science, Purdue University, West Lafayette, Indiana, USA
Wen-Chuan Lee , Department of Computer Science, Purdue University, West Lafayette, Indiana, USA
Yingqi Liu , Department of Computer Science, Purdue University, West Lafayette, Indiana, USA
Weijie Meng , Department of Computer Science, Purdue University, West Lafayette, Indiana, USA
Xiangyu Zhang , Department of Computer Science, Purdue University, West Lafayette, Indiana, USA
Patrick Eugster , Department of Computer Science, Purdue University, West Lafayette, Indiana, USA
ABSTRACT
In the current online advertisement delivery, an ad slot on a publisher's website may go through multiple layers of bidding and reselling until the final ad content is delivered. The publishers have little control on the ads being displayed on their web pages. As a result, website visitors may suffer from unwanted ads such as malvertising, intrusive ads, and information disclosure ads. Unfortunately, the visitors often blame the publisher for their unpleasant experience and switch to competitor websites. In this paper, we propose a novel programming support system for ad delivery, called PAD, for publisher programmers, who specify their policies on regulating third-party ads shown on their websites. PAD features an expressive specification language and a novel persistent policy enforcement runtime that can self-install and self-protect throughout the entire ad delegation chain. It also provides an ad-specific memory protection scheme that prevents malvertising by corrupting malicious payloads. Our experiments show that PAD has negligible runtime overhead. It effectively suppresses a set of malvertising cases and unwanted ad behaviors reported in the real world, without affecting normal functionalities and regular ads.
INDEX TERMS
Internet, Runtime, Browsers, Advertising, Trojan horses
CITATION

W. Wang et al., "PAD: Programming third-party web advertisement censorship," 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), Urbana, IL, USA, 2017, pp. 240-251.
doi:10.1109/ASE.2017.8115637
260 ms
(Ver 3.3 (11022016))