LAUSR

Web-based advertising systems have been exploited by cybercriminals to disseminate malware to an enormous number of end-users and their vulnerable machines. To protect their malicious ads and malware from detection by the ad network, malvertisers apply various redirection and evasion techniques. Meanwhile, the ad network can also apply inspection techniques to spoil the malvertiser's tricks and expose the malware. However, both the malvertiser and the ad network are under resource and time constraints. Moreover, the ad network is disadvantaged because it has incomplete information about whether it is facing a benign or malicious advertiser. In this paper, we aim to apply the Bayesian game model by designing two games to formulate the problem of inspecting the Web-based maladvertising. The first game has two types of Advertisers, namely Malicious and Benign, and one type of Defender; the second game has two types of Attackers, Advanced and Simple, in terms of their capability of redirection and evasion, and one type of Defender. We define their strategies and payoff functions, and compute their Bayesian Nash equilibria. We use numeric simulation to evaluate our game theoretic models, and we derive several insights from the results that can serve as guidelines for the ad network to decide its best inspection strategy.