Tracing Information Flows Between Ad Exchanges Using Retargeted

Total Page:16

File Type:pdf, Size:1020Kb

Tracing Information Flows Between Ad Exchanges Using Retargeted Tracing Information Flows Between Ad Exchanges Using Retargeted Ads Muhammad Ahmad Bashir, Sajjad Arshad, William Robertson, and Christo Wilson, Northeastern University https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/bashir This paper is included in the Proceedings of the 25th USENIX Security Symposium August 10–12, 2016 • Austin, TX ISBN 978-1-931971-32-4 Open access to the Proceedings of the 25th USENIX Security Symposium is sponsored by USENIX Tracing Information Flows Between Ad Exchanges Using Retargeted Ads Muhammad Ahmad Bashir Sajjad Arshad William Robertson Northeastern University Northeastern University Northeastern University [email protected] [email protected] [email protected] Christo Wilson Northeastern University [email protected] Abstract geted based on sensitive Personally Identifiable Informa- tion (PII) [44, 4] or specific kinds of browsing history Numerous surveys have shown that Web users are con- (e.g., visiting medical websites) [41]. Furthermore, some cerned about the loss of privacy associated with online users are universally opposed to online tracking, regard- tracking. Alarmingly, these surveys also reveal that peo- less of circumstance [46, 60, 14]. ple are also unaware of the amount of data sharing that occurs between ad exchanges, and thus underestimate the One particular concern held by users is their digi- privacy risks associated with online tracking. tal footprint [33, 65, 58], i.e., which first- and third- In reality, the modern ad ecosystem is fueled by a flow parties are able to track their browsing history Large- of user data between trackers and ad exchanges. Al- scale web crawls have repeatedly shown that trackers are though recent work has shown that ad exchanges rou- ubiquitous [24, 19], with DoubleClick alone being able tinely perform cookie matching with other exchanges, to observe visitors on 40 of websites in the Alexa Top- these studies are based on brittle heuristics that cannot 100K [11]. These results paint a picture of a balkanized detect all forms of information sharing, especially under web, where trackers divide up the space and compete for adversarial conditions. the ability to collect data and serve targeted ads. In this study, we develop a methodology that is able However, this picture of the privacy landscape is at to detect client- and server-side flows of information be- odds with the current reality of the ad ecosystem. Specif- tween arbitrary ad exchanges. Our key insight is to lever- ically, ad exchanges routinely perform cookie matching age retargeted ads as a tool for identifying information with each other, to synchronize unique identifiers and flows. Intuitively, our methodology works because itre- share user data [2, 54, 21]. Cookie matching is a pre- lies on the semantics of how exchanges serve ads, rather condition for ad exchanges to participate in Real Time than focusing on specific cookie matching mechanisms. Bidding (RTB) auctions, which have become the domi- Using crawled data on 35,448 ad impressions, we show nant mechanism for buying and selling advertising inven- that our methodology can successfully categorize four tory from publishers. Problematically, Hoofnagle et al. different kinds of information sharing behavior between report that users navely believe that privacy policies pre- ad exchanges, including cases where existing heuristic vent companies from sharing user data with third-parties, methods fail. which is not always the case [32]. We conclude with a discussion of how our findings and methodologies can be leveraged to give users more Despite user concerns about their digital footprint, we control over what kind of ads they see and how their in- currently lack the tools to fully understand how informa- formation is shared between ad exchanges. tion is being shared between ad exchanges. Prior empiri- cal work on cookie matching has relied on heuristics that look for specific strings in HTTP messages to identify 1 Introduction flows between ad networks [2, 54, 21]. However, these heuristics are brittle in the face of obfuscation: for exam- People have complicated feelings with respect to online ple, DoubleClick cryptographically hashes their cookies behavioral advertising. While surveys have shown that before sending them to other ad networks [1]. More fun- some users prefer relevant, targeted ads to random, un- damentally, analysis of client-side HTTP messages are targeted ads [60, 14], this preference has caveats. For insufficient to detect server-side information flows be- example, users are uncomfortable with ads that are tar- tween ad networks. 1 USENIX Association 25th USENIX Security Symposium 481 In this study, we develop a methodology that is able users, that also enable publishers to earn revenue. Sur- to detect client- and server-side flows of information be- veys have shown that users are not necessarily opposed tween arbitrary ad exchanges that serve retargeted ads. to online ads: some users are just opposed to track- Retargeted ads are the most specific form of behavioral ing [46, 60, 14], while others simply desire more nu- ads, where a user is targeted with ads related to the exact anced control over their digital footprint [4, 41]. How- products she has previously browsed (see § 2.2 for defi- ever, existing tools (e.g., browser extensions) cannot dis- nition). For example, Bob visits nike.com and browses tinguish between targeted and untargeted ads, thus leav- for running shoes but decides not to purchase them. Bob ing users with no alternative but to block all ads. Con- later visits cnn.com and sees an ad for the exact same versely, our results open up the possibility of building running shoes from Nike. in-browser tools that just block cookie matching, which Our key insight is to leverage retargeted ads as a mech- will effectively prevent most targeted ads from RTB auc- anism for identifying information flows. This is possi- tions, while still allowing untargeted ads to be served. ble because the strict conditions that must be met for a Open Source. As a service to the community, we retarget to be served allow us to infer the precise flow have open sourced all the data from this project. This of tracking information that facilitated the serving of the includes over 7K labeled behaviorally targeted and retar- ad. Intuitively, our methodology works because it relies geted ads, as well as the inclusion chains and full HTTP on the semantics of how exchanges serve ads, rather than traces associated with these ads. The data is available at: focusing on specific cookie matching mechanisms. To demonstrate the efficacy of our methodology, we http://personalization.ccs.neu.edu/ conduct extensive experiments on real data. We train 90 personas by visiting popular e-commerce sites, and then 2 Background and efinitions crawl major publishers to gather retargeted ads [9, 12]. Our crawler is an instrumented version of Chromium that In this section, we set the stage for our study by providing records the inclusion chain for every resource it encoun- background about the online display ad industry, as well ters [5], including 35,448 chains associated with 5,102 as defining key terminology. We focus on techniques and unique retargeted ads. We use carefully designed pattern terms related to Real Time Bidding and retargeted ads, matching rules to categorize each of these chains, which since they are the focus of our study. reveal 1) the pair of ad exchanges that shared informa- tion in order to serve the retarget, and 2) the mechanism 2.1 Online isplay dvertising used to share the data (e.g., cookie matching). In summary, we make the following contributions: Online display advertising is fundamentally a matching We present a novel methodology for identifying problem. On one side are publishers (e.g., news web- • information flows between ad networks that is sites, blogs, etc.) who produce content, and earn revenue content- and ad exchange-agnostic. Our methodol- by displaying ads to users. On the other side are adver- ogy allows to identify four different categories of in- tisers who want to display ads to particular users (e.g., formation sharing between ad exchanges, of which based on demographics or market segments). Unfortu- cookie matching is one. nately, the online user population is fragmented across hundreds of thousands of publishers, making it difficult Using crawled data, we show that the heuristic • for advertisers to reach desired customers. methods used by prior work to analyze cookie Ad networks bridge this gap by aggregating inventory matching are unable to identify 31 of ad exchange from publishers (i.e., space for displaying ads) and fill- pairs that share data. ing it with ads from advertisers. Ad networks make it Although it is known that Google’s privacy policy • possible for advertisers to reach a broad swath of users, allows it to share data between its services [26], while also guaranteeing a steady stream of revenue for we provide the first empirical evidence that Google publishers. Inventory is typically sold using a Cost per uses this capability to serve retargeted ads. Mille (CPM) model, where advertisers purchase blocks Using graph analysis, we show how our data can of 1000 impressions (views of ads), or a Cost per Click • be used to automatically infer the roles played (CPC) model, where the advertiser pays a small fee each by different ad exchanges (e.g., Supply-Side and time their ad is clicked by a user. Demand-Side Platforms). These results expand d Exchanges and Auctions. Over time, ad net- upon prior work [25] and facilitate a more nuanced works are being supplanted by ad exchanges that rely understanding of the online ad ecosystem. on an auction-based model. In Real-time Bidding (RTB) Ultimately, we view our methodology as a stepping exchanges, advertisers bid on individual impressions, in stone towards more balanced privacy protection tools for real-time; the winner of the auction is permitted to serve 2 482 25th USENIX Security Symposium USENIX Association 1) Impression 2) RTB Ads & $$$ 3) Ad User Publisher SSP Ad Exchange DSPs Advertisers Figure 1: The display advertising ecosystem.
Recommended publications
  • Adscape: Harvesting and Analyzing Online Display Ads
    Adscape: Harvesting and Analyzing Online Display Ads Paul Barford Igor Canadi Darja Krushevskaja University of University of Rutgers University Wisconsin-Madison Wisconsin-Madison [email protected] [email protected] [email protected] Qiang Ma S. Muthukrishnan Rutgers University Rutgers University [email protected] [email protected] ABSTRACT online users and the increasing amount of time that peo- Over the past decade, advertising has emerged as the pri- ple spend online has led to an estimated $36B in online ad mary source of revenue for many web sites and apps. In spending in the US for FY2012, which represents an 15% this paper we report a first-of-its-kind study that seeks to increase over the previous year [2]. The majority of this broadly understand the features, mechanisms and dynamics spending is on advertising that most commonly appears in of display advertising on the web - i.e., the Adscape. Our search results as text ads. There is, however, a growing pref- study takes the perspective of users who are the targets of erence for display ads | typically image and video ads that display ads shown on web sites. We develop a scalable crawl- appear in response to users' browsing and other activities ing capability that enables us to gather the details of dis- on the web | that can convey more robust and visual mes- play ads including creatives and landing pages. Our crawling sages to users. A recent report by Forrester estimates that strategy is focused on maximizing the number of unique ads $12.7B was spent in the US on display and video advertising harvested.
    [Show full text]
  • Privacy Leakage in Personalized Mobile In-App Ads
    The Price of Free: Privacy Leakage in Personalized Mobile In-App Ads Wei Meng, Ren Ding, Simon P. Chung, Steven Han, and Wenke Lee College of Computing Georgia Institute of Technology {wei, rding, pchung34, s.han}@gatech.edu, [email protected] Abstract—In-app advertising is an essential part of the ecosys- always a concern. While ad personalization has been well tem of free mobile applications. On the surface, this creates a studied for web, relatively little research explores mobile ad win-win situation where app developers can profit from their personalization in terms of what user information is being work without charging the users. However, as in the case of collected. We believe research focused on mobile ad personal- web advertising, ad-networks behind in-app advertising employ ization is a significant pursuit for the following reasons: 1) personalization to improve the effectiveness/profitability of their Mobile devices are a lot more intimate to users; they are ad-placement. This need for serving personalized advertisements in turn motivates ad-networks to collect data about users and carried around at all times and are being used more and more profile them. As such, “free” apps are only free in monetary for sensitive operations like personal communications, dating, terms; they come with the price of potential privacy concerns. banking, etc. Therefore, privacy concerns regarding what infor- The question is, how much data are users giving away to pay for mation is collected for ad personalization are more serious. 2) “free apps”? Unlike in-browser advertising, where the advertisement content is strictly isolated from the rest of the displayed page by the In this paper, we study how much of the user’s interest and demographic information is known to these major ad networks well-known “same origin policy”, in-app advertising operates on the mobile platform.
    [Show full text]
  • Microsoft Acquires Massive, Inc
    S T A N F O R D U N I V E R S I T Y! 2 0 0 7 - 3 5 3 - 1! W W W . C A S E W I K I . O R G! R e v . M a y 2 9 , 2 0 0 7 MICROSOFT ACQUIRES MASSIVE, INC. May 4th, 2006 T A B L E O F C O N T E N T S 1. Introduction 2. Industry Overview 2.1. The Advertising Opportunity Within Video Games 2.2. Market Size and Demographics 2.3. Video Games and Advertising 2.4. Market Dynamics 3. Massive, Inc. ! Company Background 3.1. Founding of Massive 3.2. The Financing of Massive 3.3. Product Launch / Technology 3.4. The Massive / Microsoft Deal 4. Microsoft, Inc. within the Video Game Industry 4.1. Role as a Game Publisher / Developer 4.2. Acquisitions 4.3. Role as an Electronic Advertising Network 4.4. Statements Regarding the Acquisition of Massive, Inc. 5. Exhibits 5.1. Table of Exhibits 6. References ! 2 0 0 7 - 3 5 3 - 1! M i c r o s o f t A c q u i s i t i o n o f M a s s i v e , I n c .! I N T R O D U C T I O N In May 2007, Microsoft Corporation was a company in transition. Despite decades of dominance in its core markets of operating systems and desktop productivity software, Mi! crosoft was under tremendous pressure to create strongholds in new market spaces.
    [Show full text]
  • Observing and Optimizing Online Ad Assignments
    OBSERVING AND OPTIMIZING ONLINE AD ASSIGNMENTS BY DARJA KRUŠEVSKAJA A dissertation submitted to the Graduate School—New Brunswick Rutgers, The State University of New Jersey in partial fulfillment of the requirements for the degree of Doctor of Philosophy Graduate Program in Computer Science Written under the direction of S. Muthukrishnan and approved by New Brunswick, New Jersey October, 2015 ABSTRACT OF THE DISSERTATION Observing and Optimizing Online Ad Assignments by Darja Kruševskaja Dissertation Director: S. Muthukrishnan The main focus of this thesis work is on optimization and observation of ad assignments in online ad markets. Online ad markets allocate billions of impressions to advertisers while satisfying an array of constraints. Their revenues support the Internet ecosystem. They highlight theory problems and inspire systems research. In this thesis work we initiate the study that seeks to understand mechanisms and dynamics of advertising markets. We develop a scalable crawling capability that allows us to harvest a corpus of ads across a large number of websites and user profiles. We establish that user profile is essential in display ad markets: 50% of observed websites have at least 80% of their ads targeted at profiles. Further, we introduce cardinal auctions for selling multiple copies of a good, in which bidders specify not only their bid or how much they are willing to pay for the good, but also a cardinality constraint on the maximum size of the allocation in which they are willing to participate. We perform the first known analyses of Price of Anarchy and revenue of cardinal auctions. Finally, we introduce a new class of online allocation problems with secondary metrics, in which the goal is to optimize one metric (e.g., revenue), while meeting another (e.g., cost of user conversion).
    [Show full text]
  • An Empirical Study of Mobile Ad Targeting
    An Empirical Study of Mobile Ad Targeting Theodore Book Dan S. Wallach Rice University Rice University Abstract of Android advertising libraries to access permission- protected user data [15, 31, 22, 6] as well as the behavior Advertising, long the financial mainstay of the web of applications that directly pass user private information ecosystem, has become nearly ubiquitous in the world to their ad libraries [7]. What remains little understood of mobile apps. While ad targeting on the web is fairly is the way that information is used after it has been col- well understood, mobile ad targeting is much less stud- lected. ied. In this paper, we use empirical methods to collect In this work, we measure a more complex factor that a database of over 225,000 ads on 32 simulated devices is also critical to the understanding of user privacy—the hosting one of three distinct user profiles. We then ana- interaction between advertising libraries and their host lyze how the ads are targeted by correlating ads to poten- servers. Because we do not have direct access to the pro- tial targeting profiles using Bayes’ rule and Pearson’s chi prietary algorithms used in processing ad requests and squared test. This enables us to measure the prevalence serving advertisements, we choose to treat the data center of different forms of targeting. We find that nearly all ads as a black box, observing the relationship between inputs show the effects of application- and time-based targeting, (ad requests) and outputs (provided ads). This resembles while we are able to identify location-based targeting in the methodology used by other researchers in measuring 43% of the ads and user-based targeting in 39%.
    [Show full text]
  • Urban Screens Reader and Sabine Niederer 2 Urban Screens Reader 3
    EDITED BY SCOTT MCQUIRE, MEREDITH MARTIN URBAN SCREENS Reader AND SABINE NIEDERER 2 URBAN SCREENS Reader 3 Urban Screens Reader Editors: Scott McQuire, Meredith Martin and Sabine Niederer Editorial Assistance: Geert Lovink and Elena Tiis Copy Editing: Michael Dieter and Isabelle de Solier Design: Katja van Stiphout Printer: Raamwerken Printing & Design, Enkhuizen Publisher: Institute of Network Cultures, Amsterdam 2009 ISBN: 978-90-78146-10-0 Contact Institute of Network Cultures Phone: +3120 5951866 EDITED BY Fax: +3120 5951840 SCOTT MCQUIRE, Email: info@networkcultures MEREDITH MARTIN Web: http://www.networkcultures.org AND SABINE NIEDERER INC READer #5 Order a copy of this book by sending an email to: [email protected] A pdf of this publication can be downloaded freely at: http://www.networkcultures.org/publications Join the Urban Screens mailing list at: http://www.listcultures.org Join the International Urban Screens Association at: http://www.urbanscreensassoc.org Supported by: the Dutch Ministry of Education, Culture and Science in collaboration with Virtueel Platform, the Faculty of Arts, University of Melbourne, the School for Com- munication and Design at the Amsterdam University of Applied Sciences, MediaLAB Amsterdam and the International Urban Screens Association. The editors would also like to acknowledge the assistance of the Australian Research Council LP0989302 in supporting this research. Special thanks to all the authors for their contributions, and to Michael Dieter for his careful copy-editing. This publication is licensed under the Creative Commons Attribution Noncommercial No Derivative Works 2.5 Netherlands License. To view a copy of this license, visit: http://creativecommons.org/licenses/by-nc-nd/2.5/nl/deed.en No article in this reader may be reproduced in any form by any electronic or mechanical means without permission in writing from the author.
    [Show full text]
  • Kober V. Google
    Case 5:20-cv-08336 Document 1-1 Filed 11/25/20 Page 1 of 35 EXHIBIT A Case 5:20-cv-08336 Document 1-1 Filed 11/25/20 Page 2 of 35 1 BOTTINI & BOTTINI, INC. 2 Anne B. Beste (SBN 326881) 3 [email protected] Albert Y. Chang (SBN 296065) 4 [email protected] 5 Yury A. Kolesnikov (SBN 271173) [email protected] 6 7817 Ivanhoe Avenue, Suite 102 7 La Jolla, California 92037 Telephone: (858) 914-2001 8 Facsimile: (858) 914-2002 9 Attorneys for Plaintiff and the Class 10 11 SUPERIOR COURT FOR THE STATE OF CALIFORNIA 12 COUNTY OF SANTA CLARA 13 14 AMOS KOBER, on behalf of himself Case No. 15 and all others similarly situated, CLASS ACTION COMPLAINT: 16 Plaintiff, (1) THE CARTWRIGHT ACT 17 (CAL. BUS. & PROF. CODE § v. 16720); 18 GOOGLE LLC, ALPHABET, INC., (2) UNFAIR COMPETITION 19 and DOES 1-100, LAW (CAL. BUS. & PROF. CODE § 17200 ET SEQ.); AND 20 Defendants. (3) UNJUST ENRICHMENT 21 DEMAND FOR JURY TRIAL 22 23 24 25 26 27 28 CLASS ACTION COMPLAINT Case 5:20-cv-08336 Document 1-1 Filed 11/25/20 Page 3 of 35 1 Plaintiff, individually and on behalf of all others similarly situated (the “Class,” as 2 defined below), files this class-action complaint against Google LLC and Alphabet, Inc. 3 (“Defendants”) for violations of the Cartwright Act and Cal. Bus. & Prof. Code. Plaintiff 4 alleges the following (a) upon personal knowledge with respect to the matters pertaining 5 to Plaintiff; and (b) upon information and belief with respect to all other matters, based 6 upon, among other things, the investigations undertaken by Plaintiff’s counsel.
    [Show full text]
  • A Natural Attitude
    A Natural Attitude A Naturalista’s Hair Journal Spoken from a Salon Owner’s Perspective By Schatzi Hawthorne McCarthy A publication of Schatzi's Design Gallery & Day Spa, LLC A Natural Attitude: A Naturalista’s Hair Journal Spoken from a Salon Owner’s Perspective By Schatzi Hawthorne McCarthy Copyright © 2014-2021, Schatzi Hawthorne McCarthy; cover photo by Varick Taylor of one12images.com. Embrace the beauty of you. This book is dedicated to God, the Creator, for Your grace, mercy and omniscience: “Oh lord, though hast searched me and known me…” (Psalm 139) Thank you for guiding me, naturally and super-naturally, to this path of self-discovery that was your vision for my life. To the beautiful women in my life who have loved me unconditionally and have inspired me to be a natural woman: Grandma Mabel McMillan Aunt Joyce McCullom Woodbury Dear Mother Greta Lois McCullom Hawthorne At the footstool of this matriarchy, my natural attitude was nurtured and grown. Prayerfully, the world can learn from your rich and wise example. To my Dad, the late Retired Maj. Arthur Earl Hawthorne. You were always proud of me. Without your unconditional love, I would never have had the confidence to be the natural woman that I am. My love for you is beyond all understanding! To my beautiful family--Lloyd, Jela-ni, Jamar, who have supported me in all of my lifetime endeavors. I am privileged to walk this journey of life with you and pray that we continue to grow and learn together with hearts full of love and understanding.
    [Show full text]
  • Advertisement
    ADVERTISEMENT ST.18237.NewAd.SoldCover.indd 1 03/11/10 4:35 PM REDESIGNED REINVENTED REIMAGINED The new Globe—superior, full-colour reproduction and a bold, clean design on a premium semi-gloss stock. With longer time spent and a deeper connection to the content, this will change the way readers engage with the newspaper and your ads. RELEVANT lifestyle content to an engaged audience— each month, Globe Media attracts 1,476,000 influential, affluent female readers, 808,000 of whom are the principal grocery shopper in their household.* Monday Tuesday Wednesday Thursday Friday DIGITAL enhancements offer integrated sponsorships across multiple platforms. COLOUR on every page. Visit GlobeLink.ca, call 1.800.387.9012 or email [email protected] Globe Media to reach Canada’s most influential consumers. where influence lives *Source: PMB Fall 2010, Age 12+ ST.18154.GlobeandMail.ad.indd 1 01/11/10 3:55 PM B!G LOVE FOR TAXI PHD’S PRESCRIPTION FOR MEDIA GOLD SALTY BARBIE & CELEBRATES AS SCOUTS DDB WINS GET FRESH WITH AGENCY JOE OF THE YEAR (AGAIN) CoverNov10.indd 1 02/11/10 4:13 PM REDESIGNED REINVENTED REIMAGINED The new Globe—superior, full-colour reproduction and a bold, clean design on a premium semi-gloss stock. With longer time spent and a deeper connection to the content, this will change the way readers engage with the newspaper and your ads. RELEVANT lifestyle content to an engaged audience— each month, Globe Media attracts 1,476,000 influential, affluent female readers, 808,000 of whom are the principal grocery shopper in their household.* Monday Tuesday Wednesday Thursday Friday DIGITAL enhancements offer integrated sponsorships across multiple platforms.
    [Show full text]
  • Computational Advertising: Techniques for Targeting Relevant Ads
    Computational Advertising: Techniques for Targeting Relevant Ads Kushal Dave LTRC International Institute of Information Technology Hyderabad, India [email protected] Vasudeva Varma LTRC International Institute of Information Technology Hyderabad, India [email protected] Boston — Delft Foundations and TrendsR in Information Retrieval Published, sold and distributed by: now Publishers Inc. PO Box 1024 Hanover, MA 02339 United States Tel. +1-781-985-4510 www.nowpublishers.com [email protected] Outside North America: now Publishers Inc. PO Box 179 2600 AD Delft The Netherlands Tel. +31-6-51115274 The preferred citation for this publication is K. Dave and V. Varma. Computational Advertising: Techniques for Targeting Relevant Ads. Foundations and TrendsR in Information Retrieval, vol. 8, no. 4-5, pp. 263–418, 2014. R This Foundations and Trends issue was typeset in LATEX using a class file designed by Neal Parikh. Printed on acid-free paper. ISBN: 978-1-60198-833-1 c 2014 K. Dave and V. Varma All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, mechanical, photocopying, recording or otherwise, without prior written permission of the publishers. Photocopying. In the USA: This journal is registered at the Copyright Clearance Cen- ter, Inc., 222 Rosewood Drive, Danvers, MA 01923. Authorization to photocopy items for internal or personal use, or the internal or personal use of specific clients, is granted by now Publishers Inc for users registered with the Copyright Clearance Center (CCC). The ‘services’ for users can be found on the internet at: www.copyright.com For those organizations that have been granted a photocopy license, a separate system of payment has been arranged.
    [Show full text]
  • IDENTIFYING and MITIGATING THREATS from EMBEDDING THIRD-PARTY CONTENT a Dissertation Presented to the Academic Faculty by Wei Me
    IDENTIFYING AND MITIGATING THREATS FROM EMBEDDING THIRD-PARTY CONTENT A Dissertation Presented to The Academic Faculty By Wei Meng In Partial Fulfillment of the Requirements for the Degree Doctor of Philosophy in the School of Computer Science Georgia Institute of Technology August 2017 Copyright © Wei Meng 2017 IDENTIFYING AND MITIGATING THREATS FROM EMBEDDING THIRD-PARTY CONTENT Approved by: Dr. Wenke Lee, Advisor Dr. Giovanni Vigna School of Computer Science Department of Computer Science Georgia Institute of Technology University of California, Santa Barbara Dr. Mustaque Ahamad Dr. Nick Feamster School of Computer Science Department of Computer Science Georgia Institute of Technology Princeton University Dr. Taesoo Kim Date Approved: July 20, 2017 School of Computer Science Georgia Institute of Technology To my parents, and those who have supported me. iii ACKNOWLEDGEMENTS This Ph.D. dissertation would not exist without the support from a number of people. I would like to take this opportunity to acknowledge them. First of all, I am very grateful to my advisor, Wenke Lee, for his guidance and support through the Ph.D. program. Wenke has been an amazing advisor, who has trained me to become an independent researcher and think critically. When I first started my Ph.D. I was a little bit disappointed that I did not receive much instructions on projects or concrete research topics from him. Instead, Wenke provided me with the freedom and necessary resources to explore my own interests. When I met difficulties in exploring new directions, his insightful feedback helped me overcome many challenges. I learned what top-quality research is through the many debates with him, which I enjoyed a lot.
    [Show full text]
  • Diversification Strategy in Internet Industry: Google Inc. Example
    Afyon Kocatepe Üniversitesi Sosyal Bilimler Dergisi / Cilt: 20, Sayı: 3, Aralık 2018, 271-289 Afyon Kocatepe University Journal of Social Sciences / Volume: 20, No: 3, December 2018, 271-289 Yayın Geliş Tarihi (Submitted): Mart/March-2018 | Yayın Kabul Tarihi (Accepted): Aralık/December-2018 DOI: 10.32709/akusosbil.407405 Diversification Strategy in Internet Industry: Google Inc. Example İnternet Sektöründe Satın Alma Çeşitlendirme Stratejisi: Google Inc. Örneği Dr. Öğr. Üyesi Eyüp Bayram ŞEKERLİ 1, Doç. Dr. Eyüp AKÇETİN2 Abstract One of the growth strategies for firms is to buy other firms. Growth either may be related to main business area of firm or different fields from different sectors. This study examines the acquisition strategy of Google Inc. which is an important company in the oligopolistic internet industry with a limited number of operators (Amazon, Google, Microsoft, Facebook, etc.). Between the years of 2001-2017, 177 acquisitions were examined in this research,. As a result of this review, it appears that Google Inc. has acquired firms that manufacture in different technological areas. However, those acquisitions increased ability of generating revenues from its core business. Consequently, among 177 acquisitions, constrained-related diversification model is most frequently observed strategy which is aimed to increase performance of main business. Keywords: Acquisations, diversification strategy, internet sector, Google Inc. Özet İşletmelerin büyüme stratejilerinden birisi de diğer işletmeleri satın almaktır. Büyüme, işletmenin esas faaliyet alanı ile ilgili olabilirken, farklı sektörlerden farklı faaliyet alanlarını da içerebilmektedir. Bu çalışmada sınırlı sayıda işletmenin (Amazon, Google, Microsoft, Facebook gibi.) oluşturduğu oligopol bir yapıya sahip internet sektöründe önemli bir şirket olan Google Inc.’nin satın alma stratejisi incelenmiştir.
    [Show full text]