Fight Game Cheating the Easy Way


Published on

It is actually easier to stop many game cheaters than you'd think.

There is a lot more that can be done to protect your critical information. If you are interested, send me an email to steve @ with the subject “Cheating”.

If you are interested in keeping up with the latest books, articles, and tools from me at Free2Secure send me an email steve @ with the subject “Subscribe”.

Finally, if you have any security questions, issues, or shoot me a note to steve @ with the subject “Help”.

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Fight Game Cheating the Easy Way

  1. 1. Security eBooks Fight Cheating The Easy Way Steven Davis steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  2. 2. Security eBooks Control CARRDS • The building blocks that Reference comprise a game – Control Model – Action Action – (Random) – I.e., Random the creation of random events in Rules the game – Rules – Display Elements – State State Display steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  3. 3. Security eBooks Standard Multi-player Strategy - Distributed Object Networking Control s ta te emote Action Action• State-based networking occurs ew” r “below” the game level, and Game Engine Game Engine therefore is vulnerable to raw n spoofing erify “ – Two models: State State ∆ (State)/∆Time State(time+1) y to v – Tools for re-synchronization become tools for attack No wa State(time+x) is newer, so replaces State(time) steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  4. 4. Security eBooks • Transaction-based Networking occurs at or above the game engine Distributed level • Initialization is to a known Transaction or agreed to state based on the rules of the Game Networking • Network Model: (Action,time) or (Old State, Action, time) • If the Game Engine Verifies Actions, invalid action & state injection cheating is stopped Action Action – If (Action, Time) givenControl (Local Old State) is OK, then proceed Game Engine Game Engine – Transactions have to make logical sense given the previous state State State • Timing attacks can be reduced much more easily (and stopped with SecurePlay) steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  5. 5. Security eBooks Distributed Object Systems vs. Distributed Transactions Systems – Summary 1 • Most networked games use a distributed object based design – Easy to program – Multi-player can be added as an “afterthought” – Numerous standard tools – Network design does not need to understand the game design – Problems • Makes attacks easy • Synchronization is inherently trusting because it occurs below the level of the game • Lack of understanding of game means it is impossible to validated remote updates • Can be limiting: Even simple games like poker will not work with a distributed object model steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  6. 6. Security eBooks Distributed Object Systems vs. Distributed Transactions Systems – Summary 2 • Distributed Transaction Systems naturally reflect games – Games are rule-based transaction systems that migrate from state to state based on player actions and random events – Does require game developers to think about game rules (at least a bit) • Change from game objects focus to game object action focus – nouns to verbs. Also more naturally supports control of information sharing – Rules & Action Validation becomes possible • Validating state differences is hard. Validating actions tends to be much easier – Time hacks are also more naturally stopped • Re-synchronization is based on rolling back to a known state or updating from a known state. Multiple updates/actions are clearly detectable – and should be verifiable. • Transaction base synchronization is as Bandwidth Efficient as state- based synchronization – Players actions are inherently narrow-band – If local or AI activities are automatic, then this is WORST CASE the same as Distributed Object approaches (RTS games with many units) steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  7. 7. Security eBooks Safer Networking with Server Control Control or Action or Action Client Client Partial Partial State State Display Display Random • Push Actions to Server Rules • Let Server or Other Players Validate Server State steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  8. 8. Security eBooks Proxy Security Some online games dangerously include a SQL client and talk directly to the game server Rules Validation Data Validation Validation Message Incoming Message Database • Protecting Database from SQL injection / direct queries • Allows Rules Validation on Server or reallocation to other players steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  9. 9. Security eBooks • How “out of synch” should players be allowed to get? – Delays -There is effectively an underlying notion of time “ticks” where The Trouble with – the game must stop Interaction – There is an important game play notion of how players are able Time to interact with each other (action/re- action) in terms of information available. • For a network game this sets a notion of Lifecycle of a Network Player “minimum duration”. Action – Interference – The interaction of – Decision – the instant at which the different player actions need to have action enters the game play engine reasonable and understandable – Commitment – the instant before consequences based on each player’s which the action will be automatically notion of state and action. aborted/changed to address new – Prediction & Confusion – The incoming information that was not interaction of the player presentation and available the actual game state can become – Success – the instant after which the complicated by poor predictions by the action has some probability of game presentation engine and the actual resolving successfully. actions of the remote player. This is a – Resolution – the instant when the problem for presentation & control action triggers consequences in the • How long does something take? game – Click-driven play fails for network games play engine. – when computers must share or – Conclusion – the instant after which coordinate state, simple physical the player is allowed to choose a interaction as a basis for temporal next action control breaks down steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  10. 10. Security eBooks Platform and Architectural Security Issues• Increasing complexity often leads to architectural compromises… often unintentional – Move from traditional games to more complicated games may undermine server-based model • Frequent examples in MMOs and casual games• Server-based model is not the only security approach – Server-based design does not necessarily address player trust issues • Why should players trust the server? • How can the operator trust the developer? • How can the regulator trust anyone? – Server-based design does not solve all threats• Distributed and Peer-based Designs have potential benefits• Developers are often the biggest “cheaters” – Implicit design decisions can have substantial, and surprising, security impacts steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  11. 11. Security eBooks What next? • Don’t give up! • More security presentations at: • Check out my book “Protecting Games” – Additional information at • You can “win” the security game steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416
  12. 12. Security eBooks About Me • Steven Davis – 25+ Years of Security Expertise – I have worked on everything from online games and satellite TV to Nuclear Command and Control and military communications • – Author, “Protecting Games” • Why Free2Secure? – Security is too expensive and isn’t working. There has to be a better way. I’m exploring these issues for IT security, ebooks, games, and whatever else strikes my fancy at – Join me there, ask questions, challenge assumptions, let’s make things better steve@free2secure.comGames, iGaming, and Gambling +1.650.278.7416