Successfully reported this slideshow.

[DevDay 2016] Anti hacking on game development - Speaker: Khanh Le – Programmer Project Lead at Gameloft

2

Share

Upcoming SlideShare
Assignment 1 ns
Assignment 1 ns
Loading in …3
×
1 of 21
1 of 21

[DevDay 2016] Anti hacking on game development - Speaker: Khanh Le – Programmer Project Lead at Gameloft

2

Share

In our time, games are no longer just for entertainment, it’s a real bombing industry. If gamers are willing to invest their time and money in those leaderboards, they want security for their investment. They would not want to be kicked out by hackers who don’t spend time or money to play. That is why it’s crucial for game producers to take the matter of security more serious, in order to keep their customers in the game longer.

Come and join us to discover advanced techniques to protect your game from hacking.

———

Speaker: Khanh Le – Programmer Project Lead at Gameloft

In our time, games are no longer just for entertainment, it’s a real bombing industry. If gamers are willing to invest their time and money in those leaderboards, they want security for their investment. They would not want to be kicked out by hackers who don’t spend time or money to play. That is why it’s crucial for game producers to take the matter of security more serious, in order to keep their customers in the game longer.

Come and join us to discover advanced techniques to protect your game from hacking.

———

Speaker: Khanh Le – Programmer Project Lead at Gameloft

More Related Content

More from DevDay.org

Related Books

Free with a 14 day trial from Scribd

See all

Related Audiobooks

Free with a 14 day trial from Scribd

See all

[DevDay 2016] Anti hacking on game development - Speaker: Khanh Le – Programmer Project Lead at Gameloft

  1. 1. 1 Anti HackingAnti Hacking By Le Van Khanh
  2. 2. 2 BSA GLOBAL SOFTWARE SURVEY June 2014
  3. 3. 3
  4. 4. 4 “Hacking vs Anti-hacking is the never-ending war”
  5. 5. 5 We focus on programming solution
  6. 6. 6
  7. 7. 7
  8. 8. Reverse Engineering 8  Any programming languages / any platforms can be attacked by Reverse Engineering  The most common targets are bypass license, cheat values in game Solutions:  Any text visible to user should be encrypted  Strings/text should be load from encrypted files instead of assign directly in your code  Avoid log printing if it was not necessary
  9. 9. 9
  10. 10. 10
  11. 11. 11
  12. 12. Memory attack 12  Buffer overflow attack  Memory Value Editing Solutions:  Control input carefully  Any critical value should be encrypted
  13. 13. 13
  14. 14. 14
  15. 15. Network communication attack 15  Many tools allow us analysis network packet (Wireshark, Cytoscape,...)  Hackers can use it to extract information transmitted from your application  They can also simulate the destination / the responses to your application Solutions:  Encrypt your packets  Using SSO
  16. 16. 16 queryString = "username=xxxx&passworld=yyyy"; Instead of plain text encryptedQuery = "p=" + encode(queryString) + "&encrypted=1"; hash = sha256_hash(queryString); secureQuery = "p=" + encode(queryString) + "&encrypted=1&h="+ hash ; We use encrypted query string or more secure than
  17. 17. Single sign-on (SSO) 17
  18. 18. { "data": { "app_id": 138483919580948, "application": "Social Cafe", "expires_at": 1352419328, "is_valid": true, "issued_at": 1347235328, "metadata": { "sso": "iphone-safari" }, "scopes": [ "email", "publish_actions" ], "user_id": 1207059 } } 18
  19. 19. Other attack techniques 19  SQL injection  Save Game Editing  Time Hack  De-Compilation  …
  20. 20. Hacking Detection 20  Use the hash used (MD5,SHA256,...) to verify your code/library/execute files (*.dylib, *.so, *.exe)  Tracking your user’s process/data to detect unexpected changes
  21. 21. Thanks for your attention! 21 Thanks for your attention!

Editor's Notes

  • Many people don’t pay money for the software they use.
  • many people involved
    many techniques were used
    many purpose / target
  • Example: read encrypted text from file
  • Format String
  • Memory Value Editing
  • Facebook access token generating
  • ×