An Overview on Game Cheating and Its Counter- measures - CiteSeerX

12 downloads 0 Views 139KB Size Report
cheater stay in a corner where the other players can't ... When the player will lose the game, he .... will lose all including his game role, the game record, the.
ISBN 978-952-5726-07-7 (Print), 978-952-5726-08-4 (CD-ROM) Proceedings of the Second Symposium International Computer Science and Computational Technology(ISCSCT ’09) Huangshan, P. R. China, 26-28,Dec. 2009, pp. 195-200

An Overview on Game Cheating and Its Countermeasures 1,2,3

Xiao Lan1, YiChun Zhang2, and Pin Xu3

Digital Media Technology, Communication University of China, Beijing, China Email: [email protected], 2,3{zhangyichun, xupin}@cuc.edu.cn game cheating differs in motivation, target, principle, consequence and so on. For example, cheater uses gamebot (malware in moral view) intentionally, but in convention security scenario, malware executes violating user’s intention.

Abstract—Game cheating has become a serious problem embarrassing the long term development of computer game. However, there’s no complete taxonomy survey on game cheating up to date yet. In this paper, we give the strict definition and complete taxonomy on game cheating. Our taxonomy is with cheating logic, and is classified by cheating motivation, cheating principal, cheating executants, cheating environment and the consequence. What’s more, we give a classification and survey on relevant cheating countermeasure methods.

B. Related work As game cheating is evolving rapidly, it is important that make sure what game cheating means to players and game corporations. If people reach a consensus on game cheating, it’s helpful keeping the virtual game world orderly. Up to now, many researchers have attempted giving a precise definition of game cheating or constructing a framework to classify game cheating. Definition: In order to distinguish smart play from cheating, Yan[2] define the cheating as” Any behavior that a player may use to get an unfair advantage, or achieve a target that he is not supposed to be.” But by this definition, it’s difficult to judge player’s actions as cheating because how to define “unfair advantage” is ambiguous. As an improvement, a more sufficient definition was presented by Yan[3] as “any behavior that a player uses to gain an advantage or achieve a target in an online game is cheating if, according to the game rules or at the discretion of the game operator the advantage is unfair to his peer players or the target is one that he is not supposed to achieve”. The improved definition focuses on the online cheating only, console game is excluded. So we define game cheating with minor modification as “any behavior that a player uses to gain an advantage out of the context of the game rules’ permission or achieve a target that he is not supposed to be is game cheating”. Additionally, the rules should contain not only the rules in virtual world also the rules related to the game in real world. Taxonomy: Pritchard [4] listed the game cheating manners that have occurred in various games. And he proposed a six-category which comprised of reflex augmentation, authoritative clients, information exposure, compromised servers, bugs and design loopholes, and environmental weaknesses. Reflex augmentation places extra emphaises on producing superior results from player’s reaction. For example, aiming proxy in FPS games is a form of this type. The main form of authoritative clients cheating is modifying the game data such as modifying memory data to change the game properties and altering the network communication data packets to effect the result of certain game events. Information exposure is different from authoritative clients, cheating with information exposure does not modify game data directly but just expose them to cheater,

Index Terms—computer game; online game; game cheating; cheating countermeasure

I. INTRODUCTION A. Background Thanks to the booming development of computer and networking technologies, computer games have profoundly influenced our daily life. The games before 1990’s are only within one player mode that the opponent is computer AI. We call them console games. In recent years, online games have become prevalent in the game production industry and they are popular with youths. However, for all the game players, their fulfillment is to win. Some players want to win without corresponding efforts and with unfair advantages over opponents, so game cheating emerges. In order for fair players own sake and game development, it’s necessary for us to look into game cheating behaviors, summarize something in common and work out corresponding countermeasures at last. However, there’s no systematic and integrated overview on game cheating, and it limits the further investigation. As far to our knowledge, there’re three problems need to be solved when someone wants to game cheating summarization. The diversity of cheating behavior: As the game style differs from one to another (such as 1st-person shooters FPS, massively multiplayer on-line role-playing games MMORPG, and peer-to-peer games P2P[1]), corresponding cheating techniques are complicated and multiplex. Furthermore, new cheating manners are emerging with the development of game. The insecurity of virtual world: The rules in virtual are different from those in real world. Game server cannot guarantee all personal data of the players in the virtual world are reliable and secure. When a cheater join a game using an untruthful personal data, it’s possible for him doing whatever he wants without supervision. The difference between game cheating and traditional security attack: Game cheating is an emerging security problem. Comparing to traditional security-related threat, © 2009 ACADEMY PUBLISHER AP-PROC-CS-09CN005

