Gaming Security. Aggelos Kiayias

Similar documents
Exploiting Online Games: Cheating massively distributed systems

exploiting online games: an interview

Chapter 5: Game Analytics

Peer-to-Peer Architecture

Datakom II Seminar Lecture 2005 Erik Nordström

Centralized Server Architecture

The relationship between Gold Raid Team and World of Warcraft s Economy On Chinese. Servers. Han Li. WRIT 1133 class. University of Denver

Online games have taken the computer world by

Solution: Alice tosses a coin and conveys the result to Bob. Problem: Alice can choose any result.

Title: Dynamic Bayesian Approach for Detecting Cheats in Multi-Player Online Games

CMSC 425: Lecture 23 Detecting and Preventing Cheating in Multiplayer Games

Distributed Settlers of Catan

OpenConflict: Preventing Real Time Map Hacks in Online Games

OpenConflict: Preventing Real Time Map Hacks in Online Games

Solipsis: A Decentralized Architecture for Virtual Environments

Texas hold em Poker AI implementation:

Secure Distributed Computation on Private Inputs

A decentralized poker room using blockchain technology

POSTCARD DESIGN COMPETITION 2016 OPEN TO ALL CHILDREN, AGED 5-16

A Study of Optimal Spatial Partition Size and Field of View in Massively Multiplayer Online Game Server

Hacking Online Games. Matt Ward & Paul Jennas II. April 22, 2012

Provided by. RESEARCH ON INTERNATIONAL MARKETS We deliver the facts you make the decisions

MIS 404 LEGAL & ETHICAL ISSUES IN COMPUTING ETHICS AND INFORMATION TECHNOLOGY. Week 11b: Ethical Game Play

The student will explain and evaluate the financial impact and consequences of gambling.

MULTIPLAYER MOBILE GAMES (UNITY)

SAUSAGE MAKING STARTER KIT START SINGLE SPARK. Your business-in-a-box!

Bellairs Games Workshop. Massively Multiplayer Games

Merkle s Puzzles. c Eli Biham - May 3, Merkle s Puzzles (8)

Create Or Conquer Game Development Guide

20 ONLINE BUSINESS IDEAS

What is Dual Boxing? Why Should I Dual Box? Table of Contents

The future is here: Gaming, Gambling and the new challenges of treatment

TOKEN SALE AGREEMENT

Database and State Replication in Multiplayer Online Games

Opportunities and Challenges for Real Money Trading in Virtual World

Local Perception Filter

Taking your game online: Fundamentals of coding online games

Match+Guardian: A Secure Peer-to-Peer Trading Card Game Protocol

FLIPSY Main System and CASE STUDY

The Sooner You Use Backlinks Warrior... The Sooner You'll Get Results!

DOWNLOAD OR READ : CLASH OF CLANS GAME GUIDECLASH OF CLANS PDF EBOOK EPUB MOBI

PlaneShift Project. Architecture Overview and Roadmap. Copyright 2005 Atomic Blue

GOOD GAME PLATFORM GAMING IS ALWAYS BETTER WITH FRIENDS

Online Gaming Is NOT Just for Kids Anymore

Introduction to Cryptography CS 355

CS 261 Notes: Zerocash

Random. Bart Massey Portland State University Open Source Bridge Conf. June 2014

Call Of Duty Modern Warfare 3 Hacks Ps3 Multiplayer Guide List

ANATOMY OF EXPLOITING MMORPG S

COPYRIGHTED MATERIAL. Learning to Program. Part. In This Part

What s Next for Networked Games?

Chapter 23 The Bleeding Edge

TOILET SOAP STARTER KIT START SINGLE SPARK. Your business-in-a-box!

Design and Implementation of Game Based Security Model to Secure the Information Contents

Provided by. RESEARCH ON INTERNATIONAL MARKETS We deliver the facts you make the decisions

A List of Market Design Problems in Video Game Industry

System Audit Checklist

Call Of Duty 4 Multiplayer Guide Pc Cheats Single Player Cheat

Hacking World Of Warcraft (ExtremeTech) By Daniel Gilbert, James Whitehead II READ ONLINE

Texas Hold Em Poker Unity Asset Store Project Multiplayer Version

Real Virtual Worlds SOS (State of Standards) Q By Yesha Sivan, Shenkar College of Engineering and Design & Metaverse Labs. Ltd.

CYBER SECURITY GUIDELINES FOR COMPUTER BASED GAMING APPLICATIONS

Requirements Specification. An MMORPG Game Using Oculus Rift

Online Gaming Category Overview

Online Games what are they? First person shooter ( first person view) (Some) Types of games

User behaviour based modeling of network traffic for multiplayer role playing games

Charlotte-Mecklenburg Police Department

Security APIs and Massively Multiplayer Games

Welcome to the fun and exciting business of growing small plants for profit! Enjoy, learn, and prosper.

2018 Gamefest Overwatch Official Rules Gamefest Overwatch Ruleset Georgia Tech Esports

Global MMORPG Gaming Market: Size, Trends & Forecasts ( ) November 2017

Instructions In Counter Strike 1.6 Warzone V1.4 Edition

Mmorpg unblocked free

PS4 Remote Play review: No Farewell to Arms, but a Moveable Feast

2 An n-person MK Proportional Protocol

An Overview on Game Cheating and Its Countermeasures

Since last half decade people of wide age range are attracted

Counter Strike Manual 1.6 Full Version For Pc With Bots

World of Warcraft: Quest Types Generalized Over Level Groups

The Value of Currency in World of Warcraft

Call Of Duty Modern Warfare 2 Update Patch Pc Cheats God Mode

Simulations. 1 The Concept

ibeacon Spoofing Security and Privacy Implications of ibeacon Technology Karan Singhal

Digital Citizenship Continuum

Design Document for: Name of Game. One Liner, i.e. The Ultimate Racing Game. Something funny here! All work Copyright 1999 by Your Company Name

Wireless Network Security Spring 2016

Ex 1: A coin is flipped. Heads, you win $1. Tails, you lose $1. What is the expected value of this game?

Online games, servers and networks

Why You are the Undiscovered Hero in Your Business. Special Presentation by John C. Robinson Award-Winning Author and Master Coach

Interfacing ACT-R with External Simulations

MMORPG REVIEW! ONLINE MAGAZINE VOLUME: 1 ISSUE: 2 DECEMBER 2005 TABLE OF CONTENTS TABLE OF CONTENTS...2. Trickster love at first site...

Gaming at the Library on a Shoestring Budget

Nishant l33t Verma 33 Rachel pwn Nabatian Weiye noob Zhang

Dominant and Dominated Strategies

3 The multiplication rule/miscellaneous counting problems

The Money Game By David Rapkin, Adam Smith READ ONLINE

the gamedesigninitiative at cornell university Lecture 4 Monetization

Band New guild creation Less than 10 players in a guild. Order 10 or more players in a guild Guild monument was destroyed

Research Article Development of Embedded CAPTCHA Elements for Bot Prevention in Fischer Random Chess

Get Your V-bucks Hack Tool Here

Transcription:

Gaming Security Aggelos Kiayias

Online Gaming A multibillion $ industry. Computer games represent a 10 bn $ market. Single games have sold as many as 20 million copies.

MMORPGs massively multiplayer online role playing game http://www.cracked.com/article_15657_world-warcraft-world-10-ways-online-gaming-will-change-future.html

Money virtual goods cost real money: $635,000 for a virtual resort purchase in the Entropia Universe (entropia Universe money PED have a fixed exchange rate to USD). real banking moves in.

Why Security is an issue? Game cheating is profitable for cheaters. threatens the game business model.

Criminal Behaviors (virtual)

Criminal Behaviors (real)

Protective Mechanisms Example : Punkbuster (used in Call of Duty, Quake and others) real-time scanning of memory for known cheats. screenshot samples. encrypted status reports.

WoW 12 million players >60% of the market game addiction issues virtual economy <=> real economy : 2007 a game character sold for $10,000

farming characters sweat shops for collecting XP s http://youtube.com/watch?v=ho5yxe6uvv4 grinding for XP s (maybe using bots) // ------------------------- // hoglund's WoW_Agro Macro // ------------------------- http://www.informit.com/articles/article.aspx?p=1074291&seqnum=6 highlights: - monsters are sought & engaged. - sampling color of pixels in screen to figure out health

Second Life http://community.secondlife.com/t5/featured-news/the-second-life-economy-in-q4-2010

Second Life Economy In 2008 there were 60000 users with positive cash flow. A small number of them were in-world-entrepreneurs making a (real) living in SL. SL rise and fall in google trends

Second Life Trading of user created objects a major business (selling virtual land is another) Copybot : client-side hack that enables object replication.

Cheating in Poker In texas hold em by ASF software the PRNG was seeded w/ msecs since midnight according to system clock! There are 86,400,000 msecs in a day and 52! = 8 10^67 possible shuffles. being relatively synchronous with the server can even reduce the time further. exact seed can be found by brute-force! http://www.informit.com/articles/article.aspx?p=1074291&seqnum=3

Two-party random number generation Alice and Bob want to flip a coin over the phone. Can they do it so that nobody cheats? Cryptographic tool : commitment scheme Two phases : committing phase / opening phase

Blum s Coin Flipping Protocol Alice flips a coin b. Alice sends a commitment of b to Bob. Bob flips a coin b and sends it to Alice. Alice opens her commitment of b to Bob. Both parties terminate with (b x-or b ).

Legal Issues applying DMCA EULA e.g. Frontpage 2002 You may not use the Software in connection with any site that disparages Microsoft, MSN, MSNBC, Expedia, or their products or services, infringe any intellectual property or other rights of these parties, violate any state, federal or international law, or promote racism, hatred or pornography." http://slashdot.org/articles/01/09/21/1438251.shtml

privacy issues monitoring your PC while you play. e.g. WoW warden (among other things) monitors the window title of every active window a program called governor can report to you what the WoW warden is doing. http://www.rootkit.com/vault/hoglund/governor.zip

Distributing State server server Real World Ideal Virtual World Hybrid Virtual World

Architecture Server is authoritative over clients : Server s state is the true game state. Player actions: ask permission (server validates & updates game state) do & inform later. Other player actions : receive regular state updates or receive when necessary.

Common Client Hacks Aimbotting. Wallhacking. Teleportation. inventory duplication. speed hacks. randomness control. http://pimpmygame.org/

Game State Distribution Suppose that data {T(x,y)}_{x,y} define the game state. Each player at any moment is at a certain location (x,y) and its gameplay depends solely on the data T(x,y). At each clock tick transmit state data to players. Approach #1: Maintain each player's location locally and for each player recover (x,y) and transmit T(x,y). Approach #2: Transmit {T(x,y)}_{x,y} to everyone, have the client pick up T(x,y). Hybrid between two approaches possible.

Cryptographic Game State Distribution Is there a way to make approach #2 more secure? Periodically make different keys for each cell (x,y). Transmit table {T(x,y)} with each cell encrypted according to the cell key. When client either moves to a new cell or its key expires it asks for the new key.

Real-Time Strategy Games in the peer-to-peer setting Abusing the resource system (e.g., resources do not decrease) Hacking the unit list (adding new units) Tampering with map visibility (lifting the fog of war ) Elie Bursztein, Mike Hamburg, Jocelyn Lagarenne, Dan Boneh: OpenConflict: Preventing Real Time Map Hacks in Online Games. IEEE Symposium on Security and Privacy 2011: 506-520

Game State in P2P Distinguish between the push and pull approaches. between clients. Push : client pushes changes to other clients. Pull: client pulls changes from other clients.

Cryptographic Set Intersection Alice and Bob have two sets A, B. Alice wishes to compute the intersection of the sets, so that Alice learns no element in B-A. Bob learns nothing.

P2P Game State Update Players have units distributed in a region Using an SI protocol: Receiving player s set is his visibility sub-region. Sending player s set is the sub-region where he has units. Output of the protocol: sub-region where receiving player has visibility and sending player has units

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback