CN113538042A - Block chain-based online advertisement click fraud monitoring and preventing method - Google Patents

Abstract

The invention discloses an online advertisement click fraud monitoring and preventing method based on a block chain. The entity involved in the invention comprises an identity management authority, a user, an advertisement network, an advertisement publisher, an advertiser, an entity identity block chain and an access behavior block chain. Firstly, an identity management authority, an entity identity block chain, a user, an advertisement publisher and an advertiser initialize to generate parameters required by a system and public and private key information required by the system; then, the user U_iThe advertisement publisher PUB and the advertiser ADE register with an identity management organization IMA; then, the advertisement publisher and the site publish relevant advertisements to the target users to attract the users to click; finally, the advertisement publisher PUB, the advertiser ADE, and the site MS are all able to monitor and prevent click fraud. The invention ensures the authenticity of the click rate in the settlement process of the online advertising system by utilizing the characteristic that the block chain can not be tampered.

Description

Block chain-based online advertisement click fraud monitoring and preventing method

Technical Field

The invention relates to the technical field of fraud monitoring and prevention, in particular to an online advertisement click fraud monitoring and prevention method based on a block chain.

Background

Consumers generate revenue for advertising providers by clicking on online advertisements, but subsequent click fraud by criminals poses a threat to this advertising system.

In this scenario, although some online advertisement click fraud monitoring and prevention techniques have been proposed; however, the proposed method is either vulnerable to adversarial attacks or difficult to cope with potential click fraud. Therefore, this section proposes a block-chain-based online advertisement click fraud detection and prevention method BCFDPS (a block-based click front detection and prediction scheme for online advertisement adaptation).

Disclosure of Invention

The invention mainly aims at the defects of the existing click fraud monitoring and preventing technology and provides an online advertisement click fraud monitoring and preventing method based on a block chain.

The technical scheme adopted by the invention for solving the technical problems is as follows:

the invention comprises seven components of an identity management organization, a user, an advertisement network, an advertisement publisher, an advertiser, an entity identity block chain and an access behavior block chain, and the interaction steps of the components are as follows:

step 1, initializing a system; respectively initializing an identity management authority, an entity identity block chain, a user, an advertisement publisher and an advertisement main to generate parameters required by the system;

step 2, the user, the advertisement publisher and the advertiser register with an identity management organization respectively; acquiring respective identity marks and identity licenses to prove authenticity and legality of the user; the user also obtains the signature of the identity related information after the process, and the advertisement publisher also obtains the identity related attribute information; after a certain period, the identity management organization writes an entity registration result into the entity identity block chain, and stores the identity identification information of the user, the advertisement publisher and the advertiser into the entity identity block chain in a transaction form;

step 3, advertisement publishing;

3-1, an advertisement publisher publishes online advertisements: when a user accesses an advertisement network, encrypted user identity information needs to be sent to a website in the advertisement network, and then the website forwards the information to each advertisement publisher; according to the information, advertisement publishers participate in the advertisement bidding process of the website, and then the website publishes online advertisements which bid successfully in the advertisement network managed by the website; after a certain period, the website in the advertisement network writes the advertisement publishing result into the access behavior block chain: storing the advertisement identification, the encrypted bidding cost, the site identification and the advertisement publisher identification information into an access behavior block chain in a transaction form;

3-2, clicking the online advertisement by the user: the user clicks the interested advertisement in the advertisement network, the user embeds the identity permission to generate advertisement click information, the advertisement click information is sent to the site, and the site forwards the information to the advertisement publisher of the advertisement; after a certain period, the site in the advertisement network writes the advertisement forwarding result into the access behavior block chain: performing hash processing on the advertisement, the advertisement click information of the user, the site identification and the advertisement publisher identification information, and then storing a hash result into an access behavior block chain in a transaction form;

step 4, click fraud monitoring and prevention;

4-1, advertisement publisher monitoring and click fraud prevention: the advertisement publisher decrypts the advertisement click information by using the private key of the advertisement publisher, and then verifies the advertisement click information by combining the identity permission of the advertisement publisher and the identity permission in the click information so as to complete monitoring and prevention of malicious click fraud;

4-2, advertiser monitoring and click fraud prevention: the advertisement master-slave advertisement publisher obtains part of the invariable parameters in the advertisement click information, decrypts the part of the parameters by using a private key of the advertisement master-slave advertisement publisher, and then verifies the parameters by combining the identity permission of the advertisement master-slave advertisement publisher and the identity permission in the decryption result so as to complete monitoring and prevention of malicious click fraud;

4-3, site monitoring and click fraud prevention: site monitoring and click fraud prevention in advertising networks; the website obtains the private key decryption result of the advertisement publisher of the click information from the advertisement publisher, encrypts the decryption result by using the public key of the advertisement publisher, and then compares the decryption result with the advertisement forwarding result in the access behavior block chain to complete monitoring and prevention of malicious click fraud.

Further, the system initialization in step 1 is the initialization of an identity management authority and an entity identity block chain EIB, and provides parameters for system entity registration; the user, the advertisement publisher and the advertiser are initialized to provide a public and private key pair for registration, and the method is specifically realized as follows:

1-1, initializing an identity management authority: the identity management organization IMA firstly generates a public and private key PK of the identity management organization IMA_IMA/SK_IMAThe public key PK is published in the system_IMA(ii) a IMA defines an attribute set S { { PUB }, { Hat { [ Clouuthes { [ Tunts { [ Tu ] Shoes [ Tu ] Food } … } according to an advertisement type of an advertisement publisher PUB agent; wherein Hat, Clouthes, Pants, Shoes and Food are attribute labels;

1-2. entity identity Block chains EIB for all users U_iThe public parameter PP of the system is initialized by the advertisement publisher PUB and the advertiser ADE, and the method is specifically realized as follows:

EIB selects a large prime number p and an elliptic curve E_p(a, b) and an n-th order finite field E_pA lower base point P; then IMA selects a bilinear group G with a generator G and two random numbers

The following parameters were calculated: h is g^β,f＝g^{1 /β},l＝e(g,g)^α,MK＝(β,g^α) And forming a common parameter PP:

PP＝<E_p(a,b),P,G,g,h,e,f,l,MK>

wherein e is bilinear mapping function-Weil pairing algorithm; when the IMA joins the EIB network, the EIB sends the public parameter PP to the IMA; finally, the EIB generates a shared secret key X and distributes the X to each IMA by dividing the X into a plurality of sub-secrets by using a Shamir (t, n) threshold secret sharing algorithm;

1-3. user U_iThe advertisement publisher PUB and the advertiser ADE respectively generate their public and private keys, which are respectively recorded as PK_U/SK_U，PK_PUB/SK_PUBAnd PK_ADE/SK_ADE。

Further, user U_iThe advertisement publisher PUB and the advertiser ADE can all register with the identity management organization IMA in advance and can carry out the next step after obtaining the identity identification and the identity permission, wherein U_iAnd further obtaining a signature of the identity related information, and obtaining attribute information related to the identity by the advertisement publisher PUB, wherein the specific implementation is as follows:

2-1. user U_iRegistering with IMA;

the first step is as follows: IMA Collection to user U_iThe fingerprint is digitized to obtain corresponding digitized information, a group of unique code segments are selected and recombined from a local code library according to the digitized information of the fingerprint, then the code segments are subjected to hash processing to obtain corresponding hash values, and the hash values are used as user U_iThe real identity UID of; after that, IMAs recover the shared secret X using Shamir (t, n) threshold secret sharing algorithm, and then calculate the user U_iIdentity permission IL of_UUID · h (x) ·p, mask identity MUID ═ UID · P, and signature

Then IMA will information

Is sent to user U_iIn the browser plug-in of (1), where PP is a common parameter generated by EIB initialization, h (IL)_U) Representation pair IL_UThe hash process is carried out to carry out the hash process,

representing IMA versus content h (IL)_U) I MUID use privacyKey SK_IMAThe signature is carried out and the signature is carried out,

representing U versus UID IL_U||U_SigThe | PP uses the public key PK_UEncrypting;

the second step is that: IMA hashes the information UID and then records the hash result h (UID) in the EIB blockchain, and is used for accountability of the user U when click fraud occurs_i；

2-2, registering the advertisement publisher PUB with the IMA;

the first step is as follows: IMA generates an identity PUBID and an attribute set S { { PUB }, { Bat { [ U ] FOod [ U ] … } } for the PUB according to the advertisement types proxied by the PUB, then IMAs recover a shared key X by using a Shamir (t, n) threshold secret sharing algorithm, and then the identity permission IL of the advertisement publisher PUB is calculated_PUBPUBID h (x) P, then IMA will information

Sending the advertisement to the advertisement publisher PUB;

the second step is that: IMA hashes the information PUBID, records the result h (PUBID) in the EIB block chain, and monitors the PUB of the advertisement publisher when click fraud occurs;

2-3, registering an ADE to the IMA;

the first step is as follows: IMA generates identity ADEID for ADE according to advertisement type required to be released by ADE, then IMA recovers shared key X by using Shamir (t, n) threshold secret sharing algorithm, and then calculates identity permission IL of advertiser ADE_ADEADEID.h (X) P, and then IMA will transmit the information

Sending to the advertiser ADE; the second step is that: IMA records information h (adeid) in the EIB blockchain for auditing the advertiser ADE when click fraud occurs.

Further, in step 3-1, the advertisement publisher publishes the online advertisement, which is specifically realized as follows:

the first step is as follows: advertisement publisher PUB and advertiser just wideAdvertising matters to reach consensus and agree on the ID of the advertisement_ad；

The second step is that: user U_iAccess web pages of site MS while U_iThe browser plug-in uses an encryption CP-ABE scheme based on the attribute of the ciphertext policy to sign U_SigAfter being encrypted, the encrypted data is sent to the MS, and then the MS forwards the encrypted data to the PUB; specifically, the method comprises the following steps: user U_iAfter visiting the MS's web site, an access tree T is defined according to the type of advertisement in which it is interested, and the signature U is encrypted using the common parameters PP and CP-ABE encryption scheme_SigObtaining a ciphertext

l^s,C＝h^s,

Wherein, ts₁Is a user U_iEncrypted signature U_SigA time stamp of the time,

is a random number, h ═ g^β，

p_yIs a polynomial, p, represented by each node y in the access tree T_y(0) Is the value represented by the node y, att (y) is the attribute owned by a leaf node y in the access tree T;

c is secret information needing to be transmitted in the ciphertext CT; c_y、C'_yIs the auxiliary information when decrypting the CT; after obtaining the ciphertext CT, the user U_iThe browser plug-in sends the CT to the MS, and then the MS forwards the CT to different PUBs;

the third step: PUB generates decryption key according to attribute set S obtained in registration process by PUB and using MK in common parameter PP

Wherein,

is a random number; next, since the attribute set S { { PUB }, { Hat { [ coo { [ U ] } of the PUB satisfies the user U … } }_iAn access tree T is defined so that the PUB can decrypt the secret value represented by each leaf node x in the access tree using SK

After the PUB decrypts the secret values of all the leaf nodes, the PUB obtains the secret values represented by the parent nodes corresponding to the leaf nodes by using a Lagrangian difference formula; PUB recurses the process until a secret value represented by the root node R in the access tree T is obtained, which can be expressed as

Then PUB gets the plaintext

Finally, the PUB uses the public key PK of IMA_IMADecryption U_SigObtaining user U_iThe mask identity MUID is searched for a local database according to the MUID to obtain a digital portrait corresponding to the MUID, so that whether to participate in the advertisement bidding process of the MS is determined; d'_jIs a parameter in the decryption key SK, C_x' is a parameter in the ciphertext CT;

the fourth step: MS shows advertisement in its advertisement network and simultaneously puts PUBID, ADEID, PK_PUBAnd PK_ADEEmbedded in a display frame of the advertisement;

the fifth step: after a certain period, the MS sends the advertisement bidding information according to the periodAnd advertisement identification ID_adClassifying and sequencing to obtain the advertisement publishing result of

Where fe indicates that the PUB needs to be the user U_iThe cost paid to the MS by a single click of the advertisement; finally, the MS records the advertisement publishing result into the access behavior block chain ABB in a transaction form.

Further, step 3-2 user U_iClicking the online advertisement specifically realizes the following steps:

the first step is as follows: user U_iThe browser obtains PUBID, ADEID and PK from the advertisement display frame_PUBAnd PK_ADEInformation, then calculates the PUB authenticator

And ADE authenticator

Then, user U_iTime stamp ts embedded at this time₂Computing a PUB Security credential

And ADE Security Authenticator

The plug-in then connects user U_iClick information for advertisement

Sending to the MS;

the second step is that: MS Forwarding { ID_adM MS to the advertisement publisher PUB and store the ID locally_ad||M||MS||PUBID}；

The third step: after a certain period, MS follows the period and ID_adCategorizing local data ID_adM MS PUBID, and hash the classification result, and then the hash result { h (ID)_adAnd | M | MS | PUBID) } is recorded as an advertisement forwarding result and is recorded in an access behavior block chain ABB in a transaction form.

Further, step 4 includes PUB monitoring and fraud prevention, ADE monitoring and fraud prevention and MS monitoring and fraud prevention.

Further, the PUB monitors and prevents click fraud, and is specifically implemented as follows:

the first step is as follows: PUB uses its private key SK_PUBDecrypting the advertisement information M forwarded by the MS to obtain { U }_Sig||AuS_PUB||ts₂}, validate the timestamp ts₂To avoid replay attacks;

the second step is that: PUB uses IMA public key PK_IMASlave signature U_SigRecovery of h (IL)_U) And MUID, then calculates the PUB authenticator

The third step: PUB verification equation AuS'_PUB＝AuS_PUBIf the equation is true, the PUB counts all signature U_SigThe number of different MUIDs in the period is marked as n, and the value represents the effective advertisement click quantity in a certain period, which means that the PUB only needs to pay for the n advertisement clicks in the period; thereafter, PUB records the ad access behavior { ID ] of the MUID in its local database_ad||M||MUID||U_Sig||SA_PUB||ts₂||SA_ADEMS, fe, behavour }, where fe is PUB and is needed by user U_iThe fee paid to the MS by a single click of the advertisement, behavour being user U_iFor advertisement ID_adAccess behavior of (2);

the fourth step: after a certain period, the PUB follows the period and ID_adSorting, user U_iAdvertisement access result of { n | | ID_ad||h(MUID)_n||h(SA_PUB)_n||h(SA_ADE)_nRecord in Access behavior Block chain ABB, where h (MUID)_n、h(SA_PUB)_nAnd h (SA)_ADE)_nRespectively represent n MUIDs and n SAs_PUBAnd n SA_ADEResults of the respective hash.

Further, the ADE monitoring and click fraud prevention are specifically realized as follows:

the first step is as follows: ADE communicates with PUB to obtain user U_iOriginal access information to advertisements ID_ad||U_Sig||SA_ADEMS fe, then ADE uses the PUB public key PK_PUBEncrypted fe get

It is compared with the result recorded by MS in the access behavior block chain ABB

Comparing to avoid cheating fe by PUB;

the second step is that: ADE uses its own private key SK_ADEDecrypting SA_ADEObtaining AuS_ADE||ts₂Then verifying ts₂Timeliness to avoid replay attacks;

the third step: similar to the PUB, the ADE also uses the IMA public key PK_IMASlave signature U_SigRecovery of h (IL)_U) And MUID, then calculates ADE authenticator

ADE verification equation AuS'_ADE＝AuS_ADEIf it is true, if the equation isImmediately, ADE counts all signatures U_SigThe number of different MUIDs in the set is marked as n';

the fourth step: the ADE reads the result n of the PUB record from the access behavior block chain ABB, compares if n is true, and if the equation is true, the ADE pays the PUB for the n clicks.

Further, the MS monitors and prevents click fraud, which is specifically implemented as follows:

MS communicates with PUB to obtain AuS in all click information M_PUB||ts₂Then MS uses the public key PK of PUB_PUBOne-by-one encryption { AuS_PUB||ts₂Get the PUB security authentication symbol

After that, the MS reads from the local database

And compare equation SA'_PUB＝SA_PUBAnd if so, the MS receives the counting result of the PUB on the click rate.