195

items. For example, due to the amount of time needed to gain experience and items in massively multiplayer online role-playing games, some people have resorted to cheating to take a short cut to the higher levels of the game. Obtain economic interest: Virtual characters and items in online games can be traded for real money. A cheater might offer less and get more virtual advanced items by some kind of cheatings, so he can turn the virtual stuff into real money[6].

and cheater gains game knowledge advantage over opponents. For example, the cheater catches the data packets from network, and then analyzes them to obtain the hidden information such as the location of online opponents. The cheating with compromised servers occurs at game supporting server. The cheater first attacks the game servers using some familiar hacking techniques, and then modifies the server data or gets the information of other players. As the implemenataion of game architecture and game rules is complex and imperfect, exploiting bugs and design loopholes become a popular way of cheating. Environmental weaknesses is “something of a catchall for exploitable problems a game may have on particular hardware or operating conditions[4]”. For example in some games, cheater uses advanced display card which is of high brightness to show the dark places. But this categorization doesno't cover all types of cheating manners. As cheating behaviors are evolving, many emerging cheating behaviors cannot fit into any of these categories. For example, some behaviors such as cheating collusion, operator cheating and client hacking are not included. In [2], game cheating has been extended into 11 commom cheating classes. Since new cheating forms are added, 4 more cheating were added in [5]. Meanwhile, according a three dimensional taxonomy, online cheating was classified by “the underlying vulnerability (what is exploited), the cheating consequence (what type of failure can be caused), and the cheating principal (who is cheating).” This framework is helpful for cheating understanding, but their work doesn't cover the countermeasures. In order to make better understanding emerging research area of game cheating and boost anti-cheating improvement, we propose a novel classification of game cheating depending on cheating motivation, cheating principal, cheating location and its consequence in a more logical way. What's more, we do an overview of current anti-cheating techniques and point out their relations to our cheating taxonomy. The novel taxonomy will be presented in Section II. We present relevant anti-cheating methods and potential improvement in Section Ш. And conclusion is given in Section IV.

B. Approach of cheating Modify game software or data: Running online game needs to install game client software and connect to Internet. So cheater can modify the software directly such as removing validating routines, modifying configuration parameters, rewriting some parts of game software and so on[7]. Also, when game software is running in the memory, cheater can modify the memory data so as to influence the running game because of most game attributes are stored in the memory. When a game is running within local memory, cheater can look for the critical variables and then change them. Game sensitive data can be deteced not only in local memory but in the packets transfering via the networks and in server's database. Game related packets include commands and sensitive information so that cheater can insert, delete or modify the packets to illegally obtain competition advantage. In the online fighting action game, cheater may modify the data packets to strengthen destructive power of the cheater's role[17]. The data stored in server's database usually contain player’s private information and game state, they can be modified by game operator or administrator which forms a new kind of cheating. A third-party tool but not modifying games: The cheating tools may be some softwares, number of small programs, game bots, or intelligent computers. Instead of modifying the data directly, some tools collect the information from the memory and networking packets, analyze these information, and form a clear report on game state. For example, cheater can determine the competitor's location by analyzing packets which contains game sound information. For another instance, in the chess tournament online, if a cheater uses a computer to predict opponent's behavior and design a best policy, he will gain huge advantage on the next move easily (just follow computer's prediction). Via modifying the graphic drive, cheater can make the walls transparent or help themselves accuratly aim. Game bots are common in most online games. For example, players use bots to perform repetitive tasks to save a great deal of time. Game bots can shoot more accurately in FPS. In order to gain high scores and the reputation, cheaters ues bots to join in the game instead themselves[16]. In addition, cheater can also deny other players’ service with a network attacking tool. When networking condition is harsh, players can not play the game normally. The cheater may can use some flooding attacks, blocks the communication between server and competitor, delays opponents’ response. Finally, opponents are likely to be kicked out of the game[10] according to current game

II. NOVEL TAXONOMY OF GAME CHEATING We classify the game cheating in a logical order. The relationship between cheating behavior and our classification is shown in TABLE I. The more detailed illustrations are as follows. A. Motivation of the cheating In console games: The motivation is trivial. It is to defeat the computer AI opponent easier and faster. In online games: There're three main goals as follows: Defeat the competitor or avoid failure: In most P2P and FPS games, players cheat to augment the probability of winning. Get higher game level: Higher level means stronger power, access to advanced plot and usufruct of better 196

state update, network and computational latency and so on [9]. Steal other player’s ID/Password: ID or password is the key for player accessing to the game system[7]. It is also used for keeping his account alive and doing business in virtual world. Therefore, driven by the economic interest, the cheater tries everything available to steal other player’s ID and password. Stealing can be approached by attacking server's database or accessing to other’s personal PC with common hacking techniques.

rules. Victim player in car racing online games will loose continuity of driving if he suffers from cheater’s flooding attack. Collude with other players or game operator: People can collude with other players to gain unfair advantage over their honest opponents in online games[8]. In online bridge games or poker games, cheaters illicitly exchange card information over the other communication tools so that they can grasp the information of the honest competitors. Another typical example is “win-trading” in which cooperative players lost to the other alternatively in order to raise cheaters’ victory numbers[14]. Furthermore, cheaters can collude with the game operators who have access to modify the game database. Collude operators are able to create a strong role for cheaters. Exploit bug or loophole: Not only bugs of game design are expoited, but also the rules loophole[8]. This kind of cheating is resulted from system design flaws and imperfect game rules or policies. A good example is a socalled "camping" behavior in online war games[2]. The cheater stay in a corner where the other players can't shoot him easily. Then he is only to wait for the time running out or killing the enemy who is passing the place. The "corner" is one loophole of the game design. Moreover, making use of rule loopholes, cheater may advoid failure. When the player will lose the game, he may escape the game or make himself disconnecting from the game. So in his record, there will be less failures. Time cheating: A cheating player can delay his own move until he knows all the opponents’ moves. So he can obtain more time to react to a game event than a honest player. Time cheating involves message exchange, game

Consequence

Location

Cheater number

Motivation

TABLE I.

Defeat the competitor or avoid failure Get higher game level

D. Location of cheating In modern online game world, there are three types game based on networking infrastructure: distributed game, centralized game, and client/server game. So we

TAXONOMY AND RELATIONSHIP OF GAME CHEATING BEHAVIORS Approach Collude with other Exploit bug players or game or loophole operator

Modify game software or data

A third-party tool but not modifying games

















Obtain economic interest



Single player



Game operator



Multiple players Player with operator Client Server Network Real world Game enjoyment losing Threaten security of other’s PC Economic losses

C. number of cheater Single cheater; Single cheater can cheat either in single-player or multi-player online games. Single cheater may be a game player or a game operator[5]. Almost single cheater cheating are executed by single player except modifying servers’ database is conducted by game operator. Multiple cheaters: This cheating usually happens in multi-player online game. The cheaters can collude with other players or game administrator. Collusion among players results in game victory, but cheating players cannot gain extra benefits. However, if the collusion involves game administrator, things go even worse. Cheaters are not only with game victory, it’s possible for they to obtain a stronger role or advanced items. Especailly, cheaters is able to steal the other players’ ID/Password, and turn it into the economic interest (real money).

