Today - PowerPoint PPT Presentation

About This Presentation
Title:

Today

Description:

... A hacked server biases game-play toward the group that knows of the hacks ... language may leave you open to hacks not related to the game itself (ie ... – PowerPoint PPT presentation

Number of Views:62
Avg rating:3.0/5.0
Slides: 12
Provided by: Stephen787
Category:
Tags: hacks | today

less

Transcript and Presenter's Notes

Title: Today


1
Today
  • Cheat prevention (and cheat techniques)
  • Great article http//www.gamasutra.com/features/2
    0000724/pritchard_01.htm
  • Evaluations

2
Why Care About Cheats?
  • Online gaming is big business
  • Cheats can achieve financial advantage
  • Competitive games with prizes are the obvious
    example (casinos)
  • Also consider EverQuest People play the game,
    build good characters, and then auction them on
    Ebay. If they can cheat to obtain good
    characters, they are achieving unfair financial
    advantage
  • Cheats can ruin the game for everyone
  • Players tend to have a strong sense of fairness
  • If they believe they are being cheated, they will
    not play, and you will not make any money
  • Single player cheaters typically only affect
    themselves, so you dont care

3
Sources of Cheats
  • Reflex augmentation Use a cheat to improve some
    aspect of physical performance, such as the
    firing rate or aiming
  • Authoritative clients Clients issue commands
    that are inconsistent with the game-play, or
    mimic the server
  • Information Exposure Clients obtain information
    that should be hidden
  • Compromised servers A hacked server biases
    game-play toward the group that knows of the
    hacks
  • Bugs and Design Loopholes Bugs are found and
    exploited, or parts of the program intended for
    one purpose are used for another
  • Environmental Weakness Differences or problems
    with the OS or network environment are exploited

4
Observations About Cheating
  • Brewers rule The only way to make a system 100
    secure is to completely isolate it (Eric Brewer,
    1996)
  • Pritchards Rules (Gamasutra article)
  • If you build it, they will come - to hack and
    cheat
  • Hacking attempts increase as a game becomes more
    successful
  • Cheaters actively try to control knowledge of
    their cheats
  • Your game, along with everything on the cheaters
    computer, in not secure - not memory, not files,
    not devices and networks
  • Obscurity is not security
  • Any communication over an open line is subject to
    interception, analysis and modification
  • There is no such thing as a harmless cheat
  • Trust in the server is everything in
    client-server games
  • Honest player would like the game to tip them off
    to cheater, hackers hate it

5
Reflex Augmentation
  • Aiming proxies intercept communications, build a
    map of where people are, and automatically shoot
    them
  • Rapid-fire proxies take each shoot packet and
    replicate it
  • Fix 1 The server validates player actions - if
    they are too good the player is considered a
    cheat and kicked out
  • Problem is calibration You have to find the
    cheats while not penalizing excellent players
  • Fix 2 Make it difficult to insert non-valid
    packets
  • Encrypt the packets, but your encryption must be
    cheap, and cheap encryption can be broken
  • Make the encryption depend on the game state or
    other time-dependent random value. Hard to do
    with UDP
  • If using guaranteed delivery (TCP) serialize
    packets with a unique sequence of numbers -
    cannot then replicate or insert extra packets

6
Authoritative Clients
  • Occurs when one players game informs everyone
    else that a definitive event has occurred e.g. I
    just got a power-up
  • Hacked clients can be created in many ways
    change the executable, change game data in other
    files, hack packets
  • Fix is to insert command request steps
  • Player request an action, its validity is
    checked, it is sent out on the network, and added
    to the players pending queue
  • Incoming actions also go on the pending queue
  • Actions come off the pending queue, are validated
    again, and then are implemented
  • Sometimes validation is hard to get right, so try
    synchronization
  • Occasionally send complete game state around, and
    compare it
  • Actually, send something derived form complete
    game state

7
Information Exposure
  • Some classics Modify the renderer to make walls
    transparent, modify maps to remove the fog of war
  • Basically, display variables must be modified in
    memory, or read out and displayed elsewhere
  • Hackers are very good at finding the locations of
    key data in memory, and modifying them
    transparently
  • Fixes
  • Check that players agree on the value of certain
    variables, and the validity of actions -
    synchronization again
  • Note that you can look for actions that cannot be
    valid with the correct display
  • Compile statistics on drawing, and see of they
    look off (eg polygons drawn)
  • Encrypt data in memory to avoid passive attacks

8
Compromised Servers
  • Many servers have customization options, and the
    community is encouraged to modify the server
  • This is completely legal
  • However, as a game become popular, naïve people
    start to play the game
  • They do not have the skills or knowledge to check
    that the server they are playing on is pure
  • They will grow frustrated, blame the developer,
    and complain to their friends
  • Some modifications can be very insidious, and may
    not be legal. For example, hack the serve to do
    different damage for opponents, and small
    differences add up
  • Solution is to warn people when they connect to
    the server, and about any other non standard
    properties (found through validation)

9
Bugs and Design Issues
  • Some bugs enable cheating, such as a bug that
    enables fast reloading, or one that incorrectly
    validates commands
  • Some design decisions make cheating easier
  • Embedding cheats codes in single player mode
    makes it easy for a hacker to track down the
    variables that control cheats
  • Poor networking or event handling can allow
    repeat commands or other exploitations
  • Age of Empires and Starcraft example all
    resource management is done after all events for
    a turn are processed. Poor networking allowed
    multiple cancel events on the queue, which
    restored multiple resources
  • Solution is to avoid bugs and think carefully
    about the implications of design decisions on
    hacking

10
Environmental Weaknesses
  • Facilities to deal with the OS or network may
    leave you vulnerable to some forms of attack
  • Interaction with the clipboard can introduce
    non-printable characters
  • Interaction with almost any scripting language
    may leave you open to hacks not related to the
    game itself (ie your game could be a way in)
  • Network connection drops or overloading can cause
    problems
  • Some cheats destroy the game for every player
    (tip the board) which can be useful if you are
    losing
  • Others knock off a specific player (your worst
    enemy, one assumes)

11
The Moral of the Story
  • You cant win, you just try to make cheating as
    hard as possible and contain the damage
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Today" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!