research-article

Public Access

Investigating Advertisers’ Domain-changing Behaviors and Their Impacts on Ad-blocker Filter Lists

Authors:

Kai-Hsiang Chou,

Hsu-Chun Hsiao,

Limin JiaAuthors Info & Claims

WWW '22: Proceedings of the ACM Web Conference 2022

Pages 576 - 587

https://doi.org/10.1145/3485447.3512218

Published: 25 April 2022 Publication History

All formats PDF

Abstract

Ad blockers heavily rely on filter lists to block ad domains, which can serve advertisements and trackers. However, recent research has reported that some advertisers keep registering replica ad domains (RAD domains)—new domains that serve the same purpose as the original ones—which tend to slip through ad-blocker filter lists. Although this phenomenon might negatively affect ad blockers’ effectiveness, no study to date has thoroughly investigated its prevalence and the issues caused by RAD domains. In this work, we proposed methods to discover RAD domains and categorized their change patterns. From a crawl of 50,000 websites, we identified 1,748 unique RAD domains, 1,096 of which survived for an average of 410.5 days before they were blocked; the rest have not been blocked as of February 2021. Notably, we found that non-blocked RAD domains could extend the timespan of ad or tracker distribution by more than two years. Our analysis further revealed a taxonomy of four techniques used to create RAD domains, including two less-studied ones. Additionally, we discovered that the RAD domains affected 10.2% of the websites we crawled, and 23.7% of the RAD domains exhibiting privacy-intrusive behaviors, undermining ad blockers’ privacy protection.

References

[1]

[n.d.]. EasyList Forum - Rules. Retrieved September 20, 2021 from https://forums.lanik.us/rules##revolvingads

[2]

[n.d.]. Esprima. Retrieved June 20, 2021 from https://esprima.org/

[3]

2015. Issues with Yavli Advertising. https://easylist.to/2015/08/19/issues-with-yavli-advertising.html [Online; accessed 20-September-2021].

[4]

2017. 株式会社フォーイットが提供するアフィリエイト・サービス　サービス名リニューアルに伴うキャンペーン開催. Retrieved July 5, 2021 from https://www.for-it.co.jp/pressroom/pressrelease/20170414/

[5]

2017. Create a tool/script to pickup revolving adservers. Retrieved September 20, 2021 from https://issues.adblockplus.org/ticket/5323/

[6]

European Commission 2018. 2018 reform of EU data protection rules. European Commission. Retrieved October 16, 2020 from https://ec.europa.eu/commission/sites/beta-political/files/data-protection-factsheet-changes_en.pdf

[7]

AdBlock Support. 2021. Introduction to Filter Lists. Retrieved October 24, 2021 from https://help.getadblock.com/support/solutions/articles/6000066909-introduction-to-filter-lists

[8]

Adguard Team. 2020. Adguard - CNAME-cloaked trackers. Retrieved October 16, 2020 from https://github.com/AdguardTeam/cname-trackers

[9]

Adguard Team. 2020. AdguardFilters - AdGuard Content Blocking Filters. Retrieved October 16, 2020 from https://github.com/AdguardTeam/AdguardFilters

[10]

aeris. 2020. Address 1st-party tracker blocking. Retrieved October 16, 2020 from https://github.com/uBlockOrigin/uBlock-issues/issues/780

[11]

Mshabab Alrizah, Sencun Zhu, Xinyu Xing, and Gang Wang. 2019. Errors, Misunderstandings, and Attacks: Analyzing the Crowdsourcing Process of Ad-Blocking Systems. In Proceedings of the Internet Measurement Conference (Amsterdam, Netherlands) (IMC ’19). Association for Computing Machinery, New York, NY, USA, 230â€“244. https://doi.org/10.1145/3355369.3355588

Digital Library

[12]

Muhammad Ahmad Bashir, Sajjad Arshad, Engin Kirda, William Robertson, and Christo Wilson. 2018. How Tracking Companies Circumvented Ad Blockers Using WebSockets. In Proceedings of the Internet Measurement Conference 2018 (Boston, MA, USA) (IMC ’18). Association for Computing Machinery, New York, NY, USA, 471â€“477. https://doi.org/10.1145/3278532.3278573

Digital Library

[13]

Jason Bau, Jonathan Mayer, Hristo Paskov, and John C Mitchell. 2013. A promising direction for web tracking countermeasures. Proceedings of W2SP (2013).

