一位程式人 PI 在中研院

7,791 views
7,775 views

Published on

0 Comments
10 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
7,791
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
10
Embeds 0
No embeds

No notes for slide
  • 人工檢查,抽樣 1000 ,準確率 74% (738) , error 大部分也為暱稱。 78% 再 74% = 58% ( 超過一半 ) 72% 再 74% = 53% ( 超過一半 ) 30% 再 74% = 22% (5 分之一 )
  • 人工檢查,抽樣 1000 ,準確率 74% (738) , error 大部分也為暱稱。 78% 再 74% = 58% ( 超過一半 ) 72% 再 74% = 53% ( 超過一半 ) 30% 再 74% = 22% (5 分之一 )
  • 一位程式人 PI 在中研院

    1. 1. 一位程式人 PI 在中研院 陳昇瑋 ( 陳寬達 ) 中央研究院 資訊科學研究所 July 17, 2010
    2. 2. 程式人 ?
    3. 3. 1988 1989 1990 1991
    4. 4. 1990 1992 1993 1998
    5. 5. 程式人的養成 (1) <ul><li>10 歲寫 football game with ROM BASIC </li></ul><ul><li>國中寫對打遊戲 with dBASE & Pascal </li></ul><ul><li>高中寫 RPG with C & Assembly </li></ul>Richard Garriott 1980
    6. 6. 高中時 (1990) 的偶像
    7. 7. 程式人的養成 (2) <ul><li>大二開始接案 , 從資料庫到 Windows driver writing </li></ul><ul><li>大三寫 XDesktop 獲得 1997 ZDNet Shareware Award </li></ul><ul><li>大四開始講課 , 中科院 , CHTTL, 資策會 , 業界講師 </li></ul><ul><li>大四開始撰文 , PC Magazine, RUN!PC, PC World, 遊戲設計大師 </li></ul><ul><li>研一赴荷蘭參加 ACM ICPC 程式設計競賽世界決賽 </li></ul>
    8. 8. 程式人的養成 (3) <ul><li>2000 出版《 Delphi 深度歷險》 </li></ul><ul><li>2002 出版《 C++Builder 深度歷險》 </li></ul>
    9. 9. http:// www.ithome.com.tw/itadm/article.php?c =59343
    10. 10. PI ?
    11. 11. Principal Investigator
    12. 12. 多媒體網路與系統實驗室 http:// mmnet.iis.sinica.edu.tw
    13. 13. 研究自主 <ul><li>網路網路及多媒體使用者滿意度 </li></ul><ul><li>網際網路量測 </li></ul><ul><li>網路安全 </li></ul><ul><li>線上遊戲 </li></ul><ul><li>網路電話 (VoIP, Skype) </li></ul><ul><li>人際運算 </li></ul><ul><li>人機互動 </li></ul>
    14. 14. 今天的主題 <ul><li>社群網路中非自願性的資訊洩露 </li></ul><ul><li>遊戲外掛偵測 </li></ul><ul><li>遊戲玩家忠誠度分析 </li></ul><ul><li>即時匿蹤殭屍電腦偵測 </li></ul><ul><li>影像故事自動編排系統 </li></ul>
    15. 15. 社群網路中 非自願性的資訊洩露 (Special thanks to XDite and CornGuo)
    16. 16. Information Leakage on SNS
    17. 17. Pseudonym != Anonymity <ul><li>axxxxx1 可愛的 * 嘉嘉 * </li></ul><ul><li>axxx7 ??? 俐嘉 ,,( 要記得我悠 !! 壹樣斗 * 我會記得你 ? </li></ul><ul><li>axxxx0 哩尬 </li></ul><ul><li>axxxx5 俐嘉 -- </li></ul><ul><li>axxx4 【 愛 ‧哩軋 】我們有許多小秘密 </li></ul><ul><li>axx6 同學 俐嘉 </li></ul><ul><li>axxx2 哩嘎 ~ 瘋 ... 但是有氣質 </li></ul><ul><li>axxxxxx3 利嘉 (2) </li></ul><ul><li>axxxxxx1 俐嘉 </li></ul><ul><li>bxxxxx1 哩 軋 </li></ul><ul><li>bxxxxx4 俐嘉 * 活潑可愛的小女孩 </li></ul><ul><li>cxxxxx1 很有活力也很可愛的學妹 _ 俐嘉 </li></ul><ul><li>dxxxxxx0 哩嘎 </li></ul><ul><li>gxxx3 哩尬 ( 和窩起阿達 ) </li></ul><ul><li>qxxxxxx8 哩嘎 </li></ul><ul><li>rxxxxxx6 力嘎 ( 郭郭的七辣 ) </li></ul><ul><li>sxxxxy 俐 嘉 </li></ul><ul><li>sxxxxxxxxxx6 嘉嘉 ? </li></ul><ul><li>wxxxxxxx8 *“ 劉俐嘉 </li></ul><ul><li>yxxxxxxx6 小孩 〝 俐嘉 〞 </li></ul><ul><li>yxxxxxxx6 俐嘉 </li></ul><ul><li>zxxxx6 ▽-> 俐 嘉 。 ? 〞 </li></ul><ul><li>zxxxxx7 ◆╭☆ ﹋ 俐嘉 ﹋☆╮◇ </li></ul>
    18. 18. 非自願姓名洩露 <ul><li>使用者沒有公開其真實姓名 </li></ul><ul><li>卻能透過好友描述推測 </li></ul><ul><li>無法保障使用者隱私 </li></ul>真實姓名為劉德榮?
    19. 19. 案例分析:無名小站 <ul><li>國內用戶數最多 ( 超過 390 萬人 ) </li></ul><ul><ul><li>使用者皆匿名參與 </li></ul></ul><ul><li>蒐集 766,972 (20%) 使用者 </li></ul><ul><li>使用者經常使用真實姓名描述好友 </li></ul><ul><li>分析步驟 </li></ul><ul><ul><li>分析在不同描述中重覆出現的候選字串 </li></ul></ul><ul><ul><li>大學聯考名單比對 </li></ul></ul><ul><ul><li>常用詞語列表比對 </li></ul></ul>“ Involuntary Information Leakage in Social Network Services,” Ieng-Fat Lam, Kuan-Ta Chen, and Ling-Jyh Chen, Proceedings of IWSEC 2008 (Best Paper Award) . http:// mmnet.iis.sinica.edu.tw/publication_detail.html?key =lam08_wretch
    20. 20. 使用者以真實姓名稱呼朋友傾向與被朋友以真實姓名稱呼的比率具有高度相關 使用者的姓名洩露比例與性別 ( 上圖 ) 及使用者年齡 ( 下圖 ) 的關係 名稱種類 推測到的比例 暱稱 60% 全名 30% 名字 ( 不包括姓 ) 72% 全名或名字 78%
    21. 21. 年齡及就學記錄的資訊洩露 <ul><li>就讀學校 及 年齡 的非自願洩露 </li></ul><ul><ul><li>使用者沒有公開其就讀學校及年齡 </li></ul></ul><ul><ul><li>卻能透過好友關係推測其學歷及所屬年齡群 </li></ul></ul><ul><li>使用者就讀學校及年齡的推測 </li></ul><ul><ul><li>找出已透露的使用者 </li></ul></ul><ul><ul><li>以關係關鍵字直接推測其好友 (direct inference) </li></ul></ul><ul><ul><li>從已推測到使用者推測其好友 (indirect inference) </li></ul></ul>
    22. 22. 使用者的就讀學校推測結果 ( 上圖 ) 及平均推測範圍 ( 邊數 ) 使用者的年齡推測結果 ( 上圖 ) 及平均推測範圍 ( 邊數 )
    23. 23. Sensitive Information Leakage <ul><li>Real name </li></ul><ul><li>Education history </li></ul><ul><li>Career history </li></ul><ul><li>Mobile phone # </li></ul><ul><li>Real-life relationship </li></ul><ul><ul><li>date, spouse </li></ul></ul><ul><ul><li>relatives </li></ul></ul><ul><ul><li>boss, staff </li></ul></ul>
    24. 24. 無名小站情報分析事務所 http:// mmnet.iis.sinica.edu.tw/proj/wretchinfo /
    25. 25. 分析結果(範例一)
    26. 26. 分析結果(範例二)
    27. 27. 問卷結果 ( 一 )
    28. 28. 問卷結果 ( 二 )
    29. 29. 服務使用後續追蹤 ( 一 ) 姓名洩露程度的變化 有沒有任何姓名洩露
    30. 30. 服務使用後續追蹤 ( 二 ) 姓名洩露程度與使用者反應的關係
    31. 31. 服務使用後續追蹤 ( 三 ) 姓名洩露程度與使用者態度的關係
    32. 32. 無名小站.文字繪 http:// mmnet.iis.sinica.edu.tw/proj/tagart /
    33. 33. 無名小站.文字繪
    34. 34. 使用者不喜歡的標籤 <ul><li>公關 , 哈哈 , 跟好 , 天空 , 羽豬 , 偉宏 , 科科 , 哭哭 , 還有 , 一個 , 不過 , 媺棻 , 討厭 , 朋友 , 數學 , 憲緯 , 但老 , 老媽 , 人很 , 會讓 , 又說 , 師大 , 國小 , 最愛 , 最有 , 小芝 , 芝君 , 表姐 , 世傑 , 轉到 , 士傑 , 睡覺 , 台客 , 鴿子 , 學生 , 王子 , 身邊 , 一直 , 寵物 , 世界 , 北安 , 老公 , 君仁 , 毛毛 , 勁舞 , 道恆 , 舞步 , 阿海 , 烏龜 , 咖美 , 小米 , 龔柏 , 麻齊 , 佩瑜 , 罐子 , 爺爺 , 趙哥 , 小董 , 阿囧 , 東華 , 其實 , 薛球 , 阿嫂 , 姐姐 , 范鑫 , 盈靜 , 胖丁 , 彥浦 , 表姐 , 表姊 , 叔叔 , 白熊 , 雨涵 , 曉初 , 竹北 , 小雯 , 學姊 , 雯歆 , 兩老 , 妹子 , 口丁 , 雄中 , 男友 , 珮君 , 嘉蓉 , 洗澡 , 堯安 , 哈囉 , 抱歉 , 阿毛 , 媽媽 , 北安 , 市立 , 下棋 , 吟芝 , 白目 , 柏宏 , 低能 , 如珍 , 學姐 , 匯捷 , 名字 , 資通 , 實踐 , 縣立 , 仁愛 , 燕文 , 杏如 , 海灘 , 陽光 , 娃娃 , 立航 , 阿呈 , 陰暗 , 角落 , 大爺 , 亦方 , 沛嫻 , 不多 , 眼中 , ㄎㄎ , 聽說 , 中文 , 雅芳 , 氣直 , 嬸嬸 , 眉毛 , 妤雯 , 瑞鋒 , 瑞峰 , 國小 , 考試 , 好友 , 欣蓉 , 討厭 , 佳宜 , 才不 , 想交 , 雅亭 , 國防 , 軍警 , 立寰 , 皇冕 , 黑道 , 合嘴 , 管家 , 晚娘 , 嬌嗔 , 年級 , 慈敏 , 阿敏 , 小敏 , 洪小 , 明道 , 小摟 , 蘭妙 , 慶伶 , 畇伶 , 昀伶 , 想妳 , 孤單 , 水睞 , 四妹 , 撿角 , 測幹 , 凱凱 , 矮子 , 釣魚 , 阿綱 , 殭屍 , 好人 , 胖哥 , 謝肥 , 芳芳 , 種豬 , 經商 , 想改 , 小祺 , 警察 , 大學 , 高中 , 豬頭 , 什麼 </li></ul><ul><li>三是井 , 卻無法 , 平凡人 , 看不懂 , 黃媺棻 , 級媺棻 , 級米香 , 好人卡 , 彰憲偉 , 倒著唸 , 章憲偉 , 倒著念 , 國立高 , 都不理 , 說自己 , 加拿大 , 台北縣 , 勁舞團 , 出家人 , 一歲卻 , 吳木木 , 黃里歐 , 施佩君 , 高雄縣 , 陳漢典 , 哈哈哈 , 政治人 , 周百合 , 說賤人 , 外國團 , 哈哈哈 , 試試看 , 林紅君 , 小護士 , 蘭司心 , 愛自拍 , 鬼畜嘉 , 陳珮君 , 王冠腸 , 白蟾蜍 , 堯安姊 , 搖滾樂 , 據說還 , 吳秉寰 , 陳如珍 , 如珍啦 , 對不起 , 屏東縣 , 小麥肌 , 小海豹 , 沛沛嫻 , 或許連 , 個怎樣 , 說不清 , 能告訴 , 周百合 , 好人卡 , 上學除 , 從民生 , 挖哈哈 , 賴怡安 , 林世傑 , 你好棒 , 阿切切 , 被狗幹 , 沒路用 , 褚又豪 , 我愛你 , 謝謝你 , 個怪人 , 第二枚 , 陳立寰 , 池塘裡 , 小敏兒 , 洪小囉 , 洪小敏 , 洪小摟 , 蟹肉棒 , 小小白 , 陳蘭妙 </li></ul><ul><li>一事無成 , 無名小站 , 逛街購物 , 不用咪聽 , 身邊一直 , 下棋彈琴 , 黃金獵犬 , 縣立文德 , 市立大直 , 市立北安 , 國立鳳新 , 正緩緩為 , 妳在哪裡 , 正在就學 , 我哈哈哈 , 運動釣魚 , 蝦米咚咚 , 好人一個 , 你是好人 , 國立台灣 , 浪費時間 , 國防大學 , 葛神靈鬼 , 市立大直 , 下棋彈琴 , 戴阿格那 , 小粉公主 , 縣立仁愛 , 被人保護 , 當瘦子但 , 縣立板橋 </li></ul>1. 姓名 , 2. 關係 , 3. 不雅綽號 , 4. 身份 , 5. 學經歷
    35. 35. 遊戲外掛偵測
    36. 36. Game Bots <ul><li>Game bots: automated AI programs that can perform certain tasks in place of gamers </li></ul><ul><li>Popular in MMORPG and FPS games </li></ul><ul><ul><li>MMORPGs (Role Playing Games) accumulate rewards in 24 hours a day  break the balance of power and economies in game </li></ul></ul><ul><ul><li>FPS games (First-Person Shooting Games) a) improve aiming accuracy only b) fully automated  achieve high ranking without proficient skills and efforts </li></ul></ul>
    37. 37. Bot Detection <ul><li>Detecting whether a character is controlled by a bot is difficult since a bot obeys the game rules perfectly </li></ul><ul><li>No general detection methods are available today </li></ul><ul><li>State of practice is identifying via human intelligence </li></ul><ul><ul><li>Detect by “bots may show regular patterns or peculiar behavior” </li></ul></ul><ul><ul><li>Confirm by “bots cannot talk like humans” </li></ul></ul><ul><ul><li>Labor-intensive and may annoy innocent players </li></ul></ul>
    38. 38. CAPTCHA in a Japanese Online Game <ul><ul><li>( C ompletely A utomated P ublic T uring test to tell C omputers and H umans A part) </li></ul></ul>
    39. 39. Our Goal of Bot Detection Solutions <ul><li>Passive detection  No intrusion in players’ gaming experience </li></ul><ul><li>No client software support is required </li></ul><ul><li>Generalizable schemes (for other games and other game genres) </li></ul>
    40. 40. Our Solution I: Traffic Analysis Game client Game server Traffic stream Q: Whether a bot is controlling a game client given the traffic stream it generates? A: Yes or No
    41. 41. Case Study: Ragnarok Online (Figure courtesy of www.Ragnarok.co.kr)
    42. 42. DreamRO -- A screen shot World Map View scope Character Status
    43. 43. Trace Collection 207 hours, 3.8 million packets were traced in total Heterogeneity in player skills and network conditions Category Tr# ID Avg. Period Avg. Pkt rate Network Human players 8 A, B, C, D 2.6 hr 1.0 / 3.2 pkt/s ADSL, Cable Modem, Campus Network Bots 11 K (Kore) R (DreamRO) 17 hr 1.0 / 2.2 pkt/s Category participants Client pkt rate Avg. RTT Avg. Loss rate Human players 2 rookies 2 experts 0.8 ~ 1.2 pkt/s 45 ~ 192 ms 0.01% ~ 1.73% Bots 2 bots 0.5 ~ 1.7 pkt/s 33 ~ 97 ms 0.004% ~ 0.2%
    44. 44. Command Timing <ul><li>Client response time (response time): time difference between the client packet departure time and the most recent server packet arrival time </li></ul><ul><li>We expect the following patterns: </li></ul><ul><ul><li>A large number of small response times (bots respond server packets immediately) </li></ul></ul><ul><ul><li>Regularity in response times </li></ul></ul>After certain time t Observation bots often issue their commands based on arrivals of server packets , which carry the latest status of the character and environment State Update Command