Time cheating √

√ √

Steal other player’s ID/Password

√ √



√ √

√ √ √



√ √

√ √

√ √

√ √











√ √





197



Ш.

divide the cheating scene into four classes. Act at client: Online game software is installed at the client side. The cheater use assistant tool which was running on client side. Frankly speaking, game software implementation is imperfect, the player will find out the bugs and loopoholes eventually. Cheating behaviors such as modifying game software or memory , using a thirdparty tool and exploiting bugs or loopholes is inevitablely at client’s computer. Act at servers: Server’s database stores Information of all players, including ID/Password, role information and so on. In special business platform, player can trade the game characters or items into real money. If cheater attack the server, he is able to obtain other players’ information and change game role attributes. Usually, cheaters achieve the goal using hacking tools. However, the game operator who has the privilege to manage the game is able to cheat easiy and change anyone’s information at his will. So it happens sometime that cheater bribes operator for game benefits. Act in Network: Network is the only communication media between clients and servers, player and his competitor. It is important to build effective networking enviornment supporting online game. Cheaters modify the data flow between client and server, and influence the game result by changing the game commands or actions. Cheaters also can analyze the data to expose the hidden information. For example, time cheating involves data exchange and data update. It helps cheaters obtain more reaction time. Another example is flooding attack. Cheater blocks competitor’s communication so that victim will result in incorrect game reaction. Act in Real world: Cheating happens not only in virtual world but in real world as well. Game collusion is a traditional cheating manner which happens in the real world. Colluders illicitly exchange the game information so that they gain unfair advantage over their honest opponents, and it’s beyond the virtual game rules.

ANTI-CHEATING SOLUTIONS

Using the cheating classification above, we classify our counter-measures more explicitly, following is relevant anti-cheating methods. taxonomy of anti-cheating solution depending cheating classification is presented in TABLE II.

can the The on

A. Education and punishment According to different cheating motivations, game service provider can make different education and punishment policies at the same time respectively. Education is that let players realize the moral and economic risks on cheating. Meanwhile, the punishment policy against cheater is getting rigorous. Once the player is found cheating, his ID/Password will be banned. So he will lose all including his game role, the game record, the items even his account.

E. consequence of cheating Different cheating behaviors may cause different consequences. We list four main consequences as follows: Harmless: In console games, cheating is only the tool with which the player can finish the game easier and faster. These cheatings doesn’t harm other pepole. Game enjoyment losing: The joy of the game exists in the fierce competition. But cheating destroys the balance among players. Then game enjoyment for whole is losing. The more common cheating emerges in a game , the more fair players lose their interests . Threaten the security of other players’ PC: Hacking techniques are used in game cheating for the purpose to steal other players’ IDs/Passwords. This means that players’ PC will in danger when cheating happens . Economic losses: IDs and Passwords losing may result in the accounts and virtual items losing. For example, player can reach high level or get advanced items more easily via cheating. Reduced gaming time will cut down the income of the game service provider[18]. 198

B. Anti-cheating methods Software and data protection: Encryption is used to prevent data from modification. Encryption can encrypt critical information in memory and in the transferring packets so that the attackers can't recognize the location of the elements and change them. TRM (Tamper Resistant Module) is one effective method to prevent the software cracking. TRM can verify the integrity of software whether the modification occurs in it [7]. Binaries protection is also an effective solution in the long term to prevent modification. Binaries protection [12] introduces dynamic mobile agents that an original agent is periodically downloaded and executed. So it is difficult for the cheater to break it due to the download code is always new. In [19], such a technique is also presented. “Mobile Guard” is used to ensure “the integrity of the protection mechanisms the solution does not statically embed them into the game-client”. At the same time, Randomly Created Checksum Algorithms (RCCAs) enforce Mobile Guard to be executed. The limitation of this method is that it only prolongs protection time but is not a complete protection all the time. Detection: For the data analyzing, encryption and binaries protection is also applied because the information comes from the memory data and network packets. For the third party programs, servers can detect them by scanning the memory of the client computer. Cheating detection also could be provided by honest players’ prosecution. If they find the people who act abnormally, they can report to game administrator. The third method of detection takes place on the servers. The servers record players’ actions and analyze them. By digging into the log, servers can find out the cheater [15]. Most of the detection methods are bots detection ones. Golle and Ducheneaut [20] propose two approaches to prevent bots with the CAPTCHA tests. This test is effective but it spoils the game continuity of the honest player. Except above method, we can use passive detection method. In [16], comparing real-life traces with the avatar’s movement controlled by the players directly, researchers propose a trajectory-based approach. In [21], researchers show the traffic differences between those

generated by bots and by human players in various aspects. But the two works focus on one side only. The former assumes the bots controlled by the player directly, and in the later, the bots work as a standalone client. Random assign and operator management: Deal with multiple-players cheating: When the player joins in the game, system will distribute him into the room randomly. But this solution separates players who want to play with the partner he is familiar with. Therefore, current game usually provides two different running models: one is random, the other is unlimited. Deal with player with game operator cheating: To prevent the information leaking out, it can be solved by reducing the power of game operator, building more rigorous punishment policy and logging the game operating events. Enough test and timely update: It is impossible that one game is perfect without bug or loophole. Cheating cannot be avoided but can be reduced. Before the game shipment, the game developer need take more time to scrutinize the game. And anytime they find the bug or loophole, they need to make the update package timely. Cheat controlled protocol: Cheater using time cheating who controls the communication message has additional time to react to honest player’s action. In [11], the paper presents a protocol that can be used to control cheating in reaction time based message ordering schemes. Protection of information and PC: The attacking target of cheaters may be the servers or the player’s computer. So installing a personal firewall is necessary for client computer to protect personal information and ensure PC security. At the same time, it is vital to improve the central server’s security, and robust mechanisms should be introduced identifying the ID/Password. Also, detection mechanism is necessary to find out the cheaters.

TABLE II.

TAXONOMY OF ANTI-CHEATING SOLUTION

Cheating

Anti-cheating Solutions

Approach

Motivation

Education and punishment

Modify game software or data

Software and data protection

A third-party tool but not modifying games

Detection

Collude with other players or game operator

Random assign and operator management

Exploit bug or loophole

Enough test and timely update

Time cheating

Cheat controlled protocol:

Steal other player’s ID/Password

Protection of information and PC

Cheater

Proof of identity for player

Location: in network

Protocol-level solution

Consequence

Risk management

be more secure with the combination of password and certificate. IV.

CONCLUSION

In this paper, a novel classification of game cheating is presented by cheating motivation, cheating approach, cheater number, cheating location and cheating consequence. Combining with reviewing the earlier research works, we get a more systematic and structured cognition on game cheating. The introduction about cheating motivation and cheater can help the service providers to find out who is with higher probability to be the cheater. Nowadays, computer games have become one of most common computer applications in our daily life. Games do not only affect our entertainment life but change industry provision chain as well. The number of crime that caused by game cheating are continually raising [14]. But game security is still an emerging research area. Many existing problems in game cheating remain unsolved. People should pay more attention on game cheating and related security development.

C. Proof of identity for player At the present time, game service provider still lack a systemic authentication scheme to judge the validity of players’ identity. The cheaters can use false personal data to login in the game and then destroy games. If their passwords are banned, they can register another one. So strengthen the identity management is extremely urgent.

ACKNOWLEDGMENT This work is supported by “211 project” and “382 project” of Communication University of China.

D. Protocol-level solution When cheating happens on network level, using anticheating protocol is the mainstream solution [12]. The protocols are created to restrict the time or mode of message transferring through network. For example, the protocol for time cheating judges the cheating behavior by transmission time of all kinds message. In [13], secure protocol based on public key cryptography is presented to detect cheating on P2P online games.

