Click fraud detection

US 7,657,626 B1
Filed: 09/14/2007
Issued: 02/02/2010
Est. Priority Date: 09/19/2006
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for detecting click fraud, the method comprising:

accessing a database of collected activity data, wherein the activity data includes records associating at least identifiers for destination electronic documents served from a referred-to website, events of access to the electronic documents, identifiers of referring electronic documents having embedded therein referring resources linking to the destination electronic documents, and identifiers of user computers to which the destination electronic documents were served by the referred-to website;

selecting a first portion of activity data for analysis of click fraud, wherein the selected first portion is associated with at least one selected referred-to website, at least one referring electronic document of a referring website, and at least one IP address of a user computer, the selected first portion of activity data comprising at least one parameter relating to information of the access event;

extracting first statistical information related to the at least one parameter for observations in the first portion of activity data;

selecting a second portion of activity data for use as a comparative reference, the second portion comprising at least some additional activity data that is not present in the first portion;

extracting second statistical information corresponding to the first statistical information, wherein the second statistical information is related to the at least one parameter for observations in the second portion of activity data;

comparing the first statistical information and the second statistical information; and

assessing whether or not click fraud is present for the at least one IP address based at least partly on the comparison.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for detecting instances of click fraud are disclosed. Click fraud occurs when, for example, a user, malware, bot, or the like, clicks on a pay per click advertisement (e.g., hyperlink), a paid search listing, or the like without a good faith interest in the underlying subject of the hyperlink. Such fraudulent clicks can be expensive for an advertising sponsor. Statistical information, such as ratios of unpaid clicks to pay per clicks, are extracted from an event database. The statistical information of global data is used as a reference data set to compare to similar statistical information for a local data set under analysis. In one embodiment, when the statistical data sets match relatively well, no click fraud is determined to have occurred, and when the statistical data sets do not match relatively well, click fraud is determined to have occurred.

237 Citations

22 Claims

1. A computer-implemented method for detecting click fraud, the method comprising:
- accessing a database of collected activity data, wherein the activity data includes records associating at least identifiers for destination electronic documents served from a referred-to website, events of access to the electronic documents, identifiers of referring electronic documents having embedded therein referring resources linking to the destination electronic documents, and identifiers of user computers to which the destination electronic documents were served by the referred-to website;
  
  selecting a first portion of activity data for analysis of click fraud, wherein the selected first portion is associated with at least one selected referred-to website, at least one referring electronic document of a referring website, and at least one IP address of a user computer, the selected first portion of activity data comprising at least one parameter relating to information of the access event;
  
  extracting first statistical information related to the at least one parameter for observations in the first portion of activity data;
  
  selecting a second portion of activity data for use as a comparative reference, the second portion comprising at least some additional activity data that is not present in the first portion;
  
  extracting second statistical information corresponding to the first statistical information, wherein the second statistical information is related to the at least one parameter for observations in the second portion of activity data;
  
  comparing the first statistical information and the second statistical information; and
  
  assessing whether or not click fraud is present for the at least one IP address based at least partly on the comparison.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, wherein the destination electronic documents comprise web pages, wherein the referring resources comprise hyperlinks, and wherein the identifiers of user computers comprise IP addresses.
  - 3. The method of claim 1, wherein the at least one parameter comprises a count of pay per click or pay per impression, referrals and a count of unpaid referrals, and wherein generating the first statistical information comprises determining a ratio of pay per click referrals or pay per impression referrals to unpaid referrals for the first portion, and wherein generating the second statistical information comprises determining a ratio of pay per click referrals or pay per impression referrals to unpaid referrals for the second portion.
  - 4. The method of claim 1, wherein generating the first statistical information comprises at least one of standard deviation, skewness, or kurtosis.
  - 5. The method of claim 1, wherein generating the first statistical information comprises at least one of an average or a deviation.
  - 6. The method of claim 1, wherein comparing further comprises at least one of an analysis of variance or a Kolmogorov-Smirnov test.
  - 7. The method of claim 1, wherein the referring web site comprises a search engine.
  - 8. The method of claim 1, wherein the referring web site comprises a search engine, further comprising:
    - using automated pattern recognition to select a plurality of search queries; and
      
      generating probability distributions of search queries for both the first portion and the second portion for the first statistical information and the second statistical information, respectively.
  - 9. The method of claim 1, wherein the first portion of activity data and the second portion of activity data comprise data of the same referred-to website from different times.
  - 10. The method of claim 1, wherein the first portion of activity data comprises data corresponding to a first group of IP addresses and the second portion of activity data comprises data corresponding to a second group of IP addresses, the second group comprising at least some IP addresses that are different from the first group.
  - 11. The method of claim 10, further comprising selecting the first group of IP address and the second group of IP addresses at least partially based on a geographical or national association with the IP addresses.
  - 12. The method of claim 1, wherein the first portion of activity data comprises data corresponding to a referring website under analysis and the second portion of activity data comprises data corresponding to at least additional referring websites.
  - 13. The method of claim 1, wherein the first portion of activity data comprises data corresponding to a first referring website of a particular publishing type, and wherein the second portion of activity data comprises at least a different referring website of the same publishing type as the first referring website.
  - 14. The method of claim 1, further comprising collecting activity data using a browser-executable tool.
  - 15. The method of claim 1, further comprising:
    - repeatedly reselecting the first portion of activity data and repeating at least said generation of the first statistical information and said comparison of the first statistical information and the second statistical information;
      
      ranking said comparisons by comparison scores; and
      
      identifying click fraud candidates via said ranking.
  - 16. The method of claim 1, further comprising automatically generating a report based at least in part on comparisons of the first statistical information and the second statistical information and on the assessment of click fraud.
  - 17. The method of claim 1, further comprising if assessing determines that click fraud is present for the at least one IP address, then removing one or more referring resources embedded in the referring electronic documents for referring electronic documents to be delivered to the at least one IP address.
  - 18. The method of claim 1, further comprising if assessing determines that click fraud is present for the at least one IP address, then blocking the at least one IP address from access to the referring electronic documents.
  - 19. The method of claim 1, wherein the referring resources comprise advertisements.
  - 20. The method of claim 1, wherein the method is performed in its entirety by a computer system that comprises one or more computers.

21. An apparatus for detecting click fraud, the apparatus comprising:
- a descriptive statistics system configured to;
  
  access a database of collected activity data, wherein the activity data includes records associating at least identifiers for destination electronic documents served from a referred-to website, events of access to the electronic documents, identifiers of referring electronic documents having embedded therein referring resources linking to the destination electronic documents, and identifiers of user computers to which the destination electronic documents were served by the referred-to website;
  
  select a first portion of activity data for analysis of click fraud, wherein the selected first portion is associated with at least one selected referred-to website, at least one referring electronic document of a referring website, and at least one IP address of a user computer, the selected first portion of activity data comprising at least one parameter relating to information of the access event;
  
  generate first statistical information related to the at least one parameter for observations in the first portion of activity data;
  
  select a second portion of activity data for use as a comparative reference, the second portion comprising at least some additional activity data that is not present in the first portion; and
  
  generate second statistical information corresponding to the first statistical information, wherein the second statistical information is related to the at least one parameter for observations in the second portion of activity data; and
  
  an inferential statistics system configured to compare the first statistical information and the second statistical information and to assess whether or not click fraud is present for the at least one IP address at least partly in response to the comparison.
- View Dependent Claims (22)
- - 22. The apparatus of claim 21, wherein said inferential statistics system comprises a computer system comprising one or more computers that is programmed, via executable instructions, to perform said comparison of the first statistical information and the second statistical information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gula Consulting Limited Liability Company (Intellectual Ventures LLC)
Original Assignee
Enquisite, Inc.
Inventors
Zwicky, Richard Kazimierz
Primary Examiner(s)
ROBINSON, GRETA LEE

Application Number

US11/855,907
Time in Patent Office

872 Days
Field of Search

707/3, 707/5, 707/6, 707/9, 707/10, 707/102, 707/104.1, 707/E17.108, 709/224, 705/1, 705/7, 705/10, 705/14.41, 705/14.52, 705/14.69, 705/14.73, 705/26, 705/37, 705/51, 705/52, 705/57, 705/64, 705/72
US Class Current

709/224
CPC Class Codes

G06Q 30/02   Marketing; Price estimation...

G06Q 30/0225   Avoiding frauds

G06Q 30/0246   Traffic

G06Q 30/0248   Avoiding fraud

Click fraud detection

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

237 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Click fraud detection

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

237 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links