The invention has the following beneficial effects:

in the registration, advertisement release and click fraud detection and prevention processes, the entity registration results are all recorded in the entity identity block chain; the relevant results of advertisement release, forwarding and access are recorded in the access behavior block chain, and the authenticity of click rate in the settlement process of the online advertisement system is ensured by utilizing the characteristic that the block chain cannot be tampered.

Drawings

FIG. 1 is a block chain based on-line advertisement click fraud monitoring and prevention system model diagram;

FIG. 2 is a flow diagram of a protocol for publishing an advertisement to a target user and enticing the user to click on the advertisement;

FIG. 3 is a flow diagram of an advertisement publisher click fraud detection and prevention protocol;

FIG. 4 is a flow diagram of an advertiser click fraud prevention protocol.

Detailed Description

The invention is further illustrated by the following figures and examples.

As shown in fig. 1, an online advertisement click fraud monitoring and prevention method based on a block chain includes an identity management authority, a user, an advertisement network, an advertisement publisher, an advertiser, an entity identity block chain and an access behavior block chain component, and each component has the following interaction steps:

1, initializing an identity management authority and an entity identity block chain in the process, and providing parameters for system entity registration; secondly, the user, the advertisement publisher and the advertiser initialize to generate a public and private key pair for registration,

1-1 identity management organization initialization: the identity management organization IMA firstly generates a public and private key PK of the identity management organization IMA_IMA/SK_IMAThe public key PK is published in the system_IMA(ii) a IMA defines attribute sets S { { PUB }, { Hat { [ Clouuthes { [ U ] Pants { [ U ] Shoes { [ U ] Food } … } according to the advertisement types of the PUB agents.

1-2 entity identity block chains EIB are all users U_iAdvertisement publisher PUB and advertiser ADE initialise system public parameters PP. The concrete implementation is as follows:

EIB is a large prime number p selected as an elliptic curve E_p(a, b) and an n-th order finite field E_pA lower base point P; next, IMA selects a bilinear group G with generator G and two random numbers

The following parameters were calculated: h is g^β,f＝g^1/β,l＝e(g,g)^α,MK＝(β,g^α) And forming a common parameter PP:

PP＝<E_p(a,b),P,G,g,h,e,f,l,MK>

wherein e is bilinear mapping function-Weil pairing algorithm. When IMA joins the EIB network, EIB sends this common parameter PP to IMA. Finally, the EIB generates a shared key X and distributes X to each IMA in divided sub-secrets using the Shamir (t, n) threshold secret sharing algorithm.

1-3 user U_iThe advertisement publisher PUB and the advertiser ADE respectively generate the public and private keys thereofRecorded as PK_U/SK_U，PK_PUB/SK_PUBAnd PK_ADE/SK_ADE。

2 the user, the advertisement publisher and the advertiser register the user with the identity management authority in advance, the advertisement publisher and the advertiser register with the identity management authority in advance and obtain the identity and the identity licensor to carry out the next step, wherein the user also obtains the signature of the information related to the identity of the user, the advertisement publisher also obtains the attribute information related to the identity of the advertisement publisher,

2-1 user U_iAnd registering with IMA. First, IMA collects user U_iThe fingerprint is digitized to obtain corresponding digitized information, a group of unique code segments are selected and recombined from a local code base according to the digitized information, then the code segments are subjected to hash processing to obtain corresponding hash values, and the hash values are used as user U_iThe real identity of UID. After that, IMAs recover the shared secret X using Shamir (t, n) threshold secret sharing algorithm, and then calculate the user U_iIdentity permission IL of_UUID · h (x) ·p, mask identity MUID ═ UID · P, and signature

Then IMA will information

Is sent to user U_iThe browser plug-in of (1), wherein PP is a common parameter generated by EIB initialization.

Secondly, IMA records information h (UID) in EIB block chain for asking user U when click fraud occurs_i。

The 2-2 ad publisher PUB registers with IMA. Firstly, IMA generates an identity PUBID and an attribute set S { { PUB }, { Hat @ Food @ … } } for the PUB according to the advertisement type proxied by the PUB, and then uses Shamir (t, n) threshold secret sharing algorithm to recover a shared key X, and then counts upCalculating identity permissions IL for Ad publishers PUBs_PUBPUBID h (x) P, then IMA will information

And sending the parameters to the advertisement publisher PUB, wherein PP is a common parameter generated by EIB initialization.

In a second step, IMA records information h (PUBID) in the EIB blockchain, which is used to supervise the advertisement publisher PUB when click fraud occurs.

The 2-3 advertiser ADE registers with IMA. Firstly, IMA generates an identity ADEID for ADE according to the advertisement type required to be released by ADE, then IMA recovers a shared key X by using Shamir (t, n) threshold secret sharing algorithm, and then calculates an identity permission IL of an advertiser ADE_ADEADEID.h (X) P, and then IMA will transmit the information

Sent to the advertiser ADE, where PP is the common parameter generated by EIB initialization.

Second, IMA records information h (adeid) in the EIB blockchain to audit the advertiser ADE when click fraud occurs.

3 advertisement publisher and site publish advertisement to target user to attract user click on the advertisement: the advertisement publisher PUB publishes the advertisement to the target user U through the advertisement bidding process of the site MS_iTo obtain a higher reward; thereafter, the user U_iClick on an advertisement of interest to it; the protocol flow for publishing an advertisement to a target user and attracting the user to click on the advertisement is shown in fig. 2.