REFERENCES D. Saha, S. Sahu, and A. Shaikh, “A Service Platform for On-Line Games,” Proceedings of the 2nd workshop on Network and system support for games table of contents, Redwood City, California, pp. 180–184, 2003. [2] J .Yan and H.J. Choi, “Security Issues in Online Games”, The Electronic Library, MCB, UP, Ltd,Vol. 20, No.2, pp. 125-133, 2002. [3] J.Yan, “Security Design in Online Games”, in Proc. of the 19th Annual Computer Security Applications Conference, IEEE Computer Society, New York, pp.286-295, December, 2003. [4] M.Pritchard, “How to Hurt the Hackers: The Scoop on Internet Cheating and How You Can Combat It”, Information Security Bulletin, pp.33, February 2001. [1]

E. Risk management Game company should build a special department dealing with prosecution reports from the players who suffered from cheating. ID/password should not be the only approach accessing to user’s account. Digital certificate technique can be introduced. The account will

199

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

J.Yan and B.Rendell,”A systematic classification of cheating in online games”, NetGames 05, Hawthorne, New York, USA,ACM, pp.1-9, October 10–11, 2005. J. Zetterström,”a legal analysis of cheating in online multiplayer games”, Göteborg University, Master Thesis, March 2005. J. Ki, J. H. Cheon, J-Uk Kang, D. Kim,”Taxonomy on Online Game Securitty”, the Electronic Library, Vol. 22, No.1, pp.65-73, 2004. P. J. Brooke, R. F. Paige, J. A. Clark, S. Stepney,” Playing the game: cheating, loopholes, and indentit”, SIGCAS Comput. Soc., Vol. 34, No. 2. September , 2004 B.D.Chen and M.Maheswaran,” A cheat controlled protocol for centralized online multiplayer games”, Proceedings of 3rd ACM SIGCOMM workshop on Network and system support for games, Portland, Oregon, USA, ACM, pp. 139-143, 2004. H.B.-L. Duh and V.H.H. Chen, “Cheating behaviors in online gameing”, Online Communities and Social Computing, Springer Berlin / Heidelberg, vol. 5621/2009, pp. 567-573, 2009 J. Hu and F. Zambetta, “Security issues in massive online games”, Security and Communication Networks, Vol. 1, No. 1, pp.83-92, 2008. S. Bernard, M.G. Potop-Butucaru and S. Tixecuil, “Cheats in online video games: detection, analysis, and countermeasures”, [2008], http://www.thlab.net/old/rescom2008/posters/Samuel_Bern ard.pdf H. Yoshimoto, R. Shigetomi and H. Imai, “How to protect peer-to-peer online games from cheats”, Proceedings of the Symposium on Information Theory and Its Applications, Vol. 27, No.1, pp.315-318, 2004.

[14] R. Joshi, “Cheating and virtual crimes in massively

[15]

[16]

[17]

[18]

[19]

[20]

[21]

200

multiplayer online games”, technical report, Roal Holloway, University of London, January 2008. K. Warns, “Cheating Detection and Prevention in Massive Multiplayer Online Role Playing Games”, The Seventh Annual Winona Computer Science Undergraduate Research Symposium, Winona, MN, April 2007. K. Chen, A. Liao, H. K. Pao and H. Chu, ” Game Bot Detection Based on Avatar Trajectory”, Lecture Notes In Computer Science, Vol. 5309 , Pittsburgh, pp.94-105, 2008. P. Laurens, R.F. Paige, P.J. Brooke and H. Chivers, “A Novel Approach to the Detection of Cheating in Multiplayer Online Games”, Proceedings of the 12th IEEE International Conference on Engineering Complex Computer Systems, Auckland, pp.97-106, 2007. D. Pelland, “Hackers, Cheaters Threaten Online Games' Business Model”,March 3,2005, http://www.kpmginsiders.com/display_analysis.asp?cs_id= 126855 C. Monch, G. Grimen, and R. Midtstraum, “Protecting online games against cheating”, in NetGames 06: Proceedings of 5th ACM SIGCOMM workshop on Network and system support for games, New York , USA, ACM, pp.20, 2006. P. Golle, N. Ducheneaut, ”Preventing bots from playing online games”, Computers in Entertainment, Vol.3(3), New York, ACM, pp.3, July 2005. K.T. Chen, J.W. Jiang, P. Huang, H.H. Chu, C.L. Lei, W.C. Chen, “Identifying MMORPG bots: A traffic analysis approach.”, Proceedings of the 2006 ACM SIGCHI international conference on Advances in computer entertainment technology, Vol.266, No.4, Los Angeles, USA,ACM, pp.20-23, June 2006.