Online advertising is progressively moving towards a programmatic model in which ads are matched to actual interests of individuals collected as they browse the web. Letting the huge debate around privacy aside, a very important question in this area, for which little is known, is: How much do advertisers pay to reach an individual? In this study, we develop a first of its kind methodology for computing exactly that -- the price paid for a web user by the ad ecosystem -- and we do that in real time. Our approach is based on tapping on the Real Time Bidding (RTB) protocol to collect cleartext and encrypted prices for winning bids paid by advertisers in order to place targeted ads. Our main technical contribution is a method for tallying winning bids even when they are encrypted. We achieve this by training a model using as ground truth prices obtained by running our own "probe" ad-campaigns. We design our methodology through a browser extension and a back-end server that provides it with fresh models for encrypted bids. We validate our methodology using a one year long trace of 1600 mobile users and demonstrate that it can estimate a user's advertising worth with more than 82% accuracy.
Revue de presse IoT / Data du 22/01/2017Romain Bochet
Bonjour,
Voici la revue de presse IoT/data/energie du 22 janvier 2017.
Au programme :
- IBM Watson wants to help streetlights become smarter
- Monetizing Utility Data: The ‘Utility Data as a Service’ Opportunity
- Carnival Ocean Medallion: 5 takeaways from one of 2017's premier IoT projects
- DC's Gramercy District to become a $500m smart city test project
- Plateformes de données urbaines : quelle place pour l'énergie ?
- Acuity says it has deployed IoT lighting in 40 million square-feet of retail space
Je suis preneur d'autres artices / sources !
Bonne lecture !
Growth Codes: How do operators turn data growth into profitable revenue growth?Ericsson Slides
Growth Codes show how rethinking both mobile broadband and the role of operators can translate into profitable growth. Operators driven by bold, visionary and explorative mobile broadband strategies are turning data growth into revenue growth. These operators differentiate themselves by balancing superior network performance and an innovative go-to-market strategy. We believe the industry can learn from these examples and that more operators can find success by adapting some of their approaches to these codes.
Presentation held by Mr. Andrew Stott
(UK Transparency Board, formerly Director, data.gov.uk & UK Deputy GCIO) within the final consultations held at Chisinau about the Open Government Partnership on March 12th 2012.
The seminar will focus on taking you from the very beginning of starting a business which includes understanding the context, infrastructure, design, and development of any online store, to other vital aspects such as advertising, distributing products and understanding revenue and taxes. The seminar will go through the P.E.P. Framework for eCommerce developed by Daniel Martin that focusses on Planning, Executing and Performing.
Part 1:
https://youtu.be/KePUqtFqwtI
Part 2:
https://youtu.be/ypMm88RUfLs
Topics:
- Context of eCommerce in South Africa
- Types of online businesses
- Value chain overview
- Market analysis
- Value proposition (creating a product, dropshipping)
- Knowing your customer
- Costing
- Product Presentation
- Registering your business
- Value Added Tax
- Black Economic Empowerment
- Unemployment Insurance Fund
- Business email
- Domains and trust
- Website infrastructure
- Warehousing
- Distribution
- Payment Capturing
- Costs
- Advertising
- Customer service
- Customer feedback
- Revenue
- Tax
- The big picture
Revue de presse IoT / Data du 22/01/2017Romain Bochet
Bonjour,
Voici la revue de presse IoT/data/energie du 22 janvier 2017.
Au programme :
- IBM Watson wants to help streetlights become smarter
- Monetizing Utility Data: The ‘Utility Data as a Service’ Opportunity
- Carnival Ocean Medallion: 5 takeaways from one of 2017's premier IoT projects
- DC's Gramercy District to become a $500m smart city test project
- Plateformes de données urbaines : quelle place pour l'énergie ?
- Acuity says it has deployed IoT lighting in 40 million square-feet of retail space
Je suis preneur d'autres artices / sources !
Bonne lecture !
Growth Codes: How do operators turn data growth into profitable revenue growth?Ericsson Slides
Growth Codes show how rethinking both mobile broadband and the role of operators can translate into profitable growth. Operators driven by bold, visionary and explorative mobile broadband strategies are turning data growth into revenue growth. These operators differentiate themselves by balancing superior network performance and an innovative go-to-market strategy. We believe the industry can learn from these examples and that more operators can find success by adapting some of their approaches to these codes.
Presentation held by Mr. Andrew Stott
(UK Transparency Board, formerly Director, data.gov.uk & UK Deputy GCIO) within the final consultations held at Chisinau about the Open Government Partnership on March 12th 2012.
The seminar will focus on taking you from the very beginning of starting a business which includes understanding the context, infrastructure, design, and development of any online store, to other vital aspects such as advertising, distributing products and understanding revenue and taxes. The seminar will go through the P.E.P. Framework for eCommerce developed by Daniel Martin that focusses on Planning, Executing and Performing.
Part 1:
https://youtu.be/KePUqtFqwtI
Part 2:
https://youtu.be/ypMm88RUfLs
Topics:
- Context of eCommerce in South Africa
- Types of online businesses
- Value chain overview
- Market analysis
- Value proposition (creating a product, dropshipping)
- Knowing your customer
- Costing
- Product Presentation
- Registering your business
- Value Added Tax
- Black Economic Empowerment
- Unemployment Insurance Fund
- Business email
- Domains and trust
- Website infrastructure
- Warehousing
- Distribution
- Payment Capturing
- Costs
- Advertising
- Customer service
- Customer feedback
- Revenue
- Tax
- The big picture
The Cost of Digital Advertisement: Comparing User and Advertiser ViewsPanagiotis Papadopoulos
Digital advertisements are delivered in the form of static images, animations or videos, with the goal to promote a product, a service or an idea to desktop or mobile users. Thus, the advertiser pays a monetary cost to buy ad-space in a content provider’s medium (e.g., website) to place their advertisement in the consumer’s display. However, is it only the advertiser who pays for the ad delivery?
Unlike traditional advertisements in mediums such as newspapers, TV or radio, in the digital world, the end-users are also paying a cost for the advertisement delivery. Whilst the cost on the advertiser’s side is clearly monetary, on the end-user, it includes both quantifiable costs, such as network requests and transferred bytes, and qualitative costs such as privacy loss to the ad ecosystem.
In this study, we aim to increase user awareness regarding the hidden costs of digital advertisement in mobile devices, and compare the user and advertiser views. Specifically, we built OpenDAMP, a transparency tool that passively analyzes users’ web traffic and estimates the costs in both sides. We use a year-long dataset of 1270 real mobile users and by juxtaposing the costs of both sides, we identify a clear imbalance: the advertisers pay several times less to deliver ads, than the cost paid by the users to download them. In addition, the majority of users experience a significant privacy loss, through the personalized ad delivery mechanics.
This is an overview of the ad tech ecosystem. Research was conducted by Thomvest Ventures. It covers topics such as DSP, SSP, Agency, Video, Mobile, and TV advertising.
L'Oreal and Leading from the CFO Office in the Digital EraKirsty Donovan
The CFO at L'Oreal joined us last year at the FP&A Innovation Summit ti discuss the managfement of the teamto creste value. Discusing cloud technologies, social media, analytics and much more.
Join us at this year's FP&A Innovation Summit in Boston: Check it out here: http://bit.ly/1T8XGBM
CIKM 2013 Tutorial: Real-time Bidding: A New Frontier of Computational Advert...Shuai Yuan
Computational Advertising has been an important topical area in information retrieval and knowledge management. This tutorial will be focused on real-time advertising, aka Real-Time Bidding (RTB), the fundamental shift in the field of computational advertising. It is strongly related to CIKM areas such as user log analysis and modelling, information retrieval, text mining, knowledge extraction and management, behaviour targeting, recommender systems, personalization, and data management platform.
This tutorial aims to provide not only a comprehensive and systemic introduction to RTB and computational advertising in general, but also the emerging research challenges and research tools and datasets in order to facilitate the research. Compared to previous Computational Advertising tutorials in relevant top-tier conferences, this tutorial takes a fresh, neutral, and the latest look of the field and focuses on the fundamental changes brought by RTB.
We will begin by giving a brief overview of the history of online advertising and present the current eco-system in which RTB plays an increasingly important part. Based on our field study and the DSP optimisation contest organised by iPinyou, we analyse optimization problems both from the demand side (advertisers) and the supply side (publishers), as well as the auction mechanism design challenges for Ad exchanges. We discuss how IR, DM and ML techniques have been applied to these problems. In addition, we discuss why game theory is important in this area and how it could be extended beyond the auction mechanism design.
CIKM is an ideal venue for this tutorial because RTB is an area of multiple disciplines, including information retrieval, data mining, knowledge discovery and management, and game theory, most of which are traditionally the key themes of the conference. As an illustration of practical application in the real world, we shall cover algorithms in the iPinyou global DSP optimisation contest on a production platform; for the supply side, we also report experiments of inventory management, reserve price optimisation, etc. in production systems.
We expect the audience, after attending the tutorial, to understand the real-time online advertising mechanisms and the state of the art techniques, as well as to grasp the research challenges in this field. Our motivation is to help the audience acquire domain knowledge and obtain relevant datasets, and to promote research activities in RTB and computational advertising in general.
woodside capital partners whitepaper on Online Advertising technology growthSumit Roy
Woodside Capital Partners is a global, independent investment bank that delivers world-class strategic and financial advice to emerging growth companies across technology sector
Keeping out the Masses: Understanding the Popularity and Implications of Int...Panagiotis Papadopoulos
Funding the production of quality online content is a pressing problem for content producers. The most common funding method, online advertising, is rife with well-known performance and privacy harms, and an intractable subject-agent conflict: many users do not want to see advertisements, depriving the site of needed funding. Because of these negative aspects of advertisement-based funding, paywalls are an increasingly popular alternative for websites. This shift to a “pay-for-access” web is one that has potentially huge implications for the web and society. Instead of a system where information (nominally) flows freely, paywalls create a web where high quality information is available to fewer and fewer people, leaving the rest of the web users with less information, that might be also less accurate and of lower quality. Despite the potential significance of a move from an “advertising-but-open” web to a“paywalled” web, we find this issue understudied. This work addresses this gap in our understanding by measuring how widely paywalls have been adopted, what kinds of sites use paywalls, and the distribution of policies enforced by paywalls. A partial list of our findings include that (i) paywall use has increased,and at an increasing rate (2×more paywalls every 6 months), (ii) paywall adoption differs by country (e.g., 18.75% in US, 12.69% in Australia), (iii) paywall deployment significantly changes how usersinteract with the site (e.g., higher bounce rates, less incoming links),(iv) the median cost of an annual paywall access is 108 USD per site, and (v) paywalls are in general trivial to circumvent. Finally, we present the design of a novel, automated system fordetecting whether a site uses a paywall, through the combinationof runtime browser instrumentation and repeated programmaticinteractions with the site. We intend this classifier to augment future, longitudinal measurements of paywall use and behavior.
Truth in Web Mining: Measuring the Profitability and the Imposed Overheads of...Panagiotis Papadopoulos
In recent years, we have been observing a new paradigm of attacks, the so-called cryptojacking attacks. Given the lower-risk/lower- effort nature of cryptojacking, the number of such incidents in 2018 were nearly double of those of ransomware attacks. Apart from the cryptojack- ers, web-cryptomining library providers also enabled benign publishers to use this mechanism as an alternative monetization schema for web in the era of declined ad revenues. In spite of the buzz raised around web-cryptomining, it is not yet known what is the profitability of web- cryptomining and what is the actual cost it imposes on the user side.
In this paper, we respond to this exact question by measuring the over- head imposed to the user with regards to power consumption, resources utilization, network traffic, device temperature and user experience. We compare those overheads along with the profitability of web-cryptomining to the ones imposed by advertising to examine if web-cryptomining can become a viable alternative revenue stream for websites. Our results show that web-cryptomining can reach the profitability of advertising under specific circumstances, but users need to sustain a significant cost on their devices.
More Related Content
Similar to If you are not paying for it, you are the product: How much do advertisers pay to reach you?
The Cost of Digital Advertisement: Comparing User and Advertiser ViewsPanagiotis Papadopoulos
Digital advertisements are delivered in the form of static images, animations or videos, with the goal to promote a product, a service or an idea to desktop or mobile users. Thus, the advertiser pays a monetary cost to buy ad-space in a content provider’s medium (e.g., website) to place their advertisement in the consumer’s display. However, is it only the advertiser who pays for the ad delivery?
Unlike traditional advertisements in mediums such as newspapers, TV or radio, in the digital world, the end-users are also paying a cost for the advertisement delivery. Whilst the cost on the advertiser’s side is clearly monetary, on the end-user, it includes both quantifiable costs, such as network requests and transferred bytes, and qualitative costs such as privacy loss to the ad ecosystem.
In this study, we aim to increase user awareness regarding the hidden costs of digital advertisement in mobile devices, and compare the user and advertiser views. Specifically, we built OpenDAMP, a transparency tool that passively analyzes users’ web traffic and estimates the costs in both sides. We use a year-long dataset of 1270 real mobile users and by juxtaposing the costs of both sides, we identify a clear imbalance: the advertisers pay several times less to deliver ads, than the cost paid by the users to download them. In addition, the majority of users experience a significant privacy loss, through the personalized ad delivery mechanics.
This is an overview of the ad tech ecosystem. Research was conducted by Thomvest Ventures. It covers topics such as DSP, SSP, Agency, Video, Mobile, and TV advertising.
L'Oreal and Leading from the CFO Office in the Digital EraKirsty Donovan
The CFO at L'Oreal joined us last year at the FP&A Innovation Summit ti discuss the managfement of the teamto creste value. Discusing cloud technologies, social media, analytics and much more.
Join us at this year's FP&A Innovation Summit in Boston: Check it out here: http://bit.ly/1T8XGBM
CIKM 2013 Tutorial: Real-time Bidding: A New Frontier of Computational Advert...Shuai Yuan
Computational Advertising has been an important topical area in information retrieval and knowledge management. This tutorial will be focused on real-time advertising, aka Real-Time Bidding (RTB), the fundamental shift in the field of computational advertising. It is strongly related to CIKM areas such as user log analysis and modelling, information retrieval, text mining, knowledge extraction and management, behaviour targeting, recommender systems, personalization, and data management platform.
This tutorial aims to provide not only a comprehensive and systemic introduction to RTB and computational advertising in general, but also the emerging research challenges and research tools and datasets in order to facilitate the research. Compared to previous Computational Advertising tutorials in relevant top-tier conferences, this tutorial takes a fresh, neutral, and the latest look of the field and focuses on the fundamental changes brought by RTB.
We will begin by giving a brief overview of the history of online advertising and present the current eco-system in which RTB plays an increasingly important part. Based on our field study and the DSP optimisation contest organised by iPinyou, we analyse optimization problems both from the demand side (advertisers) and the supply side (publishers), as well as the auction mechanism design challenges for Ad exchanges. We discuss how IR, DM and ML techniques have been applied to these problems. In addition, we discuss why game theory is important in this area and how it could be extended beyond the auction mechanism design.
CIKM is an ideal venue for this tutorial because RTB is an area of multiple disciplines, including information retrieval, data mining, knowledge discovery and management, and game theory, most of which are traditionally the key themes of the conference. As an illustration of practical application in the real world, we shall cover algorithms in the iPinyou global DSP optimisation contest on a production platform; for the supply side, we also report experiments of inventory management, reserve price optimisation, etc. in production systems.
We expect the audience, after attending the tutorial, to understand the real-time online advertising mechanisms and the state of the art techniques, as well as to grasp the research challenges in this field. Our motivation is to help the audience acquire domain knowledge and obtain relevant datasets, and to promote research activities in RTB and computational advertising in general.
