§6 Cheating Prevention Goals � traditional cheating in computer games � protect the sensitive information � cracking the copy protection � cracking passwords � fiddling with the binaries: boosters, trainers, etc. � pretending to be an administrator � here, the focus is on multiplayer online games � provide a fair playing field � exploiting technical advantages � tampering the network traffic � exploiting social advantages � colluding with other players � cheaters’ motivations � uphold justice inside the game world � vandalism � abusing beginners � dominance � gangs Shared-space technologies History and evolution Augmented Virtual 1980 1990 2000 synthetic Reality Reality military DIS HLA Artificiality SIMNET NPSNET, STOW Physical Tele- physical DVE CVE Reality presence academic RB2 DIVE, Spline, MASSIVE, Coven local remote Amaze Transportation Ultima Online entertainment MUD Air Warrior Doom Battle.net (source: Benford et al. , 1998) Massive multiplayer online games Cheating methods Name Publisher Released Subscribers � tampering network traffic Ultima Online Origin Systems 1997 250,000 � illicit information EverQuest Sony 1999 430,000 � exploiting design defects Entertainment � collusion Asheron’s Call Microsoft 1999 N / A � offending other players Dark Age of Sierra Studios 2001 250,000 Camelot Sims Online Electronic Arts 2002 97,000 Star Wars LucasArts 2003 N / A Galaxies (source: www.mmorpg.com ) 1
Breaking the control protocol: Tampering network traffic Maladies & remedies � malady : change data in the messages and observe effects � reflex augmentation � remedy : checksums (MD5 algorithm) � packet interception � malady : reverse engineer the checksum algorithm � look-ahead cheating � remedy : encrypt the messages � packet replay attack � malady : attack with packet replay � remedy : add state information (pseudo - r andom numbers) � malady : analyse messages based on their sizes � remedy : modify messages and add a variable amount of junk data to messages Illicit information Exploiting design defects � access to replicated, hidden game data � what can we do to poor designs! � removing the fog of war � repair the observed defects with patches � compromised graphics rendering drivers � limit the original functionality to avoid the defects � cheaters have more knowledge than they should have � client authority abuse → passive cheating � information from the clients is taken face-value regardless its � compromised software or data reliability � counter - m e asures in a networked environment � unrecognized (or unheeded) features of the network � centralized: server maintains integrity among the clients � operation when the latencies are high � distributed: nodes check the validity of each other’s � coping with DoS and other attacks commands to detect cheaters Denial-of-service attack Collusion � logic attack: exploit flaws in the software � imperfect information games � flooding attack: overwhelm the victim’s � infer the hidden information resources by sending a large number of spurious � outwit the opponents requests � collusion = two or more players play together without informing the other participants � distributed attacks: attack simultaneously from multiple (possibly cracked) hosts � how to detect collusion in online game? � IP spoofing: forge the source address of the � players can communicate through other media outgoing packets � one player can have several avatars 2
Analysing collusion Collusion types � tracking � active collusion � determine who the players are � cheaters play more aggressively than they normally � but physical identity does not reflect who is actually would playing the game � can be detected with styling � styling � passive collusion � analyse how the players play the game � cheaters play more cautiously than they normally � requires a sufficient amount of game data would � collusion can be detected only afterwards � practically undetectable → no pre-emptive nor real-time counter-measures 3
Recommend
More recommend
