2006. 2. 9 a taxonomy of online game attacks and defenses presentation computer and communication...

2006. 2. 9

A Taxonomy of Online Game Attacks and DefensesPresentation

Computer and Communication Security Laboratory

Korea University

Copyright © 2005 CCS lab., All rights reserved 2ㅊ

CONTENTS

INTRODUCTION

RESEARCH TREND

MOTIVATION

A TAXONOMY OF ONLINE GAME ATTACKS

RESPECTIVE ATTACKS AND DEFENSES MECHANISMS

EVALUATION

CONCLUSION


The shining star area people are enjoying enthusiastically

The emergence of online game cheating

INTRODUCTION

Sensational game popularity in Korea An example of game cheating


J.J. Yan and Ying-Chieh etc. : Classifying some key security issues(International Conference on Information Technology: Coding and Computing, 2005.)

Matt Pritchard : Patterning online game hacker’s rules out(Information Security, 2001.)

Brian Neil Levine, etc. : Secure online game network architecture (Global Telecommunications Conference Workshops, 2004.)

Brenda Harger etc. : Secure online game interface design(International Conference on Entertainment Computing 2004)

Christopher Ruggles etc. : The external factor of online game security(International Federation for Information Processing 2005)

RESEARCH TREND


Classifying online game attacks with respect to vulnerable spots

to know what threats exist in online game

Analyzing the principles of respective attack

Proposing defense mechanisms

Evaluating applied defense mechanisms to online games

MOTIVATION


A definition of game cheating

I I+1

Game variable set GS = {Memory, File, Time, Event, Packet}

J

Game cheatingNormal play

J ≠ I+1


A taxonomy of online game attacks


Server attacks

Session server

Database server

Game state computation

server

Update server

FTP server

Server directory attack Buffer overflow attack Inadequate parameter

attack SQL injection attack Backdoor attack

Game server group

Top Five Server Attack Techniques


Server countermeasure

Item IDItem max

transfer valueItem max

transaction number

User 1

User 2 … … …

… … … …


Online game network architecture


Network attacks

Game client

Proxy server

Game client (An attacker)

Game server group

Packet fabrication attack for game packet analysis

Packet pace attack for game packet speed or acceptance control

Packet flooded attack (DDoS) for game service interruption

Controlling packet

Clienttraffic control

Appling Random Pseudo Number

to game packet for

PACKET DISIMMILIARITY


Client attacks


Memory alteration attack


Memory alteration countermeasure

VirtualAllocMemory

OpenProcess

ReadMemory

WriteMemory

Memory access functions

Access denied by moving function execution pointers


File fabrication attack

A file fabrication attack made the target mark more accurate form.


File fabrication countermeasure

Game client Game server group

The latest file checksum inspection when running a game


Time frame-up attack


Time frame-up attack countermeasure

timeGetTime

QueryPerformanceCounter

Timer functions

Access denied by moving function execution pointers

Time synchronization check between server and client


Time frame-up attack countermeasure algorithm


Event faking attack


Event faking countermeasure

MouseEvent

KeyEvent

Check repetition actions by using simple data structure

Event functions

Checking events and access denied to event class


Fraud

Social engineering

Internal absurdity

Collusion

User attacks


Evaluation


The contribution of an attack classification

The importance of identifying attack mechanisms

Building up the defense mechanisms focusing the anomaly the

attacker provokes

Future work : Developing more accurate and reliable

anomaly-detection solutions to online games

Conclusion

2006. 2. 9 a taxonomy of online game attacks and defenses presentation computer and communication...

Documents