    45. 45. CDF of Client Response Times Kore: Zigzag pattern (multiples of a certain value) DreamRO: > 50% response times are very small
    46. 46. Histograms of Response Times 1 ms multiple peaks 1 ms multiple peaks
    47. 47. Periodograms of Histograms of Response times Player 1 Player 2
    48. 48. Examining the Trend of Traffic Burstiness
    49. 49. Reaction to Network Conditions <ul><li>Observe the relationship between round trip time samples and packet rate sent within the following 1 second </li></ul>server Traffic jam!! Hypothesis <ul><li>Transit delay of packets will influence the pace of game playing (the rate of screen updates, character movements) </li></ul><ul><li>Human players will involuntarily adapt to the game pace </li></ul>
    50. 50. Avg. packet rate vs. round trip times Median RTT Downward trend for human players; upward trend for bots
    51. 51. Performance Evaluation
    52. 52. An Integrated Classifier Conservative approach (10000 packets): false positive rate ≈ 0% and 90% correct rate Progressive approach (2000 packets): false negative rate < 1% and 95% correct rate
    53. 53. Robustness against Counter Attacks <ul><li>Adding random delays to the release time of client commands </li></ul><ul><ul><li>Command timing scheme will be ineffective </li></ul></ul><ul><ul><li>Schemes based on traffic burstiness and human reaction to network conditions are robust </li></ul></ul><ul><ul><ul><li>Adding random delay to command timing will not eliminate the regularity unless the added delay is longer than the updating interval by orders of magnitude or heavy-tailed </li></ul></ul></ul><ul><ul><ul><li>However, adding such long delays will make the bots incompetent as this will slowdown the character’s speed by orders of magnitude </li></ul></ul></ul>
    54. 54. The IDC of the original packet arrival process and that of intentionally-delayed versions
    55. 55. Our Solution II: Movement Trajectory <ul><li>Based on the avatar’s movement trajectory in game </li></ul><ul><li>Applicable for all genres of games where players control the avatar’s movement directly </li></ul><ul><li>Avatar’s trajectory is high-dimensional (both in time and spatial domain) </li></ul>
    56. 56. The Rationale behind Our Scheme <ul><li>The trajectory of the avatar controlled by a human player is hard to simulate for two reasons: </li></ul><ul><ul><li>Complex context information: Players control the movement of avatars based on their knowledge, experience, intuition, and a great deal of environmental information in game. </li></ul></ul><ul><ul><li>Human behavior is not always logical and optimal </li></ul></ul><ul><li>How to model and simulate realistic movements (for game agents) is still an open question in the AI field. </li></ul>
    57. 57. Bot Detection: A Decision Problem Q: Whether a bot is controlling a game client given the movement trajectory of the avatar? A: Yes / No?