3-1 the advertisement publisher publishes the online advertisement. First, the advertisement publisher PUB and the advertiser agree on the advertisement placement matter, and the identity of the agreed advertisement is ID_ad。

Second, user U_iAccess to the web page of the station MS, while U_iThe browser plug-in uses ciphertext-policy attribute-based encryption (CP-AB)E) Scheme will sign U_SigEncrypted and sent to the MS, which then forwards it to the PUB. In particular, user U_iAfter visiting the MS's web site, an access tree T is defined according to the type of advertisement in which it is interested, and the signature U is encrypted using the common parameters PP and CP-ABE scheme_SigObtaining a ciphertext

C＝h^s,

Wherein, ts₁Is a user U_iEncrypted signature U_SigThe time stamp of the time of day,

is a random number, p_yIs a polynomial represented by each node y in the access tree T, and att (y) is an attribute owned by a leaf node y in the access tree T. After obtaining the ciphertext CT, the user U_iThe browser plug-in sends the CT to the MS, which then forwards it to a different PUB.

The third step: PUB generates decryption key according to attribute set S obtained in registration process by PUB and using MK in common parameter PP

Wherein,

is a random number; next, since the attribute set S { { PUB }, { Hat { [ coo { [ U ] } of the PUB satisfies the user U … } }_iAn access tree T is defined so that the PUB can decrypt the secret value represented by each leaf node x in the access tree using SK

After the PUB decrypts the secret values of all the leaf nodes, the PUB obtains the secret values represented by the parent nodes corresponding to the leaf nodes by using a Lagrangian difference formula; PUB recurses the process until a secret value represented by the root node R in the access tree T is obtained, which can be expressed as

Then PUB gets the plaintext

Finally, the PUB uses the public key PK of IMA_IMADecryption U_SigObtaining user U_iThe mask identity MUID is searched for a local database according to the MUID to obtain a digital portrait corresponding to the MUID, so that whether to participate in the advertisement bidding process of the MS is determined; d'_jIs a parameter in the decryption key SK, C_x' is a parameter in the ciphertext CT.

Fourthly, the MS displays the advertisement in the advertisement network and simultaneously displays PUBID, ADEID and PK_PUBAnd PK_ADEEmbedded in the display frame of the advertisement.

Fifthly, after a certain period, the MS enables the advertisement bidding information to be according to the period and the advertisement identification ID_adClassifying and sequencing to obtain the advertisement publishing result of

Wherein fe is PUB and needs to be user U_iThe MS pays the MS for a single advertisement click, and finally, the MS records the advertisement distribution result in the access behavior blockchain ABB in the form of a transaction.

3-2 user U_iClick on the online advertisement. First, user U_iThe browser obtains PUBID, ADEID and PK from the display frame_PUBAnd PK_ADEInformation, then calculates the PUB authenticator

And ADE authenticator

Then, U_iTime stamp ts embedded at this time₂Computing a PUB Security credential

And ADE Security Authenticator

The plug-in then connects user U_iClick information for advertisement

And sending to the MS.

Second, MS forwards { ID_adM MS to the advertisement publisher PUB and store the ID locally_ad||M||MS||PUBID}。

Step three, after a certain period, MS follows the period and ID_adCategorizing local data ID_adM MS PUBID, and hash the classification result, and then the hash result { h (ID)_adAnd | M | MS | PUBID) } is recorded as an advertisement forwarding result and recorded in the access behavior block chain ABB.

4-click fraud monitoring and prevention: after the advertisement is displayed, the PUB, ADE and MS need to monitor and prevent click fraud;

4-1PUB click fraud monitoring and prevention, a PUB click fraud monitoring and prevention protocol flow diagram is shown in FIG. 3. In a first step, the PUB uses its private key SK_PUBDecrypting the advertisement information M forwarded by the MS to obtain { U }_Sig||AuS_PUB||ts₂}, validate the timestamp ts₂To avoid replay attacks.

Second, the PUB uses the IMA public key PK_IMASlave signature U_SigRecovery of h (IL)_U) And MUID, then calculates the PUB authenticator

Third, PUB verifies equation AuS'_PUB＝AuS_PUBIf the equation is true, the PUB counts all signature U_sigThe number of different MUIDs is marked as n, the value represents the effective advertisement click quantity in a certain period, which means that in the period, the PUB only needs to pay for the n advertisement clicks, and then the PUB records the advertisement access behavior { ID of the MUID in a local database_ad||M||MUID||U_Sig||SA_PUB||ts₂||SA_ADEMS, fe, behavour }, where fe is PUB and is needed by user U_iThe fee paid to the MS by a single click of the advertisement, behavour being user U_iFor advertisement ID_adThe access behavior of.

Fourthly, after a certain period, the PUB follows the period and the ID_adSorting, user U_iAdvertisement access result of { n | | ID_da||h(MUID)_n||h(SA_PUB)_n||h(SA_ADE)_nRecord in Access behavior Block chain ABB, where h (MUID)_n、h(SA_PUB)_nAnd h (SA)_ADE)_nRespectively represent n MUIDs and n SAs_PUBAnd n SA_ADEResults of the respective hash.

4-2ADE monitoring and fraud prevention on click fraud, a flow chart for the ADE monitoring and fraud prevention on click fraud protocol is shown in fig. 4. First, ADE communicates with PUB to obtain user U_iOriginal access information to advertisements ID_ad||U_Sig||SA_ADEMS fe, then ADE uses the PUB public key PK_PUBEncrypted fe get

It is compared with the result recorded by MS in the access behavior block chain ABB

The comparison is used for avoiding the price cheating of the PUB.

Second, ADE uses its own private key SK_ADEDecrypting SA_ADEObtaining AuS_ADE||ts₂Then verifying ts₂To avoid replay attacks.

Third, similar to the PUB, the ADE also uses the IMA public key PK_IMASlave signature U_SigRecovery of h (IL)_U) And MUID, then calculates ADE authenticator

ADE verification equation AuS'_ADE＝AuS_ADEIf true, ADE counts all signatures U if the equation is true_SigThe number of MUIDs in (1) is denoted as n'.

And fourthly, the ADE reads the result n of the PUB record from the access behavior block chain ABB, compares whether n is equal to n' or not, and if the equation is satisfied, the ADE pays the PUB fee for the n clicks.

4-3MS monitors and prevents click fraud. MS communicates with PUB to acquire AuS in all M_PUB||ts₂Then MS uses the public key PK of PUB_PUBOne-by-one encryption { AuS_PUB||ts₂Get the PUB security authentication symbol

After that, the MS reads from the local database

And compareEquality SA'_PUB＝SA_PUBAnd if so, the MS receives the counting result of the PUB on the click rate.

Claims (9)

1. An online advertisement click fraud monitoring and preventing method based on a block chain is characterized by comprising seven components of an identity management organization, a user, an advertisement network, an advertisement publisher, an advertiser, an entity identity block chain and an access behavior block chain, wherein the interaction steps of the components are as follows:

step 1, initializing a system; respectively initializing an identity management authority, an entity identity block chain, a user, an advertisement publisher and an advertisement main to generate parameters required by the system;

step 2, the user, the advertisement publisher and the advertiser register with an identity management organization respectively; acquiring respective identity marks and identity licenses to prove authenticity and legality of the user; the user also obtains the signature of the identity related information after the process, and the advertisement publisher also obtains the identity related attribute information; after a certain period, the identity management organization writes an entity registration result into the entity identity block chain, and stores the identity identification information of the user, the advertisement publisher and the advertiser into the entity identity block chain in a transaction form;

step 3, advertisement publishing;

3-1, an advertisement publisher publishes online advertisements: when a user accesses an advertisement network, encrypted user identity information needs to be sent to a website in the advertisement network, and then the website forwards the information to each advertisement publisher; according to the information, advertisement publishers participate in the advertisement bidding process of the website, and then the website publishes online advertisements which bid successfully in the advertisement network managed by the website; after a certain period, the website in the advertisement network writes the advertisement publishing result into the access behavior block chain: storing the advertisement identification, the encrypted bidding cost, the site identification and the advertisement publisher identification information into an access behavior block chain in a transaction form;

3-2, clicking the online advertisement by the user: the user clicks the interested advertisement in the advertisement network, the user embeds the identity permission to generate advertisement click information, the advertisement click information is sent to the site, and the site forwards the information to the advertisement publisher of the advertisement; after a certain period, the site in the advertisement network writes the advertisement forwarding result into the access behavior block chain: performing hash processing on the advertisement, the advertisement click information of the user, the site identification and the advertisement publisher identification information, and then storing a hash result into an access behavior block chain in a transaction form;

step 4, click fraud monitoring and prevention;

4-1, advertisement publisher monitoring and click fraud prevention: the advertisement publisher decrypts the advertisement click information by using the private key of the advertisement publisher, and then verifies the advertisement click information by combining the identity permission of the advertisement publisher and the identity permission in the click information so as to complete monitoring and prevention of malicious click fraud;

4-2, advertiser monitoring and click fraud prevention: the advertisement master-slave advertisement publisher obtains part of the invariable parameters in the advertisement click information, decrypts the part of the parameters by using a private key of the advertisement master-slave advertisement publisher, and then verifies the parameters by combining the identity permission of the advertisement master-slave advertisement publisher and the identity permission in the decryption result so as to complete monitoring and prevention of malicious click fraud;

4-3, site monitoring and click fraud prevention: site monitoring and click fraud prevention in advertising networks; the website obtains the private key decryption result of the advertisement publisher of the click information from the advertisement publisher, encrypts the decryption result by using the public key of the advertisement publisher, and then compares the decryption result with the advertisement forwarding result in the access behavior block chain to complete monitoring and prevention of malicious click fraud.

2. The method for detecting and preventing fraud in advertisement clicking online based on block chain as claimed in claim 1, wherein the system initialization in step 1 is an identity authority and entity identity block chain EIB initialization providing parameters for system entity registration; the user, the advertisement publisher and the advertiser are initialized to provide a public and private key pair for registration, and the method is specifically realized as follows:

1-1, initializing an identity management authority: the identity management organization IMA firstly generates a self public and private key PK_IMA/SK_IMAIn the system, a publicationKey PK_IMA(ii) a IMA defines an attribute set S { { PUB }, { Hat { [ Clouuthes { [ Conts { [ Counts } Coues } Food } according to an advertisement type of an advertisement publisher PUB agent; wherein Hat, Clouthes, Pants, Shoes and Food are attribute labels;

1-2. entity identity Block chains EIB for all users U_iThe public parameter PP of the system is initialized by the advertisement publisher PUB and the advertiser ADE, and the method is specifically realized as follows:

EIB selects a large prime number p and an elliptic curve E_p(a, b) and an n-th order finite field E_pA lower base point P; then IMA selects a bilinear group G with a generator G and two random numbers

The following parameters were calculated: h is g^β，f＝g^1/β，l＝e(g，g)^α，MK＝(β，g^α) And forming a common parameter PP:

PP＝<E_p(a，b)，P，G，g，h，e，f，l，MK>

wherein e is bilinear mapping function-Weil pairing algorithm; when the IMA joins the EIB network, the EIB sends the public parameter PP to the IMA; finally, the EIB generates a shared secret key X and distributes the X to each IMA by dividing the X into a plurality of sub-secrets by using a Shamir (t, n) threshold secret sharing algorithm;

1-3. user U_iThe advertisement publisher PUB and the advertiser ADE respectively generate their public and private keys, which are respectively recorded as PK_U/SK_U，PK_PUB/SK_PUBAnd PK_ADE/SK_ADE。

3. The blockchain-based online advertisement click fraud monitoring and prevention method of claim 1, wherein a user U is a user_iThe advertisement publisher PUB and the advertiser ADE can all register with the identity management organization IMA in advance and can carry out the next step after obtaining the identity identification and the identity permission, wherein U_iAnd further obtaining a signature of the identity related information, and obtaining attribute information related to the identity by the advertisement publisher PUB, wherein the specific implementation is as follows:

2-1. user U_iRegistering with IMA;

the first step is as follows: IMA Collection to user U_iThe fingerprint is digitized to obtain corresponding digitized information, a group of unique code segments are selected and recombined from a local code library according to the digitized information of the fingerprint, then the code segments are subjected to hash processing to obtain corresponding hash values, and the hash values are used as user U_iThe real identity UID of; after that, IMAs recover the shared secret X using Shamir (t, n) threshold secret sharing algorithm, and then calculate the user U_iIdentity permission IL of_UUID · h (x) ·p, mask identity MUID ═ UID · P, and signature

Then IMA will information

Is sent to user U_iIn the browser plug-in of (1), where PP is a common parameter generated by EIB initialization, h (IL)_U) Representation pair IL_UThe hash process is carried out to carry out the hash process,

representing IMA versus content h (IL)_U) I MUID uses the private key SK_IMAThe signature is carried out and the signature is carried out,

representing U versus UID IL_U||U_SigThe | PP uses the public key PK_UEncrypting;

the second step is that: IMA hashes the information UID and then records the hash result h (UID) in the EIB blockchain, and is used for accountability of the user U when click fraud occurs_i；

2-2, registering the advertisement publisher PUB with the IMA;

the first step is as follows: IMA generates an identity PUBID and an attribute set S { { PUB }, { Hat @ U Food @ U.S. } } for the PUB according to the advertisement type proxied by the PUB, and then IMAs use Shamir (t, n)Recovering the shared secret key X by a threshold secret sharing algorithm, and then calculating the identity permission IL of the advertisement publisher PUB_PUBPUBID h (x) P, then IMA will information

Sending the advertisement to the advertisement publisher PUB;

the second step is that: IMA hashes the information PUBID, records the result h (PUBID) in the EIB block chain, and monitors the PUB of the advertisement publisher when click fraud occurs;

2-3, registering an ADE to the IMA;

the first step is as follows: IMA generates identity ADEID for ADE according to advertisement type required to be released by ADE, then IMA recovers shared key X by using Shamir (t, n) threshold secret sharing algorithm, and then calculates identity permission IL of advertiser ADE_ADEADEID.h (X) P, and then IMA will transmit the information

Sending to the advertiser ADE;

the second step is that: IMA records information h (adeid) in the EIB blockchain for auditing the advertiser ADE when click fraud occurs.

4. The block chain-based online advertisement click fraud monitoring and preventing method according to claim 3, wherein the advertisement distribution is characterized in that the advertisement distributor distributes online advertisements in step 3-1, and the implementation is as follows:

the first step is as follows: the advertisement publisher PUB and the advertiser agree on the advertisement delivery affairs and agree on the identity ID of the advertisement_ad；

The second step is that: user U_iAccess web pages of site MS while U_iThe browser plug-in uses an encryption CP-ABE scheme based on the attribute of the ciphertext policy to sign U_SigAfter being encrypted, the encrypted data is sent to the MS, and then the MS forwards the encrypted data to the PUB; specifically, the method comprises the following steps: user U_iAfter visiting the MS's web site, an access tree T is defined according to the type of advertisement in which it is interested, encrypted using the common parameters PP and CP-ABE encryption schemeSignature U_SigObtaining a ciphertext

C＝h^s，

Wherein, ts₁Is a user U_iEncrypted signature U_SigA time stamp of the time,

is a random number, h ═ g^β，l，g，

p_yIs a polynomial, p, represented by each node y in the access tree T_y(0) Is the value represented by the node y, att (y) is the attribute owned by a leaf node y in the access tree T;

c is secret information needing to be transmitted in the ciphertext CT; c_y、C′_yIs the auxiliary information when decrypting the CT; after obtaining the ciphertext CT, the user U_iThe browser plug-in sends the CT to the MS, and then the MS forwards the CT to different PUBs;

the third step: PUB generates decryption key according to attribute set S obtained in registration process by PUB and using MK in common parameter PP

Wherein,

is a random number; next, since the attribute set S { { PUB }, { Hat { [ coo { } satisfies the user U, the attribute set S { { PUB }, { Hat { [ coo } satisfies the user U_iAn access tree T is defined so that the PUB can decrypt the secret value represented by each leaf node x in the access tree using SK

After the PUB decrypts the secret values of all the leaf nodes, the PUB obtains the secret values represented by the parent nodes corresponding to the leaf nodes by using a Lagrangian difference formula; PUB recurses the process until a secret value represented by the root node R in the access tree T is obtained, which can be expressed as

Then PUB gets the plaintext

Finally, the PUB uses the public key PK of IMA_IMADecryption U_SigObtaining user U_iThe mask identity MUID is searched for a local database according to the MUID to obtain a digital portrait corresponding to the MUID, so that whether to participate in the advertisement bidding process of the MS is determined; d'_jIs a parameter in the decryption key SK, C_x' is a parameter in the ciphertext CT;

the fourth step: MS shows advertisement in its advertisement network and simultaneously puts PUBID, ADEID, PK_PUBAnd PK_ADEEmbedded in a display frame of the advertisement;

the fifth step: after a certain period, MS sends the advertisement bidding information according to the period and the advertisement identification ID_adCarry out classification and sequencing to obtain the productThe result of the announcement is

Where fe indicates that the PUB needs to be the user U_iThe cost paid to the MS by a single click of the advertisement; finally, the MS records the advertisement publishing result into the access behavior block chain ABB in a transaction form.

5. The block chain based online advertisement click fraud monitoring and prevention method according to claim 3 or 4, wherein advertisement distribution is characterized by step 3-2 user U_iClicking the online advertisement specifically realizes the following steps:

the first step is as follows: user U_iThe browser obtains PUBID, ADEID and PK from the advertisement display frame_PUBAnd PK_ADEInformation, then calculates the PUB authenticator

And ADE authenticator

Then, user U_iTime stamp ts embedded at this time₂Computing a PUB Security credential

And ADE Security Authenticator

The plug-in then connects user U_iClick information for advertisement

Sending to the MS;

the second step is that: MS Forwarding { ID_adM MS to the advertisement publisher PUB and store the ID locally_ad||M||MS||PUBID}；

The third step: after a certain period, MS follows the period and ID_adCategorizing local data ID_adM MS PUBID, and hash the classification result, and then the hash result { h (ID)_adAnd | M | MS | PUBID) } is recorded as an advertisement forwarding result and is recorded in an access behavior block chain ABB in a transaction form.

6. The method for monitoring and preventing block chain-based online advertisement click fraud according to claim 5, characterized by comprising a first step of PUB monitoring and preventing click fraud; second, ADE monitors and prevents click fraud; third, the MS monitors and guards against click fraud.

7. The method for monitoring and preventing block chain-based online advertisement click fraud according to claim 6, wherein the PUB monitoring and preventing click fraud is implemented as follows:

the first step is as follows: PUB uses its private key SK_PUBDecrypting the advertisement information M forwarded by the MS to obtain { U }_Sig||AuS_PUB||ts₂}, validate the timestamp ts₂To avoid replay attacks;

the second step is that: PUB uses IMA public key PK_IMASlave signature U_SigRecovery of h (IL)_U) And MUID, then calculates the PUB authenticator

The third step: PUB verification equation AuS'_PUB＝AuS_PUBIf the equation is true, the PUB counts all signature U_SigThe number of different MUIDs in the period is marked as n, and the value represents the effective advertisement click quantity in a certain period, which means that the PUB only needs to pay for the n advertisement clicks in the period; thereafter, PUB records the ad access behavior { ID ] of the MUID in its local database_ad||M||MUID||U_Sig||SA_PUB||ts₂||SA_ADEMS, fe, behavour }, where fe is PUB and is needed by user U_iThe fee paid to the MS by a single click of the advertisement, behavour being user U_iFor advertisement ID_adAccess behavior of (2);

the fourth step: after a certain period, the PUB follows the period and ID_adSorting, user U_iAdvertisement access result of { n | | ID_ad||h(MUID)_n||h(SA_PUB)_n||h(SA_ADE)_nRecord in Access behavior Block chain ABB, where h (MUID)_n、h(SA_PUB)_nAnd h (SA)_ADE)_nRespectively represent n MUIDs and n SAs_PUBAnd n SA_ADEResults of the respective hash.

8. The block chain-based online advertisement click fraud monitoring and preventing method according to claim 6, wherein the ADE monitoring and click fraud prevention is implemented as follows:

the first step is as follows: ADE communicates with PUB to obtain user U_iOriginal access information to advertisements ID_ad||U_Sig||SA_ADEMS fe, then ADE uses the PUB public key PK_PUBEncrypted fe get

It is compared with the result recorded by MS in the access behavior block chain ABB

Comparing to avoid cheating fe by PUB;

the second step is that: ADE uses its own private key SK_ADEDecrypting SA_ADEObtaining AuS_ADE||ts₂Then verifying ts₂Timeliness to avoid replay attacks;

the third step: similar to the PUB, the ADE also uses the IMA public key PK_IMASlave signature U_SigRecovery of h (IL)_U) And MUID, then calculates ADE authenticator

ADE verification equation AuS'_ADE＝AuS_ADEIf true, ADE counts all signatures U if the equation is true_SigThe number of different MUIDs in (d), which is denoted as n':

the fourth step: the ADE reads the result n of the PUB record from the access behavior block chain ABB, compares if n is true, and if the equation is true, the ADE pays the PUB for the n clicks.

9. The method for monitoring and preventing block chain-based online advertisement click fraud according to claim 6, wherein the MS monitors and prevents click fraud by specifically implementing the following:

MS communicates with PUB to obtain AuS in all click information M_PUB||ts₂Then MS uses the public key PK of PUB_PUBOne-by-one encryption { AuS_PUB||ts₂Get the PUB security authentication symbol

After that, the MS reads from the local database

And compare equation SA'_PUB＝SA_PUBAnd if so, the MS receives the counting result of the PUB on the click rate.

Images