1 / 20

Game Security

Stopping cheaters since 15-06-2012. Game Security. By: Tigran Gasparian. What are we going to talk about ?. Motivation Basics – Protecting highscores Basics – Online games Bot Detection – Motivation Bot Detection – General Bot Detection – MMOs. Why do people cheat ?.

babu
Download Presentation

Game Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Stopping cheaters since 15-06-2012 Game Security By: Tigran Gasparian

  2. What are we going to talk about? • Motivation • Basics – Protectinghighscores • Basics – Online games • Bot Detection – Motivation • Bot Detection – General • Bot Detection – MMOs

  3. Why do peoplecheat? • You can earn money from it • It’s fun

  4. Whyshould we stop them? • Less fun for non-cheaters • Damagesyour game economy • Shortens the lifespan of your game • Whatabout offline games?

  5. Protectinghighscores • Make it difficult to cheat • Makesureit’stoomuchtrouble to cheat. • Encryption • White box cryptography • Send extra information. • Use parallel protocols • Honeypot • Delayed ban

  6. Sending extra info • Types of data: • Number of enemies killed • Play time • Number of clicks • Etc.

  7. Parallel protocols • Handle incorrect data • Plain-texthighscores • Incorrect extra info • Incorrect syntax • Etc.

  8. Honeypot • Whendetecting a falsesubmission • Show it in the highscoretable • Onlyfor the cheater • Otherplayersdon’tseeit • Cheaterthinkshesucceded • He might stop trying.

  9. Delayed ban • Multiple cheatingmethodsavailable • Ban at a random time • e.g. between 1-2 weeks afterdetection • Whatgothimcaught? • Potentialdanger?

  10. Online games in general • Never trust the client • The clientmightnot even be a client • Always check some data • Performance vs Security • Where to do physics?

  11. Modified clients • User can change their game client • Usually to gain more information. • Make walls transparent • Make camouflage bright • Make models bigger • Etc. • Check hashes of game data files.

  12. What is a bot? • A program that plays the game for you. • Scripts that send input into the game client • Stand-alone programs • Sending packets to the server like the real client • Types: • Aim bots • Player bots • Gold/EXP farmers

  13. What can we do? • Bot’s don’t break the game laws • They just automate player actions • The only thing we can do is detect them • And ban them of course!

  14. So how do we detect them? • Traditional approach – CAPTCHA • Websites use it, it works great!

  15. So how do we detect them? • Something more user friendly. • Detection by behavior • Bots act … weird • It’s very hard to exactly simulate human behavior • Especially the movement

  16. Detection by behaviour • Analyze data you already have • Position • Orientation • Etc. • Compare bots to humans • Define features • Train a neural network to detect bots. • ????? • Profit!

  17. Quake 2 example • Data we use for our analysis • Position • Orientation • Features • On/off time • Movement speed • Path smoothness, detours, zig-zagness • Rotations 30°, 60°, 90°

  18. Quake 2 example • Simple learning algorithm • 95% detection rate • With 200 seconds of game info • This %&#$ works! See Game Bot Detection Based on Avatar Trajectory for the article

  19. Back to the goldfarmers • Repetitions in path • Very few detours • Capture position data • Make a simplified path • Count segment passes • Count repeating sub path length • Draw conclusions

More Related