210 likes | 369 Views
Security. Defending Intellectual Property. Agenda. Hacker Anatomy Risks Categories of Security Tools. Anatomy of a Hacker. Motives Challenge / Fame Disgruntled Gamer Cost / experience Profit Skill Novice Knows how to copy a disk or get hacks off the net Geek
E N D
Security Defending Intellectual Property
Agenda • Hacker Anatomy • Risks • Categories of Security • Tools
Anatomy of a Hacker • Motives • Challenge / Fame • Disgruntled Gamer • Cost / experience • Profit • Skill • Novice • Knows how to copy a disk or get hacks off the net • Geek • Knows how to get at bits • Knows how to use/write hacking tools • Professional • Has $$$ == hardware, software & Geeks
Security RisksLogical • Theft of Art Assets • Make own game or modifications to your game • Use for other purposes (web) • Disk Copying • Make copy and pass around for free/pay, return original to store. • Cheating • Online game economy. • User experience • Server Attacks • Bring down servers • Essentially make servers unavailable. • Billing/Identity theft • $$$ == Legal Liability • User experience
Security Risks Physical • CD • Copy Protection Schemes • Slow • Broken in weeks (i.e., unreliable against Pro) • Expensive (req. special mastering) • Executable • Encrypted • Exists somewhere unencrypted in memory. • Slow • Patch unfriendly • Encrypt parameters sent to your DLL’s. • Convolution of runtime • Heap moving • Strip symbols • Don’t expose entry points in DLL’s. • Periodic memory checksums • Check for hacker tools (running debuggers, shims, …) • Art • Encrypt or convolute into special format. • Combine all into one file. (performance issues both good and bad) • Net Traffic • Encrypt • Checksum • Validity check all variables • Authentication • CPU Hit, adds latency and Bandwidth (i.e., increases packet size)
Categories of Security • Copy Protection • Cryptography • Network Intrusion
Copy ProtectionSecuring Intellectual Property • CDROM copy protection • CD Keys • Makes casual user search for keygen cracks • Warez Aware • Avoid easy exclusion of large data files. Require hex hack to .exe and .dlls • Add Many Aversions (i.e. Convolutions) • Watermark Assets
Cryptography Goals / Services • Privacy • Keep others from seeing your data • Message Integrity • Keep others from changing you data unbeknownst to you • Authentication • Verify Identity
Cryptography Algorithms • Secret Key • Both encrypt & decrypt with same key • Requires initial secure key exchange • Manual (in person, or through some other media) • Hardware (key FOB) • Other Secure Transmission • Public Key • Trap door a.k.a. one-way function • Can’t decrypt without other key • Related to Prime Factorization • Encrypt with destinations public key • Destination decrypts with private key • Message Digest • Keyless hash using one-way function to produce checksum
Cryptography Message Digest • MD<n> (e.g. The popular MD5) 128 bit • SHA (Secure Hash Algorithm) 160 bit • Fast • Not really security (tamper proofing) • Fancy Checksum
Public Key Encryption (Asymmetric - Key Pairs) • RSA (Rivest, Shamir & Adelman) • Used by PGP (Pretty Good Privacy) • Much slower than secret key algorithm • Fast encrypt, Slow decrypt • To slow for real-time game messages • Use when you need the best security • Exchange Secret Session keys via Public Key Encryption • Public key distribution via. x.509 digital certs • Trusted 3rd party verifies you are who you say
Secret Key Encryption (Symmetric - Same Key) • AES (Advanced Encryption Standard) 128, 192, 256 bit keys • Considered current best Secret Key algorithm • Endorsed by U.S. Gov (November 2002) • Algorithm name “Rijndael” • DES (Data Encryption Standard) 56 bit keys • Developed by IBM • Endorsed by U.S. Gov (expired with intro of AES) • Most widely used encryption • Used by Kerberos • Created to run on special hardware • Blowfish – variable up to 448 bit keys • Faster than DES (created to run on PCs) Faster than public key algorithms • Requires exhaustive key-space search to hack • Increasing CPU speed has put this algorithm on the edge of compromise
Secret Key EncryptionStandard Modes • Block Ciphers • ECB (Electronic Cookbook) • Single Block, no feedback (Good for Datagrams) • CBC (Cipher Block Chaining) • Integrates prior message • Stream Ciphers • CFB (Cipher Feedback) • OFB (Output Feedback Mode)
Cryptography Not For Export • ITAR – US International Traffic and Arms Regulations • Limits exportability of military munitions. • Export a program using encryption, get busted for arms smuggling • Can’t make cryptography too strong. Based on Key bit size and algorithm. Each country has their own regulations in regards to crypto strength.
Network Intrusion Firewalls • Pass on or drop packets. • 3 Techniques • Packet Filtering Concerned with packet headers • Port Filtering • Stateful protocol inspection • Circuit Gateways Sets up a secure session. Doesn’t car about contents. • SSL, Socks5, VPN, Tunneling • Application Proxies Concerned with packet data • Antivirus run on FTP or SMTP
Network Intrusion Brute Force Internet Attacks • Denial Of Service (a.k.a. DOS Attacks) • Saturate bandwidth • Consume Server CPU time • Blow out router Address Cache • (basically CPU bind the router for a period of time) • IP Spoofing • MAC Address • Slightly more difficult (act as a bridge with 2 NICs) • IP Address • Reverse Tunneling, DNS Rebinding
Tools • Satan • Detect vulnerabilities • Server Audit logs • After the fact • Debuggers (Soft Ice and similar) • Dissemblers • DLL Shims • O/S Emulators • Hardware Sniffers • Memory Tools: • Difference engines
In Game • File & RAM crc checkers • Heap Hopper • Remove debug symbols on release build • Code Obfuscator (Important for .NET) • Data Bluffing • Rigorous Packet Validation • Action Validation • Clock Validation
Game Tools • Punkbuster • Scans for known: • Cheat programs • Cheating API’s • File and memory check sums • Player voting • Hardware banning • Exe Encryption
References • Books • Internet Security – Professional Reference • Wide range of general security protocols • Applied Cryptography – Bruce Schneier • General introduction to all cryptography • Security Organizations • CERT, FIRST, 8LGM, IACR, RSA, NSA, Microsoft, IBM…
Reference Links • General Security • www.microsoft.com/security • www.ibm.com/security • Encryption • www.rsasecurity.com/rsalabs/faq • www.cryptopp.com (blowfish, DES, MD5 lib) • www.counterpane.com/blowfish.html