Google Publishes Papers On Clickbots

Last night the Google AdWords blog announced a paper they published named The Anatomy of Clickbot.A. The paper was rewritten by Neil Daswani, Michael Stoppelman, and the Google Click Quality and Security Teams. Here is the abstract:

This paper provides a detailed case study of the architecture of the Clickbot.A botnet that attempted a low-noise click fraud attack against syndicated search engines. The botnet of over 100,000 machines was controlled using a HTTP-based botmaster. Google identified all clicks on its ads exhibiting Clickbot.A-like patterns and marked them as invalid. We disclose the re- sults of our investigation of this botnet to educate the security research community and provide information regarding the novelties of the attack.

Related Topics: Channel: SEM | Legal: Clickfraud


About The Author: is Search Engine Land's News Editor and owns RustyBrick, a NY based web consulting firm. He also runs Search Engine Roundtable, a popular search blog on very advanced SEM topics. Barry's personal blog is named Cartoon Barry and he can be followed on Twitter here. For more background information on Barry, see his full bio over here.

Connect with the author via: Email | Twitter | Google+ | LinkedIn


Get all the top search stories emailed daily!  


Other ways to share:

Read before commenting! We welcome constructive comments and allow any that meet our common sense criteria. This means being respectful and polite to others. It means providing helpful information that contributes to a story or discussion. It means leaving links only that substantially add further to a discussion. Comments using foul language, being disrespectful to others or otherwise violating what we believe are common sense standards of discussion will be deleted. Comments may also be removed if they are posted from anonymous accounts. You can read more about our comments policy here.
  • savage

    “The Clickbot.A botnet was first publicly reported by Swa
    Frantzen, an incident handler at SANS [4], in mid-May 2006.
    At the time, based on a screenshot of the botmaster administration
    console obtained by Frantzen (similar to the one shown
    in Figure 2), the bot client was believed to have been running
    on just over 100 machines. Frantzen was able to obtain access
    to the botmaster administration console because it was not protected
    by a password, HTTP authentication, or IP whitelisting.”

    I was anticipating a far more exciting discovery.

  • Michael Martinez

    It’s a good start but there is a lot more out there and they really need to demonstrate that they have a handle on this.

Get Our News, Everywhere!

Daily Email:

Follow Search Engine Land on Twitter @sengineland Like Search Engine Land on Facebook Follow Search Engine Land on Google+ Get the Search Engine Land Feed Connect with Search Engine Land on LinkedIn Check out our Tumblr! See us on Pinterest


Click to watch SMX conference video

Join us at one of our SMX or MarTech events:

United States


Australia & China

Learn more about: SMX | MarTech

Free Daily Search News Recap!

SearchCap is a once-per-day newsletter update - sign up below and get the news delivered to you!



Search Engine Land Periodic Table of SEO Success Factors

Get Your Copy
Read The Full SEO Guide