Skip to main content

Research Repository

Advanced Search

Analysis of malicious affiliate network activity as a test case for an investigatory framework.

Miehling, Mathew J; Buchanan, William J; Old, L John; Batey, Alan; Rahman, Arshad


Mathew J Miehling

L John Old

Alan Batey

Arshad Rahman


Currently there is a great deal of literature surrounding methods that can be used to de-tect click-fraud, but there is very little published work on actual cases of click-through fraud. The aim of this paper is to present the details of a real-life fraud, in order that lessons may be learnt to over-come this type of fraud in the future. The paper outlines a fraud that is suspected to have included both PPC and PPS from fraudulent affiliates.
This paper describes a methodology for the investigation process of affiliate network scams, includ-ing the anonymisation of personal and location details, while providing an analysis of an actual crime. In total, the case examined resulted in an estimated loss of around £200,000 with a further estimated loss of over £200,000 if further transactions had not been cancelled.
The methods used within the scam are outlined using anonymised data, and presented to highlight the malicious activity. This included both pay-per-click and pay-per-sale scams most likely using sto-len identity information. It concludes with the methods that may be helpful in possibly identifying malicious activity with affiliate networks and how a framework can be setup to investigate these crimes.
The current work involves developing an investigatory framework focused on the early detection of electronic fraud, and the work done for this paper will be used as a test case on affiliate fraud data. The future aim of the research is to completely automate the investigatory framework that will allow incident data to be processed so that the context of a crime is not lost, but that it anonymises and protects the identity of those involved.


Miehling, M. J., Buchanan, W. J., Old, L. J., Batey, A., & Rahman, A. (2010, July). Analysis of malicious affiliate network activity as a test case for an investigatory framework

Start Date Jul 1, 2010
End Date Jul 2, 2010
Publication Date 2010
Deposit Date Aug 31, 2010
Publicly Available Date Dec 31, 2010
Peer Reviewed Peer Reviewed
Pages 209
Book Title Proceedings of 9th European Conference on Information Warfare and Security
Keywords malicious network activity; investigatory framework; affiliate advertising; click through; fraud; financial services; e-crime;
Public URL
Contract Date Aug 31, 2010


You might also like

Downloadable Citations