200 likes | 841 Vues
Cheat-Proofing P2P Online-gaming. Albert Lee Spring 2008. Comp 424. Overview. Introduction Terminology and Architecture Comparing Server vs. P2P Networks Problems with P2P Networks Example of Cheating Cheat-Proof / Anti-Cheating Measures Conclusion References. Introduction.
E N D
Cheat-Proofing P2P Online-gaming Albert Lee Spring 2008 Comp 424
Overview • Introduction • Terminology and Architecture • Comparing Server vs. P2P Networks • Problems with P2P Networks • Example of Cheating • Cheat-Proof / Anti-Cheating Measures • Conclusion • References
Introduction • Focus on Multiplayer Online Games • MMORPG • FPS • Common Cheating Techniques • Protection • Anti-cheat Techniques • Cheat Detection Techniques
Terminology • Thegame state is the set of information that describes the game at any time, which is composed of entity • An entity is an in-game objects that is controlled by a player. • A player is a person playing a game as well as the objects that person controls in the game
Terminology • Ping is a network tool that measures the round trip of a packet (measured in ms) • Latency is the amount of time it takes a packet to travel from source to destination • Bandwidth is the amount of data that can be transmitted in a fixed amount of time
Architecture: Client-Server • Client informs the server of • decisions the player makes • Server resolves any • interactions between • in-game objects and • global game state • Server maintains all the • game entity states • Server computes game • states based on client’s • inputs • Client (player) request for • the server to change the • entity state
Architecture: P2P • P2P (Peer-to-Peer) or • Serverless • Clients becomes host • Each host • Maintains its own entity state in the game • Decisions are updated to the other hosts • Resolves any interactions
Client-Server P2P • High Cost to operate • High Bandwidth Required for the server • Not Scalable • Easier to Secure • Reduce cost to operate • Distributes bandwidth among clients • Scalable • Very difficult to secure • Issue with Trust Comparison
Problems with P2P • Misplaced Trust • Software and data are stored player machines. Susceptible to manipulation. • Exploiting Lack of Secrecy • Compare to Client-Server networks, additional protection is needed • Collusion • Groups of ‘host’ can cheat together
Cheating in P2P Networks • Messages (Packages sent to other host) • Forged- Not sent from a honest sender • Aberrant – Legal but deviating message • Omitted- Not sending a message • Manipulating Data • Changing data in Local Memory • Hack Programs • http://www.mpgh.net/forum/
Example of Cheating • Data Manipulation of a Game • Simple example of modifying memory for Solitaire Game using “ArtMoney” • http://www.artmoney.ru/
Example of Cheating (cont) HACKS • Hard Coded – Manipulated game files • External – External program that gives an unfair advantage • OpenGL Hack- Altered Video Drivers • Client Hook – Client Loader that injects code into the games memory
Cheating Detection • Time Stamp • A trusted entity that provides signed hashed messages • Observer Service • receives secret information via secure channels • verifies it real-time • Encrypting / Signed Data • Confidentiality of sensitive data • Data can be identified by player
Cheat-Proof: Time Stamp • Send Message to Time Stamp server and other player. • The Signed Hashes are exchanged for Action verification • Using the other player’s time hashes to look for cheating Minimal Latency Packet travel time l is only the time from one player to another • Assumption • Time-Stamp server is trusted • No communication break-down
Anti-cheating Software • Punkbuster(Mainly FPS: Call of Duty 4) • Warden (WOW/Blizzard products) • GameGuard(MMORPGs) • DMW Anticheat (FPS: Medal of Honor) • Value Anti-Cheat(Steam Product) PunkBuster • Real-time scanning of memory • Searches for known hacks/cheats • Randomly check players www.evenbalance.com/
Encrypting / Signed Data • Encrypting Local Data • Maintains security of sensitive data that is shared between host machines • Observer Services protects from memory manipulation • Signed Data • Maintains a history and responsibility on messages • Discourage cheating
Conclusion • Why not P2P Networks? • Cost effective • Not implemented because of security issues • The Secret is Game Design • Security • Cheat Detection
References (Articles) Time-Stamp Service makes Real-Time Gaming Cheat-Free Shunsuke Mogaki, Masaru Kamada, Tatsuhiro Yonekura, Shusuke Okamoto, Yasuhiro Ohtaki, Mamun Bin Ibne Reaz Department of Computer Science, University of Massachusetts Amherst Network and System Support for Games, Proceedings of the 6th ACM SIGCOMM workshop on Network and system support for games 2007 Cheat-proof playout for centralized and peer-to-peer gaming Nathaniel E. Baughman, Marc Liberatore, Brian Neil Levine IEEE/ACM Transactions on Networking (TON) Volume 15 , Issue 1 (February 2007) Supporting P2P gaming when players have heterogeneous resources Aaron St. John, Brian Neil Levine International Workshop on Network and Operating System Support for Digital Audio and Video 2005 Challenges in peer-to-peer gaming Christoph Neumann, Nicolas Prigent, Matteo Varvello, Kyoungwon Suh ACM SIGCOMM Computer Communication Review Volume 37 , Issue 1 January 2007 Design of a cheat-resistant P2P online gaming system Patric Kabus, Alejandro P. Buchmann ACM International Conference Proceeding Series; Vol. 274 2007
References (Websites) http://wiki.counter-hack.net/howhackswork http://www.artmoney.ru/ http://www.raphkoster.com/2008/04/17/how-to-hack-an-mmo/ http://www.edgeofnowhere.cc/viewtopic.php?t=305739 http://www.p2pgames.com