Web-based advertising systems have been exploited by cybercriminals to disseminate malware to an enormous number of end-users and their vulnerable machines. To protect their malicious ads and malware from detection by the ad network, malvertisers apply various redirection and evasion techniques. Meanwhile, the ad network can also apply inspection techniques to spoil the malvertiser's tricks and expose the malware. However, both the malvertiser and the ad network are under resource and time constraints. Moreover, the ad network is disadvantaged because it has incomplete information about whether it is facing a benign or malicious advertiser. In this paper, we aim to apply the Bayesian game model by designing two games to formulate the problem of inspecting the Web-based maladvertising. The first game has two types of Advertisers, namely Malicious and Benign, and one type of Defender; the second game has two types of Attackers, Advanced and Simple, in terms of their capability of redirection and evasion, and one type of Defender. We define their strategies and payoff functions, and compute their Bayesian Nash equilibria. We use numeric simulation to evaluate our game theoretic models, and we derive several insights from the results that can serve as guidelines for the ad network to decide its best inspection strategy.

中文翻译：

---

一种用于检查基于 Web 的恶意广告的贝叶斯博弈论方法

网络犯罪分子已经利用基于 Web 的广告系统向大量最终用户及其易受攻击的机器传播恶意软件。为了保护他们的恶意广告和恶意软件不被广告网络检测到，恶意广告商应用了各种重定向和规避技术。同时，广告网络还可以应用检查技术来破坏恶意广告商的伎俩并暴露恶意软件。然而，恶意广告商和广告网络都受到资源和时间的限制。此外，广告网络处于不利地位，因为它没有关于它是否面对良性或恶意广告商的不完整信息。在本文中，我们旨在通过设计两个游戏来应用贝叶斯游戏模型来制定检查基于网络的恶意广告的问题。第一个游戏有两种类型的广告商，即恶意和良性，以及一种类型的防御者；第二个游戏有两种类型的攻击者，高级和简单，根据他们的重定向和躲避能力，以及一种类型的防御者。我们定义了他们的策略和收益函数，并计算了他们的贝叶斯纳什均衡。我们使用数值模拟来评估我们的博弈论模型，并从结果中得出一些见解，这些见解可以作为广告网络决定其最佳检查策略的指南。