GeoEdge on Twitter
GeoEdge on Linkedin

© Copyright 2016 GeoEdge Ltd.  |  All rights reserved  |  Privacy Policy  |  Terms of Service

GeoEdge on Twitter

Reflections on the State of Ad Security in an Interview with Admonsters

January 13, 2016

For all ad market players, the comprehensive malvertising attacks of today with selective rogue ad targeting and complicated ad delivery chains, it becomes nearly impossible to identify and locate unwanted behavior.  There is an increased sophistication in malvertising attacks that have lead to higher distribution of exploit kits and drive-by-downloads. Video and HTML5 ads are subject to malware injections as they gain more prominence in the advertising industry. 


Our GeoEdge CEO sits down with Admonsters Gavin Dunaway to give his thoughts about the state of ad security in the industry. Excerpted from the article, To Protect and Serve: A Conversation on Malware, Video, & HTML5 with GeoEdge’s Amnon Siev: 


GAVIN DUNAWAY: Are there some topics that you think have not gotten the attention they deserve?

AMNON SIEV: From our perspective, there is more and more of a need for automation. When you look at the day-to-day challenges, that’s a big problem publishers are facing. Back in the day, Flash had many challenges around security, and Flash also introduced CPU issues. People were hoping the introduction of HTML5 would solve that.

Flash was very easy for agencies to produce. But there was demand from publishers to move into HTML5, because of its superior level of performance and security. Having said that, HTML5 is a much more complicated creative. Who is responsible for putting it into one coherent entity, rendered correctly? Who is going to make sure that when the user interacts with that entity, everything is working properly?

We are also seeing the boom of content recommendation engines in companies like Taboola, Nativo and Outbrain, with many top publishers putting the pixel code of these native advertising platforms on their sites. Of course, this brings with it a security vulnerability -- malicious activity is occurring through these channels.

Native is a broad term, but again, it’s another piece of technology the publisher needs to check.


GD: Is HTML5 in general a more secure format than Flash?

AS: Yes. This is going back to good old Javascript. You are not relying on a Flash plug-in that has tons of end-user vulnerabilities.


GD: Are there specific challenges in HTML5 for publishers beyond the complexity of the files?

AS: There are issues of latency. For example, the user starts to interact with the banner, and then another image needs to load. This may lead to latency because of the size of the HTML5 file. In HTML5, the publisher allows another piece of code to change the layout of the page dynamically, according to the user’s interaction. And the publisher needs to make sure that this is done in a way that maintains a good user experience.

In fact, some publishers are so concerned with this issue, they ask the agency to provide them the separate HTML5 components, planning to integrate them into one coherent piece of code themselves


GD: What are the biggest challenges you’re facing on mobile? And are you doing mobile web as well as mobile apps?

AS: We are. From a security perspective, I would say the biggest problem would be phishing scams and auto-redirect. If you asked the biggest mobile exchange or SSP, they would say that the biggest issue is auto-redirect. And this is not a security issue per se, but it actually creates a very bad user experience.

Another challenge is, some of these attacks target only mobile carriers. Today, part of our solution is to check content that is being targeted to mobile carriers versus regular IPs.


GD: What difference does that make, whether it’s carrier- or IP-based?

AS: It’s a matter of sophistication of the bad guys. Traditionally, companies doing the scanning would look for attacks to a regular proxy or regular IP. So the bad guys took it a notch up, and they’re carrying out attacks that only target mobile carriers. For example, you can use your iPhone via wifi and everything will be okay, but the moment you’re connected to your 4G network, you will start to see malicious activity.


GD: You guys recently introduced your video verification product. What were the biggest challenges in bringing that to reality? What is so different with video compared to display?

AS: From a technical perspective, when you analyze a typical video impression, it’s divided into two areas. One is a traditional Javascript domain, which is quite similar to what we used to see in display, when we had nested iframes. One demand partner may call another using Javascript rendered on the client side. At some point the player is loaded, and then basically the player becomes the king. This introduces extra challenges, to capture activities on VAST and on the VPAID domain.

People keep talking about the shift over to HTML5, but when you analyze the video, specifically the VPAID element, many still are using Flash. The typical video exchange serve both Flash and HTML5 objects that need to be analyzed separately. We have been able to surmount all of these challenges and provide video scanning capabilities that capture and detect the VAST and VPAID specs for our customers’ needs.


GD: I still feel like we hear a lot of publisher reluctance to use third-party security services. What is typical pushback you hear?

AS: I wouldn’t say that we hear pushback. It’s kind of a joke here internally: Usually we get the call after the client has their first malware incident.

ROI is a factor. It’s very hard to quantify the cost of a malvertising attack. It’s hard to get a publisher that never had a security incident to spend a dollar to get protection. But the moment they actually face the problem head-on, they say it’s a no-brainer.


To read the full article, click here. 

Please reload

Please reload

Browse Posts By Tags
Popular Posts
Please reload