This document discusses security issues and abuse in mobile games. It notes that worldwide spending on mobile games tripled to $16 billion in 2013 and gaming apps account for a large percentage of downloads. The document then summarizes typical mobile game architecture and motivations for abusive behavior like not wanting to spend money or lose. It outlines various abuse mechanisms like file tampering, malware, sensor spoofing, and API abuse. It also discusses potential solutions and notes that mobile games face fewer security challenges than PC games but that abuse still hurts players, developers, and platforms.
Tiến sĩ Dr. Serkan Toto, tư vấn viên phát triển game Nhật Bản, phát biểu tại hội nghị Astro #GOInnovate tại Cyberjaya, Kuala Lumpur cuối tuần vừa rồi về xu hướng trò chơi di động tại châu Á.
Bản quyền thuộc về Tiến sĩ Dr. Serkan Toto
Xem thêm tại LamGame.vn
Lược dịch từ GameInAsia.com
The slides to my little talk at TIGA GameDev Night in Leeds (6 Sept 2012). It is sort of an abbreviated version of some I did previously (plus pretty Pegasus)
Tiến sĩ Dr. Serkan Toto, tư vấn viên phát triển game Nhật Bản, phát biểu tại hội nghị Astro #GOInnovate tại Cyberjaya, Kuala Lumpur cuối tuần vừa rồi về xu hướng trò chơi di động tại châu Á.
Bản quyền thuộc về Tiến sĩ Dr. Serkan Toto
Xem thêm tại LamGame.vn
Lược dịch từ GameInAsia.com
The slides to my little talk at TIGA GameDev Night in Leeds (6 Sept 2012). It is sort of an abbreviated version of some I did previously (plus pretty Pegasus)
Mobile Gaming Application Development Mobile Gaming Application Tutorials, Course On Mobile Gaming Application Development at Learning Catalyst for beginners. The sessions will include J2ME platform & specifications, CLDC Config & MIDP Profiles, MIDlets, MIDlet User Interfaces, Low-Level MIDlet User Interface API, Networking and Persistent Storage, Packages – Mobile Gaming, Packages - Mobile Application.
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDANowSecure
From the creators behind top mobile tools R2 and FRIDA, get the inside scoop on the R2 and FRIDA OSS projects. Led by NowSecure Research Team including David Weinstein, Ole André and Pancake (Sergi Àlvarez), this webinar speaks to our favorite mobile AST OSS projects. Peek behind the curtain on these tools, check out on their latest updates, and learn about potential future enhancements.
This time AppTalk will focus on the everyday question of web applications vs hybrid applications vs native mobile applications. We'll provide guidance in making the business decision between these approaches. This will be presented through practical real-life cases. The focus will be on mobile applications rather than games.
Agenda:
14:00 Welcoming words, Karl Ots / Symbio
Responsive web
Dedicated mobile site
PhoneGap hybrid apps
Native HTML5 apps
Discussion & networking
Speaker:
Sebastian de Mel, frontend developer at Exove Oy.
Sebastian has been in the web business as a entrepreneur for over 5 years until recently when he joined the ranks of Exove Oy, whose customers include: Nelonen, Fiskars Bonnier publication and others. He studied algorithms in University of Tampere and has a Media-assistant degree. Technologies he uses in his daily work are: JavaScript (Underscore, jQuery, Zepto etc.), PhoneGap, eZ Publish, Drupal, Concrete5.
Event coordinator, Karl Ots: tel. 050 480 1102, email karl.ots [at] youngdevelopers.fi
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)Vince Verbeke
Are security concerns for mobile devices, like smartphones and tablets, real? Or, are claims of exponential growth in malware simply FUD? We will explore the major mobile operating systems and security concerns with each. This session will provide tips that can be shared to help your users protect their personal info and data when viewed from a mobile device. Information on mobile security programs will be shared, as well, including a look at whether free or commercial offerings provide better protection.
This edition includes contribution from a wider group of Endava experts who bring under the spotlight leading innovations in the marketplace.
Here are some highlights from the report:
#Using Big Data to find tax
# