Demystifying ad fraud.

The wide spread use of Internet allows advertisers to reach significantly more consumers through online advertisement compared to traditional advertising media. However, currently online advertisement is facing challenges associated with advertisement (ad) frauds such as ad replacement, ad stacking, click fraud, and click hijacking. It is important to teach students this emerging topic, and help students understand the attack flow behind ad frauds. In this work, a course module was developed to teach students about online ad servicing architecture, the associated security vulnerabilities and how the vulnerabilities can be exploited. A scenario of ad replacement was developed which includes an infrastructure to simulate the ad replacement attack flow providing students a real-world context and hands-on experience. This paper describes the course module on ad fraud, and our teaching experience of this course module. Instructors teaching network security, web security, information systems, and business & economics could adopt this course module.