Presentation is loading. Please wait.

Presentation is loading. Please wait.

OpenConflict: Preventing Real Time Map Hacks in Online Games Elie Bursztein, Mike Hamburg, Jocelyn Lagarenne, Dan Boneh (Stanford University) IEEE Symposium.

Published byDina McKenzie Modified over 9 years ago

Similar presentations

Presentation on theme: "OpenConflict: Preventing Real Time Map Hacks in Online Games Elie Bursztein, Mike Hamburg, Jocelyn Lagarenne, Dan Boneh (Stanford University) IEEE Symposium."— Presentation transcript:

1 OpenConflict: Preventing Real Time Map Hacks in Online Games Elie Bursztein, Mike Hamburg, Jocelyn Lagarenne, Dan Boneh (Stanford University) IEEE Symposium on Security and Privacy 2011 1

2 OUTLINE Introduction and Related Work A Generic Tool for Map Hacking Game Hacking with Kartograph Preventing Passive Map Hack ◦ Case Study Starcraft II Defending against Map Hacking OpenConflict Discussion and Conclusion 2

3 OUTLINE Introduction and Related Work A Generic Tool for Map Hacking Game Hacking with Kartograph Preventing Passive Map Hack ◦ Case Study Starcraft II Defending against Map Hacking OpenConflict Discussion and Conclusion 3

4 Real-Time Strategy(RTS) Online gaming includes 64% of gamers ◦ RTS - 35.5% ◦ First person shooter – 10.1% RTS games ◦ Player compete on a two-dimensional map divided in to cells ◦ Starcraft II: normally 24000 – 36000 cells 4

5 RTS Game 5

6 Cheating in RTS games Abusing the resource system ◦ Find the location of resource value in memory Hacking the unit list Tampering with the map visibility ◦ Map hacking ◦ Hardest to perform ◦ Fully passive Note: push approach v.s. pull approach 6

7 Map Hacking 7

8 Related Work Battle of Botcraft fighting bots in online games with human observational proofs. ◦ ACMCCS (Nov, 2009) Hacking world of warcraft: An exercise in advanced rootkit design. ◦ Black Hat (2006) Visual reverse engineering of binary and data files. ◦ Visualization for Computer Security (2008) 8

9 Contribution Presenting a generic attack tool ◦ Kartograph A generic defense against passive attacks in RTS games ◦ OpenConflict Analyzed 1000 Starcraft II games 9

10 OUTLINE Introduction and Related Work A Generic Tool for Map Hacking Game Hacking with Kartograph Preventing Passive Map Hack ◦ Case Study Starcraft II Defending against Map Hacking OpenConflict Discussion and Conclusion 10

11 Adversarial Game Instrumentation(AGI) Past approaches: debugger/decompiler Memory attacks on virtually every game 11

12 Map Data Easiest 12

13 Map Hacking Based on memory changes ◦ The memory that contains unit positions only changes when units move Reducing Memory Space Finding the visibility map Understanding the visibility map 13

14 Reducing Memory Space Step1 ◦ Launch the game ◦ Read all memory pages of the process ’ s main module which are marked as  ReadWrite, Commit and Private Step2 ◦ Move the camera, trigger actions  Without discovering any new parts of the map! ◦ Eliminate all the memory blocks that changed 14

15 Reducing Memory Space(cont.) Step3 ◦ “ Scout ” an unknown area in game ◦ Keep only the memory blocks that changed Step4 ◦ Same as Step2 15

16 Finding the Visibility Map Use visualization techniques ◦ Create a “ nonlinear ” scouting pattern ◦ Heat map representation Difficulty: ◦ Data types, Align 16

17 Visualization 17

18 Visualization(cont.) 18

19 Understanding the Visibility Map How the structure works? Diff-map analysis ◦ Snapshot & do something 19

20 Diff-Map with Heat Map 20

21 Unit Hacking and Network Analysis Unit: Smaller and more complex structure ◦ Produce units and observe memory Network Analysis D: Diff map F: Fixed value C: Counter value D: Random value 21 DF CR

22 OUTLINE Introduction and Related Work A Generic Tool for Map Hacking Game Hacking with Kartograph Preventing Passive Map Hack ◦ Case Study Starcraft II Defending against Map Hacking OpenConflict Discussion and Conclusion 22

23 Game Hacking with Kartograph Take lots of memory: ◦ Twice game ’ s memory size ◦ Work on 64-bit windows only Test 15 games ◦ Data structures changed radically 23

24 Map information Bitmap Composite 24

25 Using the Game as a Map Hack 25

26 OUTLINE Introduction and Related Work A Generic Tool for Map Hacking Game Hacking with Kartograph Preventing Passive Map Hack ◦ Case Study Starcraft II Defending against Map Hacking OpenConflict Discussion and Conclusion 26

27 Preventing Passive Map Hacks Threat model: passive eavesdropping adversaries Assume: P2p architecture Pull approach ◦ Cryptographic protocols? ◦ Challenge: imperceptible latency! 27

28 Cast Study Starcraft II Wrote a crude “ game engine ” Analyzed 1000 Starcraft II replays(Top players) ◦ High number of actions per minute(APM) ◦ Map size: 24320 ~ 36864 cells ◦ Playable size: 15180 ~ 24640 cells ◦ Game duration 28

29 Cast Study Starcraft II(cont.) Analyzed 1000 Starcraft II replays(Top players) ◦ Visibility 29

30 OUTLINE Introduction and Related Work A Generic Tool for Map Hacking Game Hacking with Kartograph Preventing Passive Map Hack ◦ Case Study Starcraft II Defending against Map Hacking OpenConflict Discussion and Conclusion 30

31 Our Approach Prevent the passive map hack Pull approach ◦ Each player ’ s machine only stores information that the player is authorized to see Use an oblivious intersection protocol 31

32 Intersection Protocol Def: ◦ M be the set of all cells on the map ◦ Each cell may contain units(including builds and other objects) ◦ Each unit has a visibility radius ◦ Union of all of Alice ’ s visibility regions gives the set of cells that Alice can see ◦ denote the set of map cells containing Bob ’ s unit ◦ for some data domain D 32

33 A1 Intersection Protocol(cont.) 33 B2 B1 UAUA VAVA cell U B1, also V A ∩U B

34 Intersection Protocol(cont.) 1. Bob should learn nothing about V A 2. Alice should learn nothing about U b other than V A ∩ U B 3. Alice learns the value of f B on V A ∩ U B but nothing about U B \ V A 34

35 Oblivious Function G: A group of prime order q Bob chooses a secret key k in [1,q-1], Alice chooses a random integer r in [1,q-1] Start: Alice send H 1 (v) r Bob responds with H 1 (v) rk Alice computes H 1 (v) k = H 1 (v) rkr -1 Computational Diffie-Hellman assumption tells that it is secure! 35

36 Compute V A ∩ U B 36

37 Compute V A ∩ U B (cont.) (Bob) For each u in U B : a key k u = H 2 (H 1 (u) k ) Encrypt f B (u) using the key k u (authenticated encryption, AE) (Alice) Alice obtain H 1 (v) k for all v in V a Computes k v = H 2 (H 1 (v) k ) for all v in V a Test if one of the ciphertexts received from Bob decrypts correctly with k v 37

38 Hypergrids 38 A1 38 B2 B1 UAUA VAVA cell U B1, also V A ∩U B

39 Hypergrids(cont.) 39

40 Chaff and Multiplayer Basic protocol ◦ leaks to Bob the number cells in Alice ’ s visibility set V A ◦ Leaks to Alice the sum of the lengths of f B (u) for u in U b The queries H 1 (v) r are independent of the player being queried: broadcast Compute H 1 (v) k is the only per-opponent work 40