woodside capital partners whitepaper on Online Advertising technology growthSumit Roy
Woodside Capital Partners is a global, independent investment bank that delivers world-class strategic and financial advice to emerging growth companies across technology sector
Similar to If you are not paying for it, you are the product: How much do advertisers pay to reach you? (20)
Keeping out the Masses: Understanding the Popularity and Implications of Int...Panagiotis Papadopoulos
Funding the production of quality online content is a pressing problem for content producers. The most common funding method, online advertising, is rife with well-known performance and privacy harms, and an intractable subject-agent conflict: many users do not want to see advertisements, depriving the site of needed funding. Because of these negative aspects of advertisement-based funding, paywalls are an increasingly popular alternative for websites. This shift to a “pay-for-access” web is one that has potentially huge implications for the web and society. Instead of a system where information (nominally) flows freely, paywalls create a web where high quality information is available to fewer and fewer people, leaving the rest of the web users with less information, that might be also less accurate and of lower quality. Despite the potential significance of a move from an “advertising-but-open” web to a“paywalled” web, we find this issue understudied. This work addresses this gap in our understanding by measuring how widely paywalls have been adopted, what kinds of sites use paywalls, and the distribution of policies enforced by paywalls. A partial list of our findings include that (i) paywall use has increased,and at an increasing rate (2×more paywalls every 6 months), (ii) paywall adoption differs by country (e.g., 18.75% in US, 12.69% in Australia), (iii) paywall deployment significantly changes how usersinteract with the site (e.g., higher bounce rates, less incoming links),(iv) the median cost of an annual paywall access is 108 USD per site, and (v) paywalls are in general trivial to circumvent. Finally, we present the design of a novel, automated system fordetecting whether a site uses a paywall, through the combinationof runtime browser instrumentation and repeated programmaticinteractions with the site. We intend this classifier to augment future, longitudinal measurements of paywall use and behavior.
Truth in Web Mining: Measuring the Profitability and the Imposed Overheads of...Panagiotis Papadopoulos
In recent years, we have been observing a new paradigm of attacks, the so-called cryptojacking attacks. Given the lower-risk/lower- effort nature of cryptojacking, the number of such incidents in 2018 were nearly double of those of ransomware attacks. Apart from the cryptojack- ers, web-cryptomining library providers also enabled benign publishers to use this mechanism as an alternative monetization schema for web in the era of declined ad revenues. In spite of the buzz raised around web-cryptomining, it is not yet known what is the profitability of web- cryptomining and what is the actual cost it imposes on the user side.
In this paper, we respond to this exact question by measuring the over- head imposed to the user with regards to power consumption, resources utilization, network traffic, device temperature and user experience. We compare those overheads along with the profitability of web-cryptomining to the ones imposed by advertising to examine if web-cryptomining can become a viable alternative revenue stream for websites. Our results show that web-cryptomining can reach the profitability of advertising under specific circumstances, but users need to sustain a significant cost on their devices.
Cookie Synchronization: Everything You Always Wanted to Know But Were Afraid ...Panagiotis Papadopoulos
User data is the primary input of digital advertising, fueling the free Internet as we know it. As a result, web companies invest a lot in elaborate tracking mechanisms to acquire user data that can sell to data markets and advertisers. However, with same-origin policy and cookies as a primary identification mechanism on the web, each tracker knows the same user with a different ID. To mitigate this, Cookie Synchronization (CSync) came to the rescue, facilitating an information sharing channel between 3rd-parties that may or not have direct access to the website the user visits. In the background, with CSync, they merge user data they own, but also reconstruct a user’s browsing history, bypassing the same origin policy.
In this paper, we perform a first to our knowledge in-depth study of CSync in the wild, using a year-long weblog from 850 real mobile users. Through our study, we aim to understand the characteristics of the CSync protocol and the impact it has on web users’ privacy. For this, we design and implement CONRAD, a holistic mechanism to detect CSync events at real time, and the privacy loss on the user side, even when the synced IDs are obfuscated. Using CONRAD, we find that 97% of the regular web users are exposed to CSync: most of them within the first week of their browsing, and the median userID gets leaked, on average, to 3.5 different domains. Finally, we see that CSync increases the number of domains that track the user by a factor of 6.75.
Is privacy possible without Anonymity? The case for microblogging servicesPanagiotis Papadopoulos
Traditional approaches to privacy are usually based on top of
anonymizing or pseudonymizing systems. For example, users who
would like to protect their identity and/or hide their activities while
browsing the web frequently use anonymizing systems (e.g., Tor) or
services (e.g., VPNs and proxies). Although anonymizing systems
are usually effective, recent revelations suggest that anonymization can be compromised and can be used to provide a false sense of
security. In this paper we assume a world where anonymization
is (practically) not possible. Imagine, for example, a community
where the use of anonymizing systems is frowned upon or even
forbidden. Is it possible for users to protect their privacy when they
can not hide their identity?
In this paper, we focus our question on users interested in follow-
ing information channels in microblogging services and we show
that it is possible for users to protect their privacy even if they can
not hide their identity. To do so, we propose two obfuscation-based
algorithms and quantify their effectiveness. We show that obfusca-
tion can be used in such a way so that attackers can not use this
service to increase their a priori knowledge on whether a user is
interested in a channel or not.
Master of Web Puppets: Abusing Web Browsers for Persistent and Stealthy Compu...Panagiotis Papadopoulos
The proliferation of web applications has essentially transformed modern browsers into small but powerful operating systems. Upon visiting a website, user devices run implicitly trusted script code, the execution of which is confined within the browser to prevent any interference with the user’s system. Recent JavaScript APIs, however, provide advanced capabilities that not only enable feature-rich web applications, but also allow attackers to perform malicious operations despite the confined nature of JavaScript code execution.
In this paper, we demonstrate the powerful capabilities that modern browser APIs provide to attackers by presenting MarioNet: a framework that allows a remote malicious entity to control a visitor’s browser and abuse its resources for unwanted computation or harmful operations, such as cryptocurrency mining, password-cracking, and DDoS. MarioNet relies solely on already available HTML5 APIs, without requiring the installation of any additional software. In contrast to previous browser- based botnets, the persistence and stealthiness characteristics of MarioNet allow the malicious computations to continue in the background of the browser even after the user closes the window or tab of the initially visited malicious website. We present the design, implementation, and evaluation of our prototype system, which is compatible with all major browsers, and discuss potential defense strategies to counter the threat of such persistent in- browser attacks. Our main goal is to raise awareness about this new class of attacks, and inform the design of future browser APIs so that they provide a more secure client-side environment for web applications.
Where’s Wally? How to Privately Discover your Friends on the InternetPanagiotis Papadopoulos
Internet friends who would like to connect with each other (e.g., VoIP, chat) use point-to-point communication applications such as Skype or WhatsApp. Apart from providing the necessary communication channel, these applications also facilitate contact discovery, where users upload their address-book and learn the network address of their friends. Although handy, this discovery process comes with a significant privacy cost: users are forced to reveal to the service provider every person they are socially connected with, even if they do not ever communicate with them through the app. In this paper, we show that it is possible to implement a scalable User Discovery service, without requiring any centralized entity that users have to blindly trust. Specifically, we distribute the maintenance of the users’ contact information, and allow their friends to query for it, just as they normally query the network for machine services. We implement our approach in PROUD: a distributed privacy-preserving User Discovery service, which capitalizes on DNS. The prevalence of DNS makes PROUD immediately applicable, able to scale to millions of users. Preliminary evaluation shows that PROUD provides competitive performance for all practical purposes, imposing an overhead of less than 0.3 sec per operation.
Exclusive: How the (synced) Cookie Monster breached my encrypted VPN sessionPanagiotis Papadopoulos
In recent years, and after the Snowden revelations, there has been a significant movement in the web from organizations, policymakers and individuals to enhance the privacy awareness among users. As a consequence, more and more publishers support TLS in their websites, and vendors provide privacy and anonymity tools, such as secure VPNs or Tor onions, to cover the need of users for privacy-preserving web browsing. But is the sporadic appliance of such tools enough to provide privacy?
In this paper, we describe two privacy-breaching threats against users accessing the Internet over a secure VPN. The breaches are made possible through Cookie Synchronization, nowadays widely used by third parties for advertisement and tracking purposes. The generated privacy leaks can be used by a snooping entity such as an ISP, to re-identify a user in the web and reveal their browsing history even when users are hidden behind a VPN. By probing the top 12K Alexa sites, we find that 1 out of 13 websites expose their users to these privacy leaks.
A plethora of Internet services and applications require user authentication. Although many alternatives have been proposed, and despite the significant advancement in attackers’ capabilities to perform password cracking, the most attractive authentication technology today, is still text-based passwords.
The last years, there is a rapid increase in the number of web services a user accesses in their everyday life. Most of these services (e.g., online shops, OSNs, chat clients, etc.) require their very own password, thus increasing the burden of password management on the user side. In this paper, we propose 0pass, a novel system that combines ideas from existing authentication methods, to o er a user-friendly mechanism to securely maintain accounts. 0pass works as a password manager, but it requires zero storage for the passwords: no password will ever get stored either in the user’s device, or in a third-party database.
We implement 0pass as an extension for the popular Google Chrome browser, and we evaluate it by using the popular business- oriented social networking service LinkedIn. Early results from our performance tests show that 0pass, using a proactive strategy, can achieve more than 2 orders of magnitude better performance than the current state-of-the-art authentication mechanism.
Signature-based network intrusion detection systems (NIDS) are one of the most popular tools used to detect and stop malicious attacks or unwanted actions. However, as network attacks become more sophisticated and diversified, the accuracy of signature-based NIDS that rely only on live network traffic decreases significantly. Recent research efforts have proposed to archive the raw contents of the network traffic stream to disk, in order to enable later inspection of activity that becomes interesting only in retrospect. Unfortunately, the ever increasing network traffic and capacity make the collection and archiving of multi-gigabit network streams very challenging.
In this work, we review different mechanisms and techniques to efficiently store the captured network traffic to disk. We also propose an architecture that will integrate all these mechanisms into a single middleware platform that will be used by network monitoring applications in order to enhance their functionalities. Our approach will offer the ability to analyze and correlate multiple security activities, as well as, in terms of forensic analysis, to perform post-mortem incident analysis in order to asses the given damage.
Werner Vogels, the CTO of Amazon.com, mentioned in one of his papers that "data inconsistency in large-scale reliable distributed systems has to be tolerated" in order to obtain the desired performance and availability. In this talk I'll present you how we equip Cassandra with a primary-backup atomic broadcast of a write-ahead log. This way, we achieved to make Apache Cassandra a key-value store that combines strong consistency with high performance and high availability. Finally, we will discuss our compaction scheduling which by far improves throughput by up to 40% in write-intensive workloads.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
If you are not paying for it, you are the product: How much do advertisers pay to reach you?
1. If you are not paying for it, you are the product*:
How much do advertisers pay to reach you?
Panagiotis Papadopoulos
FORTH-ICS, Greece &
University of Crete, Greece
panpap@ics.forth.gr
Nicolas Kourtellis Telefonica Research, Spain
Pablo Rodriguez Rodriguez Telefonica Alpha, Spain
Nikos Laoutaris Data Transparency Lab, Spain
*phraseoriginator:AndrewLewis,a.k.a.blue_beetle
2. Data-driven economy
• The user data of an IT company
→ contribute to its overall market valuation
• Companies pursue more and more users personal data
• By purchasing them
• By providing free services (Google search, Facebook etc.)
