Privad Overview and Private Auctions
Download
1 / 98

Paul Francis (MPI-SWS) Ruichuan Chen (MPI-SWS) Bin Cheng (NEC Research) - PowerPoint PPT Presentation


  • 73 Views
  • Uploaded on

Privad Overview and Private Auctions. Paul Francis (MPI-SWS) Ruichuan Chen (MPI-SWS) Bin Cheng (NEC Research) Alexey Reznichenko (MPI-SWS) Saikat Guha (MSR India). Can we replace current advertising systems with one that is private enough, and targets at least as well?.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Paul Francis (MPI-SWS) Ruichuan Chen (MPI-SWS) Bin Cheng (NEC Research)' - yan


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Privad Overview and Private Auctions

Paul Francis (MPI-SWS)

Ruichuan Chen (MPI-SWS)

Bin Cheng (NEC Research)

Alexey Reznichenko (MPI-SWS)

Saikat Guha (MSR India)


Can we replace current advertising systems with one that is private enough, and targets at least as well?


Can we replace current advertising systems with one that is private enough, and targets at least as well?

  • Follows today’s business model

    • Advertisers bid for ad space, pay for clicks

    • Publishers provide ad space, get paid for clicks

  • Deal with click fraud

  • Scales adequately


Can we replace current advertising systems with one that is private enough , and targets at least as well?

  • Most users don’t care about privacy

  • But privacy advocates do, and so do governments

  • Privacy advocates need to be convinced


Can we replace current advertising systems with one that is private enough , and targets at least as well?

  • Our approach:

  • “As private as possible”

  • While still satisfying other goals

  • Hope that this is good enough


Can we replace current advertising systems with one that is private enough, and targets at least as well?

A principle: Increased privacy begets better targeting


Client private enough, and targets at least as well?

Today’s advertising model

(simplified)

Trackers

Publishers

Advertisers

Broker (Ad exchange)


Client private enough, and targets at least as well?

Trackers

Publishers

Advertisers

Broker (Ad exchange)

Trackers track users

Compile user profile

U

U

U


Client private enough, and targets at least as well?

Trackers

U

U

U

Publishers

Advertisers

Broker (Ad exchange)

Trackers may share profiles with advertisers?

U

U

U


Client private enough, and targets at least as well?

Trackers

U

U

U

Publishers

Advertisers

Broker (Ad exchange)

Client gets webpage with

adbox

U

U

U


Client private enough, and targets at least as well?

Trackers

U

U

U

Publishers

Advertisers

Broker (Ad exchange)

Client tells broker of page

U

U

U


Client private enough, and targets at least as well?

Trackers

U

U

U

Publishers

Advertisers

Broker (Ad exchange)

Broker launches auction (for given user visiting given webpage ….)

Also does clickfraud etc.

U

U

U


Client private enough, and targets at least as well?

Trackers

U

U

U

Publishers

Advertisers

Broker (Ad exchange)

(alternatively the publisher could have launched the auction)

U

U

U


Client private enough, and targets at least as well?

Trackers

U

U

U

Publishers

Advertisers

Broker (Ad exchange)

Advertisers present bids and ads

U

U

U


Client private enough, and targets at least as well?

Trackers

U

U

U

Publishers

Advertisers

Broker (Ad exchange)

Broker picks winners,

delivers ads

U

U

U


Client private enough, and targets at least as well?

Trackers

U

U

U

Publishers

Advertisers

Broker (Ad exchange)

User waits for this exchange

U

U

U


Client private enough, and targets at least as well?

Trackers

U

U

U

Publishers

Advertisers

Broker (Ad exchange)

Various reporting of results . . . .

U

U

U


Broker private enough, and targets at least as well?

Publishers

Advertisers

U

Dealer

SA

Privad Basic Architecture

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

A

U

Dealer

Learn interest in tennis shoes

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

A

A

U

Anonymous request for tennis shoes

Dealer

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

A

A

U

Dealer

Relevant and non-relevant ads stored locally

SA

Clients


Chan: {Interest, Region, Language} private enough, and targets at least as well?

Ad: {AdID, AdvID, Content, Targeting, . . . .}

Key K unique to this request

Dealer knows Client requests some channel

Broker knows some Client requests this channel

Dealer cannot link requests

ICCCN 2010


Broker private enough, and targets at least as well?

Publishers

Advertisers

A

A

U

Dealer

Webpage with

adbox

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

A

A

U

Ad is delivered locally

Minimal delay

May or may not be related to page context

Dealer

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

A

A

U

View or click is reported to Broker via Dealer

Dealer

SA

Clients


Report: {AdID, PubID, EvType} private enough, and targets at least as well?

Dealer learns client X clicked on some ad

Broker learns some client clicked on ad Y

At Broker, multiple clicks from same client appear as clicks from multiple clients

ICCCN 2010


List of sus-pected rid’s private enough, and targets at least as well?

rid: Report ID

Unique for every report

Used to (indirectly) inform Dealer of suspected attacking Clients

Dealer remembers rid↔Client mappings

Client with many reported rid’s is suspect

ICCCN 2010


Many interesting challenges private enough, and targets at least as well?

  • Click fraud and auction fraud

  • 2nd-price, pay-per-click auction

  • How to do profiling

  • Protecting user from malicious advertisers

    • ….and still have good targeting

  • Gathering usage statistics and correlations

  • Accommodating multiple clients

    • Dynamic bidding for ad boxes

  • Co-existing with today’s systems


Many interesting challenges private enough, and targets at least as well?

  • Click fraud and auction fraud

  • 2nd-price, pay-per-click auction

  • How to do profiling

  • Protecting user from malicious advertisers

    • ….and still have good targeting

  • Gathering usage statistics and correlations

  • Accommodating multiple clients

    • Dynamic bidding for ad boxes

  • Co-existing with today’s systems


Advertising auctions today
Advertising auctions today private enough, and targets at least as well?

  • Almost all auctions are second price

  • Most auctions are Pay Per Click (PPC)


Bid3: $6 private enough, and targets at least as well?

Bid1: $2

Bid2: $7

Bid2: $3

Bid1: $5

Bid3: $1

Bid3: $4


Second price auction
Second Price Auction private enough, and targets at least as well?

Winner pays bid+δ of next ranked bidder

Bidders can safely bid maximum from the start

Bid2: $7

Bid3: $6

Bid1: $5


Second price auction1
Second Price Auction private enough, and targets at least as well?

Winner pays bid+δ of next ranked bidder

Bidders can safely bid maximum from the start

Maximum bid

Bid2: $7 ($9)

Bid3: $6 ($6)

Bid1: $5 ($5)


Second price auction2
Second Price Auction private enough, and targets at least as well?

Bidder 2 is 1st ranked

Pays $6+1¢=$6.01

Bidder 3 is 2nd ranked

Pays $5+1¢=$5.01

Bid2: ($9)

Bid3: ($6)

Bid1: ($5)


What about ppc pay per click
What about PPC (pay per click)? private enough, and targets at least as well?

Click

Probabilities

P(C)=0.1

Bid2: $9

P(C)=0.1

Bid3: $6

P(C)=0.4

Bid1: $5


What about ppc pay per click1
What about PPC (pay per click)? private enough, and targets at least as well?

P(C)=0.1 $0.9

Bid2: $9

P(C)=0.1 $0.6

Bid3: $6

P(C)=0.4 $2.0

Bid1: $5

Expected

Revenue

Expected Revenue = Bid X Click Probability


What about ppc pay per click2
What about PPC (pay per click)? private enough, and targets at least as well?

P(C)=0.1 $0.9

Bid2: $9

Bid3: $6

P(C)=0.1 $0.6

P(C)=0.4 $2.0

Bid1: $5

Ad Rank= Bid X Click Probability


What does bidder 1 pay
What does bidder 1 pay??? private enough, and targets at least as well?

P(C)=0.1

Bid2: $9

Bid3: $6

P(C)=0.1

P(C)=0.4

Bid1: $5


What does bidder 1 pay1
What does bidder 1 pay??? private enough, and targets at least as well?

P(C)=0.1

Bid2: $9

Bid3: $6

P(C)=0.1

P(C)=0.4

Bid1: $5

Certainly not $9+1¢=$9.01


Google second price auction
Google Second Price Auction private enough, and targets at least as well?

P(C)=0.4

Bid1: $5

P(C)=0.1

Bid2: $9

Bid3: $6

P(C)=0.1

Ad Rank= Bid X Click Probability

P(C) next

CPC = Bid next

P(C) clicked


Google second price auction1
Google Second Price Auction private enough, and targets at least as well?

P(C)=0.4 $2.26

Bid1: $5

P(C)=0.1 $6.01

Bid2: $9

Bid3: $6

P(C)=0.1 $?

Ad Rank= Bid X Click Probability

P(C) next

CPC = Bid next

P(C) clicked


What is the click probability
What is the Click Probability??? private enough, and targets at least as well?


What is the click probability1
What is the Click Probability??? private enough, and targets at least as well?

  • Historical click performance of the ad

  • Landing page quality

  • Relevance to the user

  • User click through rates

  • …….


What is the click probability2
What is the Click Probability??? private enough, and targets at least as well?

  • Historical click performance of the ad

  • Landing page quality

  • Relevance to the user

  • User click through rates

  • …….

Today all this is known by the broker

(ad network)


What is the click probability3
What is the Click Probability??? private enough, and targets at least as well?

  • Historical click performance of the ad

  • Landing page quality

  • Relevance to the user

  • User click through rates

  • …….

In a non-tracking advertising system, the broker knows nothing about the user!


What is the click probability4
What is the Click Probability??? private enough, and targets at least as well?

  • Historical click performance of the ad

  • Landing page quality

  • …….

  • Relevance to the user

  • User click through rates

  • …….

Known at broker

(call it G)

Known at user

(call it U)


Second price auction with broker and user components
Second price auction with broker and user components private enough, and targets at least as well?

  • Ranking by revenue potential:

    • Assume that Click Probability = G x U

  • Second-Price cost per click:


Non tracking advertising revisited
Non-tracking advertising revisited private enough, and targets at least as well?

  • User profile at client

  • Privacy goals at broker:

    • Anonymity: No user identifier tied to any user profile attributes

    • Unlinkability: Individual user profile attributes cannot be linked


Finally problem statement
Finally: Problem Statement private enough, and targets at least as well?

  • Satisfy anonymity and unlinkability goals in a system that runs this auction:

  • Where Bid and G are known at broker

  • And U is known at client


Basic architecture
Basic Architecture private enough, and targets at least as well?


Two questions
Two questions private enough, and targets at least as well?

  • Where do we do the ranking?

  • Where do we do the CPC computation?


Two questions1
Two questions private enough, and targets at least as well?

  • Do CPC at Broker:

  • Don’t want to reveal advertiser’s Bid

  • Fraud

  • Where do we do the ranking?

  • Where do we do the CPC computation?


Three flavors of non tracking auctions
Three flavors of Non-Tracking auctions private enough, and targets at least as well?

Broker

(Bid, G)

Client

(U)

[email protected]

Bid, G

[email protected]

U

3

Bid, G

[email protected]

U

party


Three flavors of non tracking auctions1
Three flavors of Non-Tracking auctions private enough, and targets at least as well?

Broker

(Bid, G)

Client

(U)

[email protected]

Bid, G

[email protected]

U

3

Bid, G

[email protected]

U

party


Broker private enough, and targets at least as well?

(Bid, G)

Client

(U)

A - the ad ID,

Value of (B × G),

E[B,G],

(+ targeting etc.)

Computes ranking:

(B × G) × U


Broker private enough, and targets at least as well?

(Bid, G)

Client

(U)

A - the ad ID,

Value of (B × G),

E[B,G],

(+ targeting etc.)

Computes ranking:

(B × G) × U


Broker private enough, and targets at least as well?

(Bid, G)

Client

(U)

A - the ad ID,

Value of (B × G),

E[B,G],

(+ targeting etc.)

Computes ranking:

(B × G) × U

Time

Ac - clicked ad ID

((Bn × Gn) × Un / Uc)

E[Bc, Gc]

Decrypts E[Bc, Gc]

Computes CPC:

((Bn × Gn) × Un / Uc) / Gc

Checks that CPC ≤ Bc


Broker private enough, and targets at least as well?

(Bid, G)

Client

(U)

Decrypts E[Bc, Gc]

Computes CPC:

((Bn × Gn) × Un / Uc) / Gc

Checks that CPC ≤ Bc


Broker private enough, and targets at least as well?

(Bid, G)

Client

(U)

User information obscured by hiding within this composite value

A - the ad ID,

Value of (B × G),

E[B,G],

(+ targeting etc.)

Computes ranking:

(B × G) × U

Ac - clicked ad ID

((Bn × Gn) × Un / Uc)

E[Bc, Gc]

Decrypts E[Bc, Gc]

Computes CPC:

((Bn × Gn) × Un / Uc) / Gc

Checks that CPC ≤ Bc


Broker private enough, and targets at least as well?

(Bid, G)

Client

(U)

A - the ad ID,

Value of (B × G),

E[B,G],

(+ targeting etc.)

Computes ranking:

(B × G) × U

Ac - clicked ad ID

((Bn × Gn) × Un / Uc)

E[Bc, Gc]

Decrypts E[Bc, Gc]

Computes CPC:

((Bn × Gn) × Un / Uc) / Gc

Checks that CPC ≤ Bc


Broker private enough, and targets at least as well?

(Bid, G)

Client

(U)

Bc and Gc may have changed between ranking and CPC calculation

A - the ad ID,

Value of (B × G),

E[B,G],

(+ targeting etc.)

Computes ranking:

(B × G) × U

Ac - clicked ad ID

((Bn × Gn) × Un / Uc)

E[Bc, Gc]

Decrypts E[Bc, Gc]

Computes CPC:

((Bn × Gn) × Un / Uc) / Gc

Checks that CPC ≤ Bc


All three private enough, and targets at least as well?auction designs introduce various systemdelays

  • precompute and cache ranking

  • use out-of-date bid information

  • do not immediately reflect changes in bids


Changes in bids private enough, and targets at least as well?constitute main source of churn

Advertisers constantly update their bids to

  • show ads in a preferred position

  • meet target number of impressions

  • respond to market changes


How private enough, and targets at least as well?detrimental are auction delays?

Broker perspective:

  • How much revenue is lost due to these delays?

    Advertiser perspective:

  • How they affect advertisers’ rankings?


Bing’s private enough, and targets at least as well?Auction log

  • 2TB of log data spanning 48 hours

  • 150M auctions with 18M ads

  • Trace record for an auction includes:

    • All participating ads

    • Bids and quality scores

    • Whether ad was shown and clicked


Understanding effect of private enough, and targets at least as well?churn on revenue

Idea:

  • Simulate auctions with stale bid information

  • Compute auctions at time t using bids recorded at time t-x

  • Compare generated revenue to auctions with up-to-date bid information


We private enough, and targets at least as well?cannot predict changes in clicking behavior when rankings change


We simulate private enough, and targets at least as well?five click models

  • 100% same position

  • 75% same position, 25% same ad

  • 50%-50%

  • 25% same position, 75% same ad

  • 100% same ad


Bid staleness and private enough, and targets at least as well?change in revenue


Bid staleness and private enough, and targets at least as well?change in ranking


Computing U private enough, and targets at least as well?

So far, we assume we know user component of click probability

Hard to compute purely at client

Not enough history

Unlinkably gather click stats from clients, compute U, feed back to clients


Assume a set of factors X={x private enough, and targets at least as well?1, x2, …, xL}

Level of interest in ad’s product/service

Targeting/user match quality

Webpage context

User’s historic CTR

…….

Clients report {Ad-ID, X, click}

Broker computes U = f(X), delivers f(X) along with ad


Problem if X={x private enough, and targets at least as well?1, x2, …, xL} fingerprints user

Possible mitigating factors:

Level of interest

Many interests change,

many interests don’t correlate that well

Targeting match quality

Different ads have different targeting

Webpage context

Can be course-grained

User’s historic CTR

Can be course-grained


Future work private enough, and targets at least as well?

So far, designs appear practical, but:

  • Can we accurately compute user score U?

    • And without violating privacy….

  • Are there new forms of click fraud?

  • Need experience in practice….


User Statistics private enough, and targets at least as well?

Broker and advertiser want to know deep statistical information about users

What kind of targeting works best?

When should ads be shown?

Are users interested in A also interested in B?

How can conversion rates be improved?

Centralized systems have full knowledge

How can Privad privately provide this information?


Differential Privacy private enough, and targets at least as well?

Differential Privacy adds noise to answers of DB queries

Such that presence or absence of single DB element cannot be determined

Normally modeled as a single trusted DB

Query

True Answer

DB

Noisy Answer

Add Noise

Trusted


DB private enough, and targets at least as well?

DB

DB

DB

Distributed Differential Privacy

Dealer

Query

(cleartext)


DB private enough, and targets at least as well?

DB

DB

DB

Distributed Differential Privacy

Noisy Answers

(encrypted)

Dealer

True Answers

(encrypted)


A couple URLs private enough, and targets at least as well?

adresearch.mpi-sws.org

trackingfree.org


ICCCN 2010


Broker private enough, and targets at least as well?

Publishers

Advertisers

U

Dealer

Generate user profiles locally at the client

In other words, Adware!

Software Agent

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

U

Anonymizes client-broker communications

Cannot eavesdrop

Helps with clickfraud

Dealer

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

U

Client/broker messages:

Contain minimal info (no PII)

Cannot be linked to same client

Dealer

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

U

Dealer

Unlinkability and anonymity

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

U

Dealer

Browser sandbox

Encrypted

Reference Monitor

Trusted, open

SA

Cleartext

Clients

Software

Agent

Untrusted

Black-box

U


Broker private enough, and targets at least as well?

Publishers

Advertisers

U

Possibly malicious

Dealer

“Pretty honest but very curious”

Doesn’t collude

Honest but tempted

Browser sandbox

Encrypted

Reference Monitor

Trusted, open

SA

Cleartext

Clients

Software

Agent

Untrusted

Black-box

U


Privacy and threat models??? private enough, and targets at least as well?

Honest but curious isn’t quite right

We expect the broker to do “what it can get away with”, but cautiously

Plus we need to make privacy advocates comfortable

No formal privacy model

Formal models are too narrow and restrictive


U private enough, and targets at least as well?

Dealer and Software Agent are new components

How are they incentivized?

Dealer

SA

Clients


U private enough, and targets at least as well?

Dealer

Dealer:

Legally bound to follow protocols, not collude

SA

Execute open-source software, open to inspection

Clients


U private enough, and targets at least as well?

Dealer

Client:

Various options:

Provide benefit: free software, content, …..

SA

Clients

Like adware!

Bundle with browser or OS


ICCCN 2010


Broker private enough, and targets at least as well?

Publishers

Advertisers

U

Please suspend disbelief, imagine that we succeed……

Dealer

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

A

U

Perfectly Private Advertising System

Dealer

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

A

U

Ad

Perfectly Private Advertising System

Ad targeted to:

“Man” AND “Married” AND

“Has girlfriend”

Dealer

Ad

SA

Clients


Broker private enough, and targets at least as well?

Publishers

Advertisers

A

U

Perfectly Private Advertising System

Click

Dealer

Advertiser gets (very) personal information about users

SA

Clients


Honey, why are you getting ads for sexy lingerie? private enough, and targets at least as well?

ICCCN 2010


More private enough, and targets at least as well?

???

Privad

Privacy

Less

Targeting

Worse

Better


ad