    58. 58. User Movement Trails
    59. 59. 3D Path Visualization Tool
    60. 60. Case Study: Quake 2
    61. 61. Aggregate View of Trails (Human & 3 Bots) Human CR Bot Eraser ICE Bot
    62. 62. Trails of Human Players
    63. 63. Trails of Eraser Bot
    64. 64. Trails of ICE Bot
    65. 65. Movement Trail Analysis <ul><li>Activity </li></ul><ul><ul><li>mean/sd of ON/OFF periods </li></ul></ul><ul><li>Pace </li></ul><ul><ul><li>speed/offset in each time period </li></ul></ul><ul><ul><li>teleportation frequency </li></ul></ul><ul><li>Path </li></ul><ul><ul><li>linger frequency/length </li></ul></ul><ul><ul><li>smoothness </li></ul></ul><ul><ul><li>detourness </li></ul></ul><ul><li>Turn </li></ul><ul><ul><li>frequency of mild turn, U-turn, … </li></ul></ul>
    66. 66. Bot Detection Performance
    67. 67. Five Methods for Comparison Method Data Input kNN Original 200-dimension Pace Vectors Linear SVM Nonlinear SVM Isomap + kNN Isomap-reduced Pace Vectors Isomap + Nonlinear SVM
    68. 68. Evaluation Results Error Rate False Positive Rate False Negative Rate
    69. 69. 遊戲玩家 忠誠度分析
    70. 70. Unsubscription Prediction <ul><li>Game improvement </li></ul><ul><ul><li>Players’ unsubscription  low satisfaction </li></ul></ul><ul><ul><li>Surveys can be conducted to determine the causes of player dissatisfaction and improve the game accordingly </li></ul></ul><ul><ul><li>More likely to receive useful comments before players quit </li></ul></ul><ul><li>Prevent VIP players’ quitting (maintain revenue) </li></ul><ul><ul><li>For “item mall” model, users’ contribution (of revenue) is heavy-tailed </li></ul></ul><ul><ul><li>Losing VIP players may significantly harm the revenue </li></ul></ul><ul><li>Network/system planning and diagnosis </li></ul><ul><ul><li>By predicting “which” players tend to leave the game  investigating is there any problem regarding network resource planning, network congestion, or server arrangement </li></ul></ul>
    71. 71. Unsubscription Prediction: Our Proposal <ul><li>Rationale: players’ satisfaction / enthusiasm / addiction to a game is embedded in her game play history </li></ul>Quit in 30 days? Quit Stay Login history Jan Feb Mar Apr May Jun July Aug Sep Oct Nov Dec 2007 Subscription time
    72. 72.
    73. 73. World of Warcraft <ul><li>The most popular MMOG for now </li></ul>
    74. 74. Data Collection Methodology <ul><li>Create a game character </li></ul><ul><li>Use the command ‘ who ’ </li></ul><ul><li>The command asks the game server to reply with a list of players who are currently online </li></ul><ul><li>Write a specialized data-collection program (using C#, VBScript, and Lua) </li></ul>
    75. 75. The Limitation of WoW API <ul><li>WoW returns at most 50 users in one query </li></ul><ul><li>We narrow down our query ranges by dividing all the users into different races, professions, and levels </li></ul>Level: 50+ Level: 30~39 Level: 40~49 Monster Human 100 users 45 users 15 users 60 users
    76. 76. Trace Summary
    77. 77. 福克斯大神之謎?? (1) ref. http:// forum.gamebase.com.tw/content.jsp?no =4715&cno=47150002&sno=75201947 ref. http://www.wings-of-narnia.com/viewtopic.php?t =3012 網友 A :不知道在聖光之願部落的玩家有沒有發現到,在新手村薩滿訓練師的後面,永遠都會站著一個叫「福克斯大神」的獵人玩家!在半年前我到聖光定居時我在新手村見到他,到現在他仍然還是留守在那個地方……不會暫離、而且可以觀察他 = =&quot; 這種事該回報給 GM 嗎?創新手看到他的時候都覺得好恐佈啊囧 網友 B : me too 看到的一瞬間 突然起雞皮疙瘩 ..... 網友 C : &quot; 已離去 &quot; 玩家的怨念 ( 怨魂 @@) 嗎 ? 還是在悲傷愛情故事裡 , 癡等所愛的另一人 ? ^^^^^^^^QQ 網友 D :哈 線在好多人在看噢 旁邊為了一大群人 @@ 觀光景點呀 XD
    78. 78. 福克斯大神之謎?? (2) 網友 E :我剛剛也有去看了一下 開了一個 ID 叫做“聽說有鬼”的獸人戰士 坐在他面前的桶子一直望著他 ~ 忽然 ! < 暫離 > 福克斯大神 他蹲下了 ... 隔一分鐘 .. 消失 =ˇ=&quot; .. .. 現在我心裡也是毛毛的 .. 網友 F :好猛鬼啊 !!!!!! 大神的力量好可怕啊 , 一堆信眾死在他之前!!!!!! 網友 G :我上次有開過去看,還遇到了兩位同好,看的時候真的蠻不可思議的 ... 可以列入魔獸 10 大世界奇觀吧 !
    79. 79. 福克斯大神與祂的信眾們 -_-
    80. 80.
    81. 81.
    82. 82. Questionnaire Sample number: 1747
    83. 83. Reasons for User Unsubscription
    84. 84. Trend of Game Playing Time
    85. 85. Logisitic Regression Model for Unsubscription Prediction <ul><li>Significant features (out of > 20 features) </li></ul><ul><ul><li>Avg. session time </li></ul></ul><ul><ul><li>Daily session count </li></ul></ul><ul><ul><li>Variation of the login hour (when the player starts playing a game each day) </li></ul></ul><ul><ul><li>Variation of daily play time (number of hours) </li></ul></ul><ul><li>A naive logistic regression model achieves approximately 75% prediction accuracy </li></ul>
    86. 86. Unsubscription Prediction Result
    87. 87. 即時匿蹤殭屍 電腦偵測
    88. 88. Fast-Flux Botnet Request Redirect Response Response Client Mothership Fast-flux Bot
    89. 89. Detection Challenges <ul><li>Existing solutions to fast-flux botnet </li></ul><ul><ul><li>Thorsten Holz et al. </li></ul></ul><ul><ul><ul><li>fluxy score based on #ASN / domain, # IP / domain, # NS record / single looukup </li></ul></ul></ul><ul><ul><li>Jose et al. </li></ul></ul><ul><ul><ul><li># IP / domain, TTL of A record < 900 sec., ASN>2 </li></ul></ul></ul>Have to observe for a period of time!