Internet Measurements Conference [IMC'17] - P. Papadopoulos 3
3. How is all this data converted to money???
ecosystem of digital advertising
($194.6 billion in 2016)
Internet Measurements Conference [IMC'17] - P. Papadopoulos 4
4. Digital advertising
progressively moving towards a programmatic model
ads are matched to interests of individuals
elaborated user tracking
privacy implications
Internet Measurements Conference [IMC'17] - P. Papadopoulos 5
5. How much do advertisers actually pay to reach you?
Internet Measurements Conference [IMC'17] - P. Papadopoulos 6
8. Programmatic auctions of RTB
Internet Measurements Conference [IMC'17] - P. Papadopoulos 9
Ad Exchange (ADX)
Real-time Auction
Website on the
user’s browser
Demand Side Platforms
(DSPs)
Bid Request (+user info)
0.95 CPM (+impression)
Available ad-slot
9. 0.95 CPM (+impression)
RTB price notification channel
Internet Measurements Conference [IMC'17] - P. Papadopoulos 10
Available ad-slot
Ad Exchange (ADX)
Real-time Auction
Website on the
user’s browser
Demand Side Platforms
(DSPs)
nURL example:
cpp.imp.mpx.mopub.com/imp?ad_domain=amazon.es&ads_creative_id=ID&bidder_id=ID&..&bidder_name=..&
charge_price=0.95&country=ESP¤cy=EUR&latency=0.116&mopub_id=ID&pub name=..
A
D
Impression delivery
(i) you won,
(ii) here’s the charge price,
(iii) the impression is
rendered successfully
Winning
notification
11. Encrypted prices on the rise
Internet Measurements Conference [IMC'17] - P. Papadopoulos
• Charge prices in nURLs tend to be encrypted
Encryption is a regular practice in desktop RTB auctions (~68%)
Lower but rapidly increasing in mobile RTB auctions (~30%)
Previous work [Olejnik, 2013]
assumes encrypted prices
follow the same distribution
as cleartext. But is that so?
Encrypted
12
12. Our approach
1. Leverage Real-Time Bidding (RTB) protocol:
1. 74% of programmatically purchased advertising
2. $8.7 billion in 2016 only in US
2. Methodology to calculate at real time the overall value advertisers
pay per individual user based on her leaked information.
3. Year-long dataset (2015) of 1600 real users
+ 2 real probing ad campaigns
Internet Measurements Conference [IMC'17] - P. Papadopoulos 13
14. YourAdValue browser extension
Internet Measurements Conference [IMC'17] - P. Papadopoulos 15
Monitors RTB nURLs & collects features:
(i) auction-specific metadata and
(ii) personal data the user leaks while
browsing the web
15. Price Modeling Engine (PME)
Internet Measurements Conference [IMC'17] - P. Papadopoulos 16
16. Required input for the PME
Internet Measurements Conference [IMC'17] - P. Papadopoulos 17
18. Evaluating our approach
• Offline year-long (2015) dataset D with
mobile traffic from 1600 real users
• Weblog Ads Analyzer:
filter RTB traffic and
extract features (auction’s metadata and user data) from nURLs
Internet Measurements Conference [IMC'17] - P. Papadopoulos 19
Metric D
Time period 12 months
Impressions 78,560
IAB category
of publishers
18
RTB publishers ∼5.6k/mont
h
20. Features that affect prices (1/3)
Internet Measurements Conference [IMC'17] - P. Papadopoulos
Distribution of charge prices for the 2 most
popular mobile OSes.
Whiskers: 5th, 10th, 50th, 90th,95th percentiles
More Android devices, but iOS-based devices draw higher prices
Percentage of RTB traffic for top mobile OSes.
0%
20%
40%
60%
80%
100%
1 2 3 4 5 6 7 8 9 10 1112
RTBshare
Month of the year
Android
iOS
Windows Mob
Other
0.01
0.1
1
10
100
Android iOS
Chargeprice(CPM)
Mobile Device OS
21
21. Features that affect prices (2/3)
Internet Measurements Conference [IMC'17] - P. Papadopoulos
Distribution of the charged prices per ad-slot size
(sorted by area size).
Whiskers: 5th, 10th, 50th, 90th,95th percentiles
Larger ad-slot sizes do not necessarily get charged more
0
0.2
0.4
0.6
0.8
1
1.2
1.4
1.6
1.8
2
320x50
468x60
728x90
120x600
300x250
160x600
300x600
Chargeprice(CPM)
Ad-slot sizes
22
22. Features that affect prices (3/3)
• user location affects the median charge prices
• during the day median charge prices are of similar range
-> early morning hours - noon: more charge prices with increased values
• some IABs are more costly than others
-> (“Business & Marketing” more expensive than “Science”)
Internet Measurements Conference [IMC'17] - P. Papadopoulos 23
See more about features in the paper…
23. Price Modeling Engine: ad campaigns
Internet Measurements Conference [IMC'17] - P. Papadopoulos 24
24. Real probing ad-campaigns
• 2 real probing ad-campaigns in 2016 (A1, A2):
various experimental setups
Internet Measurements Conference [IMC'17] - P. Papadopoulos 25
Metric D A1 (enc) A2 (clr)
Time period 12 months 13 days 8 days
Impressions 78,560 632,667 318,964
IAB category
of publishers
18 16 7
RTB publishers ∼5.6k/mont
h
∼0.2k ∼0.3k
Filter name Range of values (type)
Cities Madrid, Barcelona, Valencia, Seville
Time of day 12am-9am, 9am-6pm, 6pm-12am
Day of week Weekday, Weekend
Type of device Smartphone, Tablet
Type of OS iOS, Android
Ad-format (smartphone) 320x50, 300x250, 320x480 or 480x320
Ad-format (tablet) 728x90, 300x250, 768x1024 or 1024x768
Ad-exchange MoPub, OpenX, Rubicon, DoubleClick,
PulsePoint
Content category of publisher all IABs possible
25. Comparison of CPM costs for the different IAB categories
in our dataset and the 2 probing adcampaigns.
Cost per IAB in cleartext and encrypted prices
Internet Measurements Conference [IMC'17] - P. Papadopoulos
Median encrypted prices always
higher than cleartext
Time shift: More recent cleartext prices
are higher than the ones last year
26. How much do advertisers pay to
reach you?
Internet Measurements Conference [IMC'17] - P. Papadopoulos 27
27. Encrypted Vs. Cleartext prices
“It’s safe to assume that encrypted
prices follow the same distribution
with cleartext prices.”
price distribution of encrypted prices (A1):
→ distinctly different
→ about 1.7x higher median value than
cleartext prices (A2)
Internet Measurements Conference [IMC'17] - P. Papadopoulos
Comparison of price distributions between
cleartext and encrypted, for different time
periods and datasets (D vs. A1 and A2).
28
28. How much do advertisers pay to reach you?
• Cumulative cost from encrypted prices:
cannot surpass cleartext (still dominant).
• some users more costly than others
• median user costs 25 CPM
(73% of the users cost < 100 CPM)
• 2% of users cost 10-100× more to the
ad-ecosystem than the average user!
Internet Measurements Conference [IMC'17] - P. Papadopoulos
Cumulative CPM paid per user in our
year-long dataset (2015)
29
29. In summary…
• Methodology to measure cost of advertisers per individual user:
• At real time and on user’s side based on the user’s profile
• Leverage ad-auctions and RTB’s price notification channel
• Construct a model to estimate encrypted prices using as features
auction’s metadata and user’s leaked info. (> 82% accuracy)
• Our methodology is tested using a year-long dataset of 1600 real
mobile users
Internet Measurements Conference [IMC'17] - P. Papadopoulos 30
30. Takeaways
Encrypted prices are 1.7x higher than cleartext
Median user costs 25 CPM per year
Taking into account several different factors:
(HTTP+HTTPS, management and intermediaries costs, mobile+desktop traffic)
→ overall user ad-cost in the range of 0.54-6.85€ per year
→ cheaper than most users think (10s of dollars [1])
[1] Your browsing behavior for a big mac: Economics of personal information online. WWW’13
Internet Measurements Conference [IMC'17] - P. Papadopoulos 31
32. Why does winner pay the second best price?
In a first-price auction:
participants guess what everyone else is going to bid
-> put down a bid that's slightly higher than the next person's
In Vickrey auctions:
• a type of sealed-bid auction
-> Bidders submit bids without knowing the bid of others
• The highest bidder wins but the price paid is the second-highest bid.
-> gives bidders an incentive to bid their true value.
Internet Measurements Conference [IMC'17] - P. Papadopoulos 33
33. What if?
• In a future of no anonymous contributions…
• In a future of no cleartext charge prices…
How to obtain features <-> charge prices pairs?
→ more probing ad campaigns to
cover the necessary experimental setups…
Internet Measurements Conference [IMC'17] - P. Papadopoulos 34
34. Estimation of encrypted prices
• Based on the features:
ad-slot size, user location, type of device, time of day,
day of week, user interests (IAB)
• we train a RF to model encrypted charge prices
(> 82,3% accuracy – 0.964 AUCROC)
• we estimate the total cost paid for each user in our dataset.
Internet Measurements Conference [IMC'17] - P. Papadopoulos 35
Editor's Notes
Good morning to everyone. In this talk I will present you my work that aims to answer the following question: How much do advertisers pay to reach us?
In today’s data-driven economy, the amount of user data an IT company holds, has a direct contribution to its overall market valuation. Companies rush to collect user data either by purchasing them or by providing useful services for free.
The simlest question that comes in mind here is ”Where is all this volume of data converted to money? “ and the answer is pretty straighforward: in the personalized advertising which last year had total revenue of 200 billion dollars
Online advertising is progressively moving towards a more personalized programmatic model, where adslots are being bought in instantaneous ad-auctions and filled with ads that match the interests of the particular user. Of course, these interests are extracted based on the user interests and behavior collected usually through elaborate and sometimes pervasive tracking. Letting the privacy implications aside…
a very important question that motivates our work is: How much do advertisers actually pay to reach us?
Given the lack of Transparency on this aspect, our scope is to shed light in the programmatic auctions and increase the awareness of the users regarding the monetary value advertisers pay to get their attention.
But before I describe our approach, let me first give you some background on how programmatic auctions work:
The most popular protocol used in ad-auctions is the Real-Time Bidding. In which, whenever the user visits a website that includes an available ad slot, it triggers an impression request to an ADX.
The ADX is a real-time marketplace platform that hosts ad-auctions where the higher bidder wins and pays the second best bid.
The ADX will then send Bid Requests to its affiliated DSPs along with some user info in order for them to learn who is the user that they are bidding for.The DSPs, are agencies aiming to help advertisers find the proper audience for their impressions and bid accordingly. As a consequence, each DSP will process the user info and will decide if and how much will it bid for the specific ad slot. Then, DSPs will respond back with their bids which are in CPM (or in other words Cost per Thousand of impressions)...
...and the ad-exchange will inform the higher bidder about its win. In this study we leverage this particular step of RTB. This is where the winning DSP gets informed about its win along with the price it got charged which in this example is 0.95 euro for a 1000 of impressions. This step happens through the user in order to ensure the Bidder that the impression was indeed rendered on the user side. So by monitoring this part on the user’s browser we can retrieve the charge price of each auctioned slot.