[14]

Frank Cangialosi, Taejoong Chung, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, and Christo Wilson. 2016. Measurement and Analysis of Private Key Sharing in the HTTPS Ecosystem. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (Vienna, Austria) (CCSâ€™16). Association for Computing Machinery, New York, NY, USA, 628â€“640. https://doi.org/10.1145/2976749.2978301

Digital Library

[15]

Darion Cassel, Su-Chin Lin, Alessio Buraggina, William Wang, Andrew Zhang, Lujo Bauer, Hsu-Chun Hsiao, Limin Jia, and Timothy Libert. 2022. OmniCrawl: Comprehensive Measurement of Web Tracking With Real Desktop and Mobile Browsers. Proceedings on Privacy Enhancing Technologies 2022, 1 (Jan. 2022).

[16]

Quan Chen, Peter Snyder, Ben Livshits, and Alexandros Kapravelos. 2021. Detecting Filter List Evasion with Event-Loop-Turn Granularity JavaScript Signatures. In 2021 IEEE Symposium on Security and Privacy (SP). 1715–1729. https://doi.org/10.1109/SP40001.2021.00007

[17]

Conva Ventures Inc.2020. Bypass ad-blockers with custom domains - Fathom Analytics. https://usefathom.com/blog/bypass-adblockers.

[18]

Ha Dao and Kensuke Fukuda. 2020. A machine learning approach for detecting CNAME cloaking-based tracking on the Web. (2020), 1–6. https://doi.org/10.1109/GLOBECOM42002.2020.9322514

Digital Library

[19]

Ha Dao, Johan Mazel, and Kensuke Fukuda. 2021. CNAME Cloaking-Based Tracking on the Web: Characterization, Detection, and Protection. IEEE Transactions on Network and Service Management 18, 3(2021), 3873–3888. https://doi.org/10.1109/TNSM.2021.3072874

[20]

Yana Dimova, Gunes Acar, Lukasz Olejnik, Wouter Joosen, and Tom Van Goethem. 2021. The CNAME of the Game: Large-scale analysis of dns-based tracking evasion. Proceedings on Privacy Enhancing Technologies 2021, 3(2021), 394–412.

[21]

Zainul Abi Din, Panagiotis Tigas, Samuel T. King, and Benjamin Livshits. 2020. PERCIVAL: Making In-Browser Perceptual Ad Blocking Practical with Deep Learning. In 2020 USENIX Annual Technical Conference (USENIX ATC 20). USENIX Association, 387–400. https://www.usenix.org/conference/atc20/presentation/din

[22]

Duck Duck Go, Inc. [n.d.]. CATEGORIES - DuckDuckGo Tracker Radar. Retrieved July 5, 2021 from https://github.com/duckduckgo/tracker-radar/blob/main/docs/CATEGORIES.md

[23]

Duck Duck Go, Inc. [n.d.]. DuckDuckGo Tracker Radar. Retrieved July 5, 2021 from https://github.com/duckduckgo/tracker-radar

[24]

EasyList contributors. [n.d.]. EasyList - Policy. Retrieved January 29, 2021 from https://easylist.to/pages/policy.html

[25]

EasyList contributors. [n.d.]. EasyList / EasyPrivacy / Fanboy Lists. Retrieved October 20, 2020 from https://github.com/easylist/easylist

[26]

EasyList contributors. [n.d.]. EasyList / EasyPrivacy / Fanboy Lists Support. Retrieved October 20, 2020 from https://github.com/easylist/easylist#support

[27]

EasyList contributors. 2011. What is acceptable first-party tracking?Retrieved January 29, 2021 from https://easylist.to/2011/08/31/what-is-acceptable-first-party-tracking.html

[28]

EasyList contributors. 2020. EasyList - Overview. Retrieved October 16, 2020 from https://easylist.to/

[29]

Christopher M Frenz and Christian Diaz. 2017. Anti-ransomware guide. https://owasp.org/www-pdf-archive/Anti-RansomwareGuidev1-7.pdf. Retrieved from owasp. org(2017). [Online; accessed 20-September-2021].