    90. 90. Our Contributions <ul><li>Reduce the measurement period from 2 days to 2 seconds </li></ul><ul><li>Detect fast-flux botnet in real time </li></ul>
    91. 91. A Typical HTTP Transaction 1. HTTP Request 2. Response Content Client Server 3. Received 1 2 3
    92. 92. An HTTP Transaction via a Fast-Flux Bot Long response time! FF Bot 1. HTTP Request 3. Response Content Client Mothership 5. Received 1 2 3 2. Get Redirected 4. Response Content 4 5
    93. 93. A Comparison Long document fetch delay Small BW and variable network delay Long processing delay Dedicated Servers TraditionalBots Fast-Flux Bots Request delegation ✘ ✘ ✔ Consumer-level hardware ✘ ✔ ✔ Uncontrollable foreground tasks ✘ ✔ ✔
    94. 94. Advantages of Our Scheme <ul><li>Robustness </li></ul><ul><ul><li>No signature required </li></ul></ul><ul><ul><li>Intrinsic characteristics </li></ul></ul><ul><li>Real time </li></ul><ul><ul><li>With a few TCP connections </li></ul></ul>
    95. 95. Detection Scheme <ul><li>Measurement of Various Different Delays </li></ul><ul><ul><li>Network Delay </li></ul></ul><ul><ul><li>Document Fetch Delay </li></ul></ul><ul><ul><li>Processing Delay </li></ul></ul>Mothership FF Bot Client
    96. 96. Network Delays and Document Fetch Delay <ul><li>Document Fetch Delay (DFD) </li></ul><ul><li>= End-to-end delay (E2E) − Network delay (ND) </li></ul><ul><li>End-to-End (E2E) </li></ul><ul><li>= time (HTTP RSP received) − time (HTTP REQ sent) </li></ul><ul><li>Network Delay (ND) </li></ul><ul><li>= time (TCP ACK received) − time (TCP SYN sent) </li></ul>
    97. 97. <ul><li>We send an invalid HTTP request </li></ul><ul><ul><li>using a HI method </li></ul></ul><ul><ul><li>with a version of HTTP/ 11.0 </li></ul></ul><ul><ul><li>without the HOST header </li></ul></ul>Client ?! “ HI” 400 Bad request 503 Method not allowed Processing Delay
    98. 98.
    99. 99. Data Sources Alexa Atlas DNSBL Phishtank Malware URL Dshield Benign Fast-Flux Malicious
    100. 100. Data Collection <ul><li>Period: 01/15/2009 to 04/15/2009 (3 months) </li></ul><ul><li>Continuously send out HTTP requests </li></ul>move domain information here after data collection
    101. 101. Number of Unique ASNs
    102. 102. Benign Domain ASN Country IP AS Name 15169 United States 74.125.45.100 GOOGLE- Google Inc. 74.125.67.100 74.125.127.100
    103. 103. Fast-Flux Domain <ul><li>5349938485855609.ru </li></ul>...and MORE! IP ASN Country AS Name 79.116.13.74 8708 Romania RDSNET RCS & RDS S.A. 79.117.50.11 8708 Romania RDSNET RCS & RDS S.A. 186.136.153.181 10318 Argentina CABLEVISION S.A. 93.172.182.136 1680 Israel NetVision Ltd. 190.24.50.216 19429 Colombia ETB - Colombia 118.108.17.110 2518 Japan BIGLOBE NEC BIGLOBE, Ltd.
