Interactive media (e.g., the Internet) has great potential for improving the targeting of sponsored content, e.g., advertisements (“ads”), to receptive audiences. For example, some websites provide information search functionality that is based on keywords entered by the user seeking information. This user query can be an indicator of the type of information of interest to the user. By comparing the user query to a list of keywords specified by an advertiser, it is possible to provide targeted ads to the user.
Another form of online advertising is ad syndication, which allows advertisers to extend their marketing reach by distributing ads to additional partners. For example, third party online publishers can place an advertiser's text or image ads on web properties with desirable content to drive online customers to the advertiser's website.
The ads, such as creatives that include several lines of text, images, or video clips, include links to landing pages. These landing pages are pages on advertiser websites or on syndicated publisher websites that users are directed to when the users click on the ads. Some of these landing pages, however, may include intrusive software, e.g., software, scripts, or any other entities that are deceptively, surreptitiously and/or automatically installed. Such software entities that are intrusively installed can be generally characterized as “malware,” a portmanteau of the words “malicious” and “software.” The software, however, need not take malicious action to be malware; any software that is intrusively installed can be considered malware, regardless of whether the actions taken by the software are malicious. Thus, in addition to Trojan Horses, viruses, and browser exploits, other software such as monitoring software can be considered malware. The malware can be present in the landing page intentionally or unintentionally. For example, an advertiser's site can be hacked and malware inserted directly onto the landing page; a malicious advertiser can insert malware into a landing page; a click-tracker can insert malware through a chain of redirects that lead to the final uniform resource locator (URL) of the landing page; an advertiser may place ads or gadgets on a page populated by third parties that insert malware onto the landing page; etc.
Once a landing page is known to have malware, an advertisement publisher can preclude the serving of the landing page. However, an advertisement publisher, e.g., Google, Inc., may have access to hundreds of millions of advertisements and corresponding landing pages associated with the advertisements. As could be understood, it may be it may be difficult to check/re-check each landing page in depth for the presence of malware.