Online Advertising Security: Issues, Taxonomy, and Future Directions

TL;DR

This paper reviews security issues in online advertising, categorizes attacks, evaluates countermeasures, and suggests future research directions to enhance system security.

Contribution

It provides a comprehensive taxonomy of attacks on online advertising and analyzes existing security measures, highlighting open issues and future research directions.

Findings

Identified key vulnerabilities in online advertising systems.

Evaluated the effectiveness of current security countermeasures.

Outlined future research directions for improving security.

Abstract

Online advertising has become the backbone of the Internet economy by revolutionizing business marketing. It provides a simple and efficient way for advertisers to display their advertisements to specific individual users, and over the last couple of years has contributed to an explosion in the income stream for several web-based businesses. For example, Google's income from advertising grew 51.6% between 2016 and 2018, to $136.8 billion. This exponential growth in advertising revenue has motivated fraudsters to exploit the weaknesses of the online advertising model to make money, and researchers to discover new security vulnerabilities in the model, to propose countermeasures and to forecast future trends in research. Motivated by these considerations, this paper presents a comprehensive review of the security threats to online advertising systems. We begin by introducing the motivation for online advertising system, explain how it differs from traditional advertising networks, introduce terminology, and define the current online advertising architecture. We then devise a comprehensive taxonomy of attacks on online advertising to raise awareness among researchers about the vulnerabilities of online advertising ecosystem. We discuss the limitations and effectiveness of the countermeasures that have been developed to secure entities in the advertising ecosystem against these attacks. To complete our work, we identify some open issues and outline some possible directions for future research towards improving security methods for online advertising systems.