So obviously to calculate the total cost of a user, one might just sum all the received charge prices.
However, the challenge here is that more and more charge prices in nURLs tend to be encrypted by ADXs and DSPs for integrity and confidentiality purposes. In particular, encryption is a regular practice in desktop RTB auctions (around 70%) when although lower in mobile RTB auctions, it’s steadily increasing.
A previous work assumes that encrypted prices follow the same distribution as cleartext. In our approach we consider this assumption unverified.
Therefore in this work we leverage the popular RTB protocol to propose a holistic methodology to calculate the overall cost the advertisers pay for an individual user. We implemented our approach in a Chrome browser plugin, which is able to calculate this cost for each individual user at real time.
To asses the effectiveness of our approach, we use a year long dataset which includes weblogs of 1600 real users and we performed 2 real ad-campaigns to retrieve the needed ground truth
This is a high-level overview of our method.
as you can see there are 2 main components the remote Price Modeling Engine and the browser plugin namely YourAdValue.
The browser extension is responsible for monitoring the user’s RTB traffic and extracting the charge prices of the delivered advertisements at real time.
For the cleartext prices the aggregation of the total is straightforward.
For the encrypted charge prices, it has to follow a more complex process.
It extracts features from the browsing activity which include user’s leaked information and auction’s metadata. Based on those, it applies a decision tree to estimate the value of these encrypted prices.
This decision tree describes the encrypted prices based on specific features and is derived asynchronously from our remote Price Modeling Engine.
To create this decision tree, PME requires two types of input:
1) a sample of cleartext prices with their associated features which is acquired by anonymous contributions of users.
and
2) ground truth data to assess the difference between cleartext and encrypted prices and this data is acquired through probing ad-campaigns.
After presenting the design of our approach let me present its evaluation
First we bootstrap PME with real data from a year long dataset containing weblogs from around 1600 real mobile users. To analyse this large dataset we built a tool to extract RTB prices and features, which include user location, user interests, time of visit, ad slot size, user mobility and many more.
Let me remind you that the extracted features are a required input for PME to model the encrypted values
One of the most interesting features we used was the type of mobile device the user has. On the left figure you can see the popularity of the different device types in our dataset. And on the right the distribution of the charge prices for the 2 most popular ones. As we see although Android-based devices are more popular, advertisements in Apple devices were more expensive.
Another important feature is the ad slot size, and here we see the charge prices the most popular of them had. Surprisingly we see that the size of the ad slot is not linear with the price. So it doesn’t mean per se that the bigger the ad-slot the more expensive it is.
Other interesting findings that you can see in the paper include
that the user’s location (at city level) affects the median charge price
(2) In addition, during the day, median charge prices are of similar range, however in early morning hours till noon we see more increased charge prices.
(3) Finally as expected, advertisers pay more for particular categories of user interests.
All these extracted features are used as input in our probing ad campaigns
In the table, you can see the basic filters we used. Specifically, we ran 2 controlled ad campaigns in Spain testing 144 experimental setups. In the first campaign we collaborate specifically with ADXs that use encrypted prices and in the second, with one that uses only cleartext prices.
in this figure, we see a comparison of the IAB categories of the RTB impressions we took from
(i) the set of encrypted prices from the 1st ad-campaign,
(ii) the set of cleartext prices from the 2nd ad-campaign,
and (iii) a 2 months subset of our dataset.
As we see:
the median prices are always higher in case of encrypted prices, compared to the cleartext.
there is a timeshift where we see that although the median cleartext prices are usually in the same order of magnitude, they are higher in the case of the more recent ad-campaign contrary to 2 month dataset of last year
So after fine-tuning our prediction model its time to respond to our motivating question
As we said previous related work assumed that encrypted prices follow the same distribution with cleartext. To verify this assumption, we plot the distributions for both of them and as we see this assumption cannot be confirmed! As you can see in red and orange lines, the price distribution of encrypted prices from 1st ad-campaign is of higher median value (around 1.7x higher) than cleartext prices of the 2nd ad-campaign.
However although the values of encrypted prices are higher than the ones of the cleartext prices, we see here that the cumulative cost from the encrypted prices is not surpassing the one of cleartext prices, since the latter is still the dominant price delivery mechanism in mobile RTB.
We also see that some users are more costly than others. Specifically, the median user costs 25 CPM across the year, when on the other hand, there is a small 2% of users, for whom the advertising ecosystem spent 10-100× more
In summary, we propose a methodology to measure at real time the cost advertisers pay to reach a user even when the prices are encrypted.
We leverage programmatic instantaneous auctions and specifically the RTB’s price notification channel
We built a model to estimate encrypted prices based on features extracted by the the user’s leaked info.
We test our methodology using a year-long dataset of 1600 mobile users
Before I conclude let me give you some interesting Takeaways.
The results of this study show that encrypted prices are in general higher than cleartext.
And that a median user cost around 25 CPM per year.
So considering the portion of the total user traffic we have in our dataset and we estimated that the overall cost of the average user is in the range of 0.5 to 7 euros, quite lower than what most users think according to a previous user survey.
In first-price auctions participants are trying to first guess what everyone else is going to bid and then put down a bid that's slightly higher than the next person's so they don’t bid their true value.
The type of auctions performed in programmatic ad auctions is a generalized type of vickrey auctions where all bids are sealed and no bidder can know the bids of others. So by having winners pay the second best bid it gives bidders an incentive to bid their true value.
So based on the most important features we analyzed, we train a Random Forests to model encrypted charge prices and finally estimate the total cost advertisers paid for each individual user in the our dataset.