Identifying HTTP clients

my software-house is developing a component for advertisement in some of ours portals. The advertisement is click based, thus the source portal that more originates click's is the winner. My preucupation is about "fake clicks", malicious HTTP clients raising requests. It's possible for a attacker to falsify the IP 开发者_如何学JAVAsource address of a HTTP request? How i can prevent this? We are observing so much random requests in a little interval of time

It is possible to go via some proxy, there is a plenty of free proxies around the net and you can pretend to have a bunch of different IPs even when you are physically sitting in front of one computer. This is probably very hard to detect although it can be considered "malicious".

As far as I know there is no simple way to change the IP without physically going via a machine with this IP, but I am not an expert here so probably somebody else will give you more confidence.

I think your best bet is going to be some sort of cookie & IP technology together. Realistically though the other poster is right. You can clear cookies and use TOR to come out of any number of unique IP addresses.