Identifying MMORPG Bots: A Traffic Analysis Approach By Kuan-Ta Chen, Jhih-Wei Jiang, Polly Huang, Hao- Hua Chu, Chin-Laung Lei, and Wen-Chin Chen Presented.

Slides:

Advertisements

Similar presentations

Internet Measurement Conference 2003 Source-Level IP Packet Bursts: Causes and Effects Hao Jiang Constantinos Dovrolis (hjiang,

Advertisements

This work was supported by the TRUST Center (NSF award number CCF ) 1. Setting up experiment on DETER testbed a)Created twelve pc backbone nodes.

Stopping cheaters since By: Tigran Gasparian.

Measurement in Networks & SDN Applications. Interesting Questions Who is sending a lot to a subnet? – Heavy Hitters Is someone doing a port Scan? Is someone.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

This game is loosely based on the Whack-A- Mole arcade game.  Each game starts with 45 seconds of play.  Moles randomly pop out of holes on the landscape.

Thin to Win? Network Performance Analysis of the OnLive Thin Client Game System By Mark Claypool, David Finkel, Alexander Grant, and Michael Solano Submitted.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.

Visual jMUD Oscar Chen CS491. Important Note The IMAGES used in this presentation and demonstration of Visual jMUD are COPYRIGHT by their respective holders.

Algorithmic and Economic Aspects of Networks Nicole Immorlica.

Transport Protocol Enhancements for Thin Streams Magda El Zarki Prof. of CS Univ. of CA, Irvine

Feedback Based Routing Offense by: Ted Merchant and Kevin Tan.

Jaren Peterson Presents Can We Prevent Collusion in Multiplayer Online Games? Jouni Smed, Timo Knuutila, Harri Hakonen.

RD-CSY /09 Distance Vector Routing Protocols.

On the Sensitivity of Online Game Playing Time to Network QoS Kuan-Ta Chen National Taiwan University Polly Huang Guo-Shiuan Wang Chun-Ying Huang Chin-Laung.

PCP: Efficient Endpoint Congestion Control To appear in NSDI, 2006 Thomas Anderson, Andrew Collins, Arvind Krishnamurthy and John Zahorjan University of.

Hash, Don’t Cache: Fast Packet Forwarding for Enterprise Edge Routers Minlan Yu Princeton University Joint work with Jennifer.

BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.

Hjemmeeksamen 1 INF3190. Oppgave Develop a monitoring/administration tool which allows an administrator to use a client to monitor all processes running.

Network and Systems Laboratory nslab.ee.ntu.edu.tw Te-Yuan Huang, Kuan-Ta Chen, Polly Huang Network and Systems Laboratory National Taiwan University Institute.

Network and Systems Security By, Vigya Sharma (2011MCS2564) FaisalAlam(2011MCS2608) DETECTING SPAMMERS ON SOCIAL NETWORKS.

Topics to be covered 1. What are bots,botnet ? 2.How does it work? 4.Prevention of botnet. 3.Types of botnets.

Starcraft Opponent Modeling CSE 391: Intro to AI Luciano Cheng.

Scanner Run Jared Wilkin Chris Good. A Children’s Game.

NTERFACING THE MORPC REGIONAL MODEL WITH DYNAMIC TRAFFIC SIMULATION INTERFACING THE MORPC REGIONAL MODEL WITH DYNAMIC TRAFFIC SIMULATION David Roden (AECOM)

Firewalls. Intro to Firewalls Basically a firewall is a __________to keep destructive forces away from your ________ ____________.

Want to get on with your World War Two project homework? Here are some useful research links:

Jeopardy AtlasAlmanac WILD Encyclopedia Internet Q $100 Q $200 Q $300 Q $400 Q $500 Q $100 Q $200 Q $300 Q $400 Q $500 Final Jeopardy.

TCP and SCTP RTO Restart draft-hurtig-tcpm-rtorestart-02 Michael Welzl 1.

Scenario: Internet Attack Eunice Huang. What is DDoS? A denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to.

1 IEEE Meeting July 19, 2006 Raj Jain Modeling of BCN V2.0 Jinjing Jiang and Raj Jain Washington University in Saint Louis Saint Louis, MO

By Gianluca Stringhini, Christopher Kruegel and Giovanni Vigna Presented By Awrad Mohammed Ali 1.

Web Botnet Detection Based on Flow Information Chia-Mei Chen, Ya-Hui Ou, and Yu-Chou Tsai, National Sun Yat –Sen University,IEEE 2010.

On The Battle between Lag and Online Gamers Po-Han Tseng, Nai-Ching Wang, Ruei-Min Lin, and Kuan-Ta Chen Institute of Information Science, Academia Sinica.

PCP: Efficient Endpoint Congestion Control NSDI, 2006 Thomas Anderson, Andrew Collins, Arvind Krishnamurthy and John Zahorjan University of Washington.

Pin-Yun Tarng / An Analysis of WoW Players’ Game Hours Network and Systems Laboratory nslab.ee.ntu.edu.tw IEEE/IFIP DSN 2008 Network and Systems Laboratory.

MySQL and GRID status Gabriele Carcassi 9 September 2002.

1 Running Experiments for Your Term Projects Dana S. Nau CMSC 722, AI Planning University of Maryland Lecture slides for Automated Planning: Theory and.

Identifying MMORPG Bots: A Traffic Analysis Approach (MMORPG: Massively Multiplayer Online Role Playing Game) Kuan-Ta Chen National Taiwan University Jhih-Wei.

1. Why?. Learn about web Why ? Make statistics useful.

High Performance Research Network Dept. / Supercomputing Center 1 DDoS Detection and Response System NetWRAP : Running on KREONET Yoonjoo Kwon

Yanfei Fan, Yixin Jiang, Haojin Zhu, Xuemin Shen, Jiming Chen.

Global Clock Synchronization in Sensor Networks Qun Li, Member, IEEE, and Daniela Rus, Member, IEEE IEEE Transactions on Computers 2006 Chien-Ku Lai.

Steps to fill 2 nd semester main exam form Presentation of.

11 A First Step towards Live Botmaster Traceback Daniel Ramsbrock, Xinyuan Wang, and Xuxian Jiang - the 11th International Symposium on Recent Advances.

Director: Sheng-Wei Chen Presenter: Shun-Yun Hu. MMNet Intro Multimedia Networking and Systems Laboratory Established since Dr. Sheng-Wei Chen (Associate.

Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.

Introduction to Scratch We will be using the Scratch Environment today, so please log in to the Scratch website (scratch.mit.edu)

Final Project: Advanced Security Blade IPS and DLP blades.

Final Project: Advanced security blade

THE ULTIMATE GUIDE TO RAILWAY GK TOPICS By Eduncle.

Congestion Control Evaluation in Dynamic Network

Network Attacks Dylan Small.

What is Bash Shell Scripting?

کارگاه آموزشی روش های بهینه سازی استخراج سنگ

Computer networking By Mustafa.

مبررات إدخال الحاسوب في رياض الأطفال

P-value Approach for Test Conclusion

تحليل الحساسية Sensitive Analysis.

الفعل ورد الفعل ♠ ♠ ♠ مجلس أبوظبي للتعليم منطقة العين التعليمية

oTree: An open-source platform for lab, web, and field experiments

Offense Questions: Botnet detection

EDLC(Embedded system Development Life Cycle ).

21twelveinteractive.com/ twitter.com/21twelveI/ facebook.com/21twelveinteractive/ linkedin.com/company/21twelve-interactive/ pinterest.com/21twelveinteractive/

Communication Networks

Network Traffic and Cybersecurity

Language Independent Code Analysis

Introduction to Traffic Shaping

Presentation transcript:

Identifying MMORPG Bots: A Traffic Analysis Approach By Kuan-Ta Chen, Jhih-Wei Jiang, Polly Huang, Hao- Hua Chu, Chin-Laung Lei, and Wen-Chin Chen Presented by Curtis Mirci

Why would anyone use a bot?

Why are bots a problem? Who’s used a bot? Macro’s and Scripting

Main methods used to detect Human Interaction Command Timing Trend of Traffic “Burstiness” Magnitude of Traffic “Burstiness” Sensitivity to Network Conditions

Human Interaction Using moderators or GMs to check Having trusted players tattle Problems?

Command Timing Bot programs have a certain timing thanks to their main loop. Two tests in here –Multimodality Test –Regularity Test What are they?

Command Timing Multimodality –Easy, use the Dip test! (mentioned in other papers.... ) Regularity –It’s a bot if the Fuller’s statistic is significant at 0.01

Trend of Traffic Burstiness What is Burstiness? –Packet count sent in successive periods Bots have smoother burstiness

Magnitude of Burstiness Uses a cross-point to display how smooth the traffic is Bot if smaller than 10 seconds This give a minimum false +

Reaction to Network Conditions Humans will slow down if the game does Bots won’t Human Bot

So what should we do? False+False-Correct Rate Timing?<5%>95% Burstiness Trend ?<5%>95% Burstiness Magnitude <5%?~75% Connection Reaction ???

Now that we know... How can we build a better bot? How can we defend against this better bot? Will the cycle ever end?