[30]

Google. 2020. Public DNS | Google Developers. Retrieved October 16, 2020 from https://developers.google.com/speed/public-dns

[31]

David Gugelmann, Markus Happe, Bernhard Ager, and Vincent Lenders. 2015. An automated approach for complementing ad blockersâ€™ blacklists. Proceedings on Privacy Enhancing Technologies 2015, 2(2015), 282–298.

[32]

Joseph Lorenzo Hall, Michael D. Aaron, Stan Adams, Amelia Andersdotter, Ben Jones, and Nick Feamster. 2020. A Survey of Worldwide Censorship Techniques. Internet-Draft draft-irtf-pearg-censorship-04. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-irtf-pearg-censorship-04 Work in Progress.

[33]

Muhammad Ikram, Hassan Jameel Asghar, Mohamed Ali Kaafar, Anirban Mahanti, and Balachandar Krishnamurthy. 2017. Towards seamless tracking-free web: Improved detection of trackers via one-class learning. Proceedings on Privacy Enhancing Technologies 2017, 1(2017), 79–99.

[34]

Internet Archive. 2020. Wayback Machine. Retrieved October 16, 2020 from http://web.archive.org/

[35]

Internet Corporation for Assigned Names and Numbers. 2021. Temporary Specification for gTLD Registration Data - ICANN. Retrieved February 3, 2021 from https://www.icann.org/resources/pages/gtld-registration-data-specs-en/

[36]

Umar Iqbal, Zubair Shafiq, and Zhiyun Qian. 2017. The Ad Wars: Retrospective Measurement and Analysis of Anti-Adblock Filter Lists. In Proceedings of the 2017 Internet Measurement Conference (London, United Kingdom) (IMC ’17). Association for Computing Machinery, New York, NY, USA, 171â€“183. https://doi.org/10.1145/3131365.3131387

Digital Library

[37]

Umar Iqbal, Zubair Shafiq, Peter Snyder, Shitong Zhu, Zhiyun Qian, and Benjamin Livshits. 2018. Adgraph: A machine learning approach to automatic and effective adblocking. arXiv preprint arXiv:1805.09155 41 (2018).

[38]

Umar Iqbal, Peter Snyder, Shitong Zhu, Benjamin Livshits, Zhiyun Qian, and Zubair Shafiq. 2020. Adgraph: A graph-based approach to ad and tracker blocking. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE, 763–776.

[39]

John Wilander. 2020. CNAME Cloaking and Bounce Tracking Defense. Retrieved July 4, 2020 from https://webkit.org/blog/11338/cname-cloaking-and-bounce-tracking-defense/

[40]

Karen Sparck Jones. 1972. A statistical interpretation of term specificity and its application in retrieval. Journal of documentation(1972).

[41]

Andrew J. Kaizer and Minaxi Gupta. 2016. Towards Automatic Identification of JavaScript-Oriented Machine-Based Tracking. In Proceedings of the 2016 ACM on International Workshop on Security And Privacy Analytics (New Orleans, Louisiana, USA) (IWSPA ’16). Association for Computing Machinery, New York, NY, USA, 33â€“40. https://doi.org/10.1145/2875475.2875479

Digital Library

[42]

Amir Hossein Kargaran, Mohammad Sadegh Akhondzadeh, Mohammad Reza Heidarpour, Mohammad Hossein Manshaei, Kave Salamatian, and Masoud Nejad Sattary. 2020. On Detecting Hidden Third-Party Web Trackers with a Wide Dependency Chain Graph: A Representation Learning Approach. arXiv preprint arXiv:2004.14826(2020).

[43]

Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyński, and Wouter Joosen. 2019. Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation. In Proceedings of the 26th Annual Network and Distributed System Security Symposium(NDSS 2019). https://doi.org/10.14722/ndss.2019.23386

[44]

Arunesh Mathur, Jessica Vitak, Arvind Narayanan, and Marshini Chetty. 2018. Characterizing the Use of Browser-Based Blocking Extensions to Prevent Online Tracking. In Proceedings of the Fourteenth USENIX Conference on Usable Privacy and Security (Baltimore, MD, USA) (SOUPS ’18). USENIX Association, USA, 103â€“116.

Digital Library

[45]

Mozilla and individual contributors. 2020. dns - Mozilla | MDN. Retrieved October 4, 2020 from https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/dns

[46]

Mozilla Foundation. 2020. Public Suffix List. Retrieved October 20, 2020 from https://publicsuffix.org/

[47]

NetApplications. 2020. Browser market share. Retrieved October 16, 2020 from https://netmarketshare.com/

[48]

Paradot. 2021. Add a Tracker Domain. Retrieved September 22, 2021 from https://help.salesforce.com/articleView?id=sf.pardot_admin_add_tracker_domain.htm&type=5

[49]

Peter Lowe. 2020. Blocking with ad server and tracking server hostnames. Retrieved October 16, 2020 from https://pgl.yoyo.org/adservers/index.php

[50]

Plausible. 2021. Serve the script from your domain as a first-party connection | Plausible docs. Retrieved September 22, 2021 from https://plausible.io/docs/custom-domain

[51]

Romain Cointepas, NextDNS Inc.2020. CNAME Cloaking, the dangerous disguise of third-party trackers | by Romain Cointepas | NextDNS | Medium. Retrieved October 16, 2020 from https://medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a

[52]

Nikita Savchenko. [n.d.]. GitHub - dataunlocker/save-analytics-from-content-blockers: A proxy back end for Google Tag Manager & Google Analytics. Retrieved September 20, 2020 from https://github.com/dataunlocker/save-analytics-from-content-blockers

[53]

Sectigo Limited. 2020. crt.sh | Certificate Search. Retrieved October 16, 2020 from https://crt.sh/

[54]

Segment.io, Inc.2020. Set up a custom domain proxy for Analytics.js -_ Segment Documentation. Retrieved January 29, 2021 from https://segment.com/docs/connections/sources/catalog/libraries/website/javascript/custom-proxy/

[55]

Alexander Sjösten, Peter Snyder, Antonio Pastor, Panagiotis Papadopoulos, and Benjamin Livshits. 2020. Filter list generation for underserved regions. In Proceedings of The Web Conference 2020. 1682–1692.

Digital Library

[56]

Peter Snyder, Antoine Vastel, and Ben Livshits. 2020. Who Filters the Filters: Understanding the Growth, Usefulness and Efficiency of Crowdsourced Ad Blocking. In Abstracts of the 2020 SIGMETRICS/Performance Joint International Conference on Measurement and Modeling of Computer Systems(Boston, MA, USA) (SIGMETRICS ’20). Association for Computing Machinery, New York, NY, USA, 75â€“76. https://doi.org/10.1145/3393691.3394228

Digital Library

[57]

Florian Tramèr, Pascal Dupré, Gili Rusak, Giancarlo Pellegrino, and Dan Boneh. 2019. AdVersarial: Perceptual Ad Blocking Meets Adversarial Machine Learning. (2019), 2005â€“2021. https://doi.org/10.1145/3319535.3354222

Digital Library

[58]

Phani Vadrevu and Roberto Perdisci. 2019. What You See is NOT What You Get: Discovering and Tracking Social Engineering Attack Campaigns. In Proceedings of the Internet Measurement Conference (Amsterdam, Netherlands) (IMC ’19). Association for Computing Machinery, New York, NY, USA, 308â€“321. https://doi.org/10.1145/3355369.3355600

Digital Library

[59]

Weihang Wang, Yunhui Zheng, Xinyu Xing, Yonghwi Kwon, Xiangyu Zhang, and Patrick Eugster. 2016. WebRanz: Web Page Randomization for Better Advertisement Delivery and Web-Bot Prevention. In Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering (Seattle, WA, USA) (FSE 2016). Association for Computing Machinery, New York, NY, USA, 205â€“216. https://doi.org/10.1145/2950290.2950352

Digital Library

[60]

Wikipedia contributors. 2021. Tfâ€“idf — Wikipedia, The Free Encyclopedia. Retrieved February 3, 2021 from https://en.wikipedia.org/w/index.php?title=Tf%E2%80%93idf

[61]

wordlists. 2017. GitHub - xajkep/wordlists: Infosec Wordlists. Retrieved January 29, 2021 from https://raw.githubusercontent.com/xajkep/wordlists/master/discovery/directory_only_one.small.txt

[62]

George Kingsley Zipf. 2016. Human behavior and the principle of least effort: An introduction to human ecology. Ravenio Books.

Cited By

Lee CSon SMeng WJensen CCremers CKirda E(2023)AdCPG: Classifying JavaScript Code Property Graphs with Explanations for Ad and Tracker BlockingProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623084(3505-3518)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623084

Index Terms

Investigating Advertisers’ Domain-changing Behaviors and Their Impacts on Ad-blocker Filter Lists

Index terms have been assigned to the content through auto-classification.

Recommendations

Ad-blocking: A Study on Performance, Privacy and Counter-measures
WebSci '17: Proceedings of the 2017 ACM on Web Science Conference

Many internet ventures rely on advertising for their revenue. However, users feel discontent by the presence of ads on the websites they visit, as the data-size of ads is often comparable to that of the actual content. This has an impact not only on the ...
Understanding Emerging Threats to Online Advertising
EC '16: Proceedings of the 2016 ACM Conference on Economics and Computation

Two recent disruptions to the online advertising market are the widespread use of ad-blocking software and proposed restrictions on third-party tracking, trends that are driven largely by consumer concerns over privacy. Both primarily impact display ...
A Study of the Partnership Between Advertisers and Publishers
Passive and Active Measurement
Abstract
Ad networks (e.g., Google Ads and Facebook Ads), advertisers, publishers (websites and mobile apps), and users are the main participants in the online advertising ecosystem. Ad networks dominate the advertising landscape in terms of determining ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WWW '22: Proceedings of the ACM Web Conference 2022

April 2022

3764 pages

ISBN:9781450390965

DOI:10.1145/3485447

Editors:
Frédérique Laforest
INSA Lyon, France
,
Raphaël Troncy
EURECOM, France
,
Elena Simperl
King’s College London, UK
,
Deepak Agarwal
Pinterest, USA
,
Aristides Gionis
KTH Royal Institute of Technology, Sweden
,
Ivan Herman
W3C / retired
,
Lionel Médini
Université Lyon 1, France

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGWEB: ACM Special Interest Group on Hypertext, Hypermedia, and Web

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 April 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

National Science Foundation
Ministry of Science and Technology of Taiwan

Conference

WWW '22

Sponsor:

SIGWEB

WWW '22: The ACM Web Conference 2022

April 25 - 29, 2022

Virtual Event, Lyon, France

Acceptance Rates

Overall Acceptance Rate 1,899 of 8,196 submissions, 23%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
501
Total Downloads

Downloads (Last 12 months)188
Downloads (Last 6 weeks)28

Reflects downloads up to 27 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lee CSon SMeng WJensen CCremers CKirda E(2023)AdCPG: Classifying JavaScript Code Property Graphs with Explanations for Ad and Tracker BlockingProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623084(3505-3518)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623084

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents