The best way to avoid that stuff is to not make enemies. People don't just surf the web to randomly click bomb some random site, it's always done for some other reason. Also, make sure you use your "allowed sites" option in your account, this keeps others from using the code on a remote site from yours. You can even go further and call your adsense code from a *.js file.
You can basically track all your visitors by using some tracking scripts like google analytics (i find them best) or sitemeter or whatever you like. Then if you find the same IP coming again and again to your blog then he/she is a possible culprit . You can then write a letter informing google what you are going through and you can even tell them that this IP is frequently showed in my stats and you find it suspicious. Believe me google cooperates and if you tell them before hand then they won't ban your acount. But you need to tell them that this is what is going on, on my site or blog.