41 OUTLINE Introduction and Related Work A Generic Tool for Map Hacking Game Hacking with Kartograph Preventing Passive Map Hack ◦ Case Study Starcraft II Defending against Map Hacking OpenConflict Discussion and Conclusion 41

42 Basic protocol Core i5 660 dual-core hyperthreaded processor running at 3.33 GHz Standard NIST elliptic curves 200 visibility hypertiles and 150 units per player A single exponentiation = a millisecond => 750 milliseconds per play Unacceptable! 42

43 Elliptic Curve Montgomery curve Because p is a Mersenne prime ◦ Very efficient implementation, 11-12us for exponentiations on this curve 43

44 Security Need to remain secure for an hour Best known algorithms take O( ) time to solve discrete logarithms p = 2 61 -1 ◦ 12 sec p = 2 89 -1 (speed up OpenConflict by 33%) ◦ 72 machine-days p = 2 127 -1 (OpenConflict) ◦ 3,200 machine-years 44

45 Measurements v: visible grid hypertiles (about 30us) u: units (about 15us) 45

46 OUTLINE Introduction and Related Work A Generic Tool for Map Hacking Game Hacking with Kartograph Preventing Passive Map Hack ◦ Case Study Starcraft II Defending against Map Hacking OpenConflict Discussion and Conclusion 46

47 Preventing Active Attacks Detecting active attacks after the game ◦ Every client logs network traffic/actions and then sends to other players periodically ◦ Upload to a central server to verify Random number generator? ◦ Commit a seed for a pseudorandom generator at the beginning of the game ◦ A central server to verify 47

48 Conclusion Map hacking and a defense system for RTS games ◦ Kartograph and OpenConflict Security in online games is a fruitful area of research! 48

Download ppt "OpenConflict: Preventing Real Time Map Hacks in Online Games Elie Bursztein, Mike Hamburg, Jocelyn Lagarenne, Dan Boneh (Stanford University) IEEE Symposium."

Similar presentations

Public Key Cryptosystem

Public Key Cryptosystem
Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Foundations of Cryptography Lecture 7 Lecturer:Danny Harnik.

Foundations of Cryptography Lecture 7 Lecturer:Danny Harnik.
Trusted 3rd parties Basic key exchange

Trusted 3rd parties Basic key exchange
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
Spreading Alerts Quietly and the Subgroup Escape Problem Aleksandr Yampolskiy (Yale) Joint work with James Aspnes, Zoë Diamadi, Kristian Gjøsteen, and.

Spreading Alerts Quietly and the Subgroup Escape Problem Aleksandr Yampolskiy (Yale) Joint work with James Aspnes, Zoë Diamadi, Kristian Gjøsteen, and.
Transmission Security via Fast Time-Frequency Hopping PI: Eli Yablanovich Co-PIs: Rick Wesel Ingrid Verbauwhede Ming Wu Bahram Jalali UCLA Electrical.

Transmission Security via Fast Time-Frequency Hopping PI: Eli Yablanovich Co-PIs: Rick Wesel Ingrid Verbauwhede Ming Wu Bahram Jalali UCLA Electrical.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Encryption Public-Key, Identity-Based, Attribute-Based.

Encryption Public-Key, Identity-Based, Attribute-Based.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea 34901784 443099

Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Secure Poker Post PC project 2002. Motivation Games have been pushing computer industry Many people carry gadgets, but hardly a pack of cards. (even during.

Secure Poker Post PC project Motivation Games have been pushing computer industry Many people carry gadgets, but hardly a pack of cards. (even during.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Windows Core Security1© 2006 Microsoft Corp Cryptography: Helping Number Theorists Bring Home the Bacon Since 1977 Dan Shumow SDE Windows Core Security.

Windows Core Security1© 2006 Microsoft Corp Cryptography: Helping Number Theorists Bring Home the Bacon Since 1977 Dan Shumow SDE Windows Core Security.
1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date : 2008-06-03.

1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date :
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Similar presentations

Ads by Google