    104. 104. Top 5 # of IP Addresses per Botnet Gang in Our Trace
    105. 105. Top 5 # of Domain Names Used by Botnet Gang in Our Trace
    106. 106. The Same Botnet, but Use Different Domain Names
    107. 107. Fast-Flux in the Wild
    108. 108. Preliminary Analysis
    109. 109. Preliminary Analysis
    110. 110. Scatter Plot
    111. 111. Scatter Plot
    112. 112. Performance Evaluation <ul><li>SVM classification </li></ul><ul><li>10-fold cross validation </li></ul><ul><li>2000 sample sessions for each type </li></ul><ul><li>Total Accuracy: 97.05% </li></ul>
    113. 113. Evaluation Results
    114. 114. Features of Our Scheme <ul><li>Intrinsic characteristics of FF botnet </li></ul><ul><ul><ul><li>Document fetch delays / bandwidth / queueing delay / processing delay </li></ul></ul></ul><ul><ul><ul><li>which bot masters are unable to control and forge </li></ul></ul></ul><ul><li>Measurement on the fly </li></ul><ul><li>Real-time detection </li></ul>
    115. 115. 影像故事 自動編排系統
    116. 116. Photo Sharing <ul><li>People today use pictures to write down their daily experience (with the prevalence of digital cameras) </li></ul><ul><li>Common ways to share their experience </li></ul><ul><ul><li>Photo browsing </li></ul></ul><ul><ul><li>Photo slideshow </li></ul></ul><ul><ul><li>Video slideshow </li></ul></ul><ul><ul><li>Illustrated text </li></ul></ul>
    117. 117. Photo Browsing
    118. 118. Photo/Video slideshow
    119. 119. Illustrated Text
    120. 120. Comics
    121. 121. Comparison of photo-based storytelling media 方式 製作成本 閱讀需求 閱讀控制 表現力 攜帶性 Photo browsing 低 低 高 低 不可 Slideshow 中 低 低 中 不可 Text 高 高 高 高 高 Comic 高 低 高 高 高
    122. 122. Contributions <ul><li>A framework for comic-based computer-aided storytelling systems that can devolve comic storytelling to the populace </li></ul><ul><li>Steps </li></ul><ul><ul><li>Takes a sequence of digital pictures as input; </li></ul></ul><ul><ul><li>Identifies the events and the plotline within the pictures, and quantifies such understanding; </li></ul></ul><ul><ul><li>Accepts inputs from creators, including desired page number, markup style, picture attributes, captions, conversations, and so on; </li></ul></ul><ul><ul><li>Converts picture attributes to visual vocabulary and generates the comics; </li></ul></ul><ul><ul><li>Allows creators to fine tune the presentation of generated comics, and also allows re-iterating the process from Step 2 with creators’ feedbacks. </li></ul></ul>
    123. 123. Challenges <ul><ul><li>Image Understanding </li></ul></ul><ul><ul><ul><li>Human recognition </li></ul></ul></ul><ul><ul><ul><li>Emotion recognition </li></ul></ul></ul><ul><ul><ul><li>Behavior recognition </li></ul></ul></ul><ul><ul><ul><li>Object recognition </li></ul></ul></ul><ul><ul><ul><li>Location identification </li></ul></ul></ul><ul><ul><ul><li>Natural language processing </li></ul></ul></ul><ul><ul><ul><li>Photo quality estimation </li></ul></ul></ul><ul><ul><li>Automatic Comic Creation </li></ul></ul><ul><ul><ul><li>Significant photo selection </li></ul></ul></ul><ul><ul><ul><li>Paginating and page layouting </li></ul></ul></ul><ul><ul><ul><li>Narrative design </li></ul></ul></ul>
    124. 124. User Interface - Scoring Phase
    125. 125. User Interface - Editing Phase
    126. 127. An Adaptation to Online Games <ul><li>漫畫自動產生系統 </li></ul><ul><li>整理與總結玩家在遊戲中的過程 </li></ul><ul><li>講述故事 </li></ul><ul><li>使用者介面 </li></ul><ul><ul><li>讓使用者或玩家參與漫畫的創作 </li></ul></ul>(a) Game Game Play
    127. 128. More Comics
    128. 129.
    129. 130. Applications <ul><li>玩家在部落格或論壇上 分享 遊戲心得 / 經驗 </li></ul><ul><li>以漫畫格式 紀錄 使用者遊戲的過程 </li></ul><ul><ul><li>玩家可在遊戲中隨時調出自己加入遊戲後任何一天的 遊戲日誌 ,以漫畫呈現 </li></ul></ul>
    130. 131. 無框分格 <ul><li>強烈視覺感受 </li></ul><ul><li>外框拿掉,開放式構圖 </li></ul><ul><ul><li>頁底 </li></ul></ul><ul><ul><li>一般開放式構圖 </li></ul></ul><ul><li>情境式漫畫,圖顯抽象是氣氛或人物內心情境描述 </li></ul>
    131. 132. 出血畫面 <ul><li>因應劇情需求,而有需要表現畫面張力的情況 </li></ul><ul><li>畫面突破內框線,延伸到裁切線外 </li></ul><ul><li>除非跨頁,否則盡量避免構圖朝向裝訂線方向出血 </li></ul>
    132. 133. 破格 <ul><li>加強突顯主體的效果 </li></ul><ul><li>讓格子內的圖像或文字打破格子框線的限制 </li></ul>
    133. 134. 效果背景 <ul><li>集中畫面焦點的功用 </li></ul><ul><ul><li>效果線式背景:依據人物內心的狀態,利用筆觸繪製適用的效果線 </li></ul></ul><ul><ul><li>黑白對比式背景:利用黑與白的對比,表達人物情緒的方法 </li></ul></ul><ul><ul><li>網點式背景:可分為穩重型的平網,以及俏麗型的花網表現 </li></ul></ul>
    134. 135. 漫畫張力 <ul><li>善用格子形狀: </li></ul><ul><ul><li>跨頁 破格 出血 無框分格 浮動格 </li></ul></ul><ul><li>方法: </li></ul><ul><ul><li>最大分格 </li></ul></ul><ul><ul><li>光影對比 </li></ul></ul><ul><ul><li>畫面逼近 </li></ul></ul>
    135. 136. 漫畫家風格分析 / 模擬
    136. 137.
    137. 138. References <ul><li>Effect of Network Quality on Player Departure Behavior in Online Games Kuan-Ta Chen, Polly Huang, and Chin-Laung Lei IEEE Transactions on Parallel and Distributed Systems, May, 2009. </li></ul><ul><li>On the Challenge and Design of Transport Protocols for MMORPGs Chen-Chi Wu, Kuan-Ta Chen, Chih-Ming Chen, Polly Huang, and Chin-Laung Lei Multimedia Tools and Applications (special issue on Massively Multiuser Online Gaming Systems and Applications), to appear. </li></ul><ul><li>Identifying MMORPG Bots: A Traffic Analysis Approach Kuan-Ta Chen, Jhih-Wei Jiang, Polly Huang, Hao-Hua Chu, Chin-Laung Lei, and Wen-Chin Chen EURASIP Journal on Advances in Signal Processing, 2009. </li></ul><ul><li>Automatic Storytelling in Comics: A Case Study on World of Warcraft Chia-Jung Chan, Ruck Thawonmas, and Kuan-Ta Chen ACM CHI 2009 (Works-in-Progress Program). </li></ul><ul><li>Analysis of Area Revisitation Patterns in World of Warcarft Ruck Thawonmas, Keisuke Yoshida, Jing-Kai Lou, and Kuan-Ta Chen IFIP ICEC 2009, to appear. </li></ul><ul><li>Detection of MMORPG Bots Based on Behavior Analysis Ruck Thawonmas, Yoshitaka Kashifuji, and Kuan-Ta Chen ACM ACE 2008. </li></ul><ul><li>Game Bot Identification based on Manifold Learning Kuan-Ta Chen, Hsing-Kuo Kenneth Pao, and Hong-Chung Chang ACM NetGames 2008. </li></ul><ul><li>An Analysis of WoW Players' Game Hours Pin-Yun Tarng, Kuan-Ta Chen, and Polly Huang ACM NetGames 2008. </li></ul><ul><li>Game Bot Detection Based on Avatar Trajetory Kuan-Ta Chen, Andrew Liao, Hsing-Kuo Kenneth Pao, Hao-Hua Chu IFIP ICEC 2008. </li></ul><ul><li>Detection of Landmarks for Clustering of Online-Game Players Ruck Thawonmas, Masayoshi Kurashige, and Kuan-Ta Chen IFIP ICEC 2007. </li></ul><ul><li>User Identification based on Game-Play Activity Patterns Kuan-Ta Chen, Li-Wen Hong ACM NetGames 2007. </li></ul><ul><li>Detection of Landmarks for Clustering of Online-Game Players Ruck Thawonmas, Masayoshi Kurashige and Kuan-Ta Chen International Journal of Virtual Reality, 2007. </li></ul><ul><li>Game Traffic Analysis: An MMORPG Perspective Kuan-Ta Chen, Polly Huang, and Chin-Laung Lei Computer Networks, 2006. </li></ul><ul><li>How Sensitive are Online Gamers to Network Quality? Kuan-Ta Chen, Polly Huang, and Chin-Laung Lei Communications of the ACM, 2006. </li></ul><ul><li>Network Game Design: Hints and Implications of Player Interaction Kuan-Ta Chen and Chin-Laung Lei ACM NetGames 2006. </li></ul><ul><li>Design Implications of Social Interaction for Online Games Kuan-Ta Chen and Chin-Laung Lei IFIP ICEC 2006. </li></ul><ul><li>Identifying MMORPG Bots: A Traffic Analysis Approach Kuan-Ta Chen, Jhih-Wei Jiang, Polly Huang, Hao-Hua Chu, Chin-Laung Lei, and Wen-Chin Chen ACM SIGCHI ACE 2006. </li></ul><ul><li>An Empirical Evaluation of TCP Performance in Online Games Kuan-Ta Chen, Chun-Ying Huang, Polly Huang, and Chin-Laung Lei ACM SIGCHI ACE 2006. </li></ul><ul><li>On the Sensitivity of Online Game Playing Time to Network QoS Kuan-Ta Chen, Polly Huang, Guo-Shiuan Wang, Chun-Ying Huang, and Chin-Laung Lei IEEE INFOCOM 2006. </li></ul><ul><li>Game Traffic Analysis: An MMORPG Perspective Kuan-Ta Chen, Polly Huang, Chun-Ying Huang, and Chin-Laung Lei ACM NOSSDAV 2005. </li></ul>http:// www.iis.sinica.edu.tw/~swc/pub.html
    138. 139. Collaborators
    139. 140. Acknowledgement to Industry Partners
    140. 141. <ul><li>線上遊戲伺服端虛擬技術 </li></ul><ul><li>網路問題偵測及改善技術 </li></ul><ul><li>遊戲設計及行銷因素對於玩家遊戲行為的影響分析 </li></ul><ul><li>遊戲滿意度評測技術 </li></ul>http:// asgama.citi.sinica.edu.tw
    141. 142. 幸福的程式人 <ul><li>撰寫商用軟體或擔任工程師不是唯一的路。 </li></ul><ul><li>幸福的條件:好奇心、熱情及足夠的技術實力 </li></ul><ul><li>在哪兒都可以把工作變得好玩,並有機會對社會做出正面的貢獻。 </li></ul>
    142. 143. 謝謝聆聽,請多指教。 陳昇瑋 中央研究院 資訊科學研究所 http://www.iis.sinica.edu.tw/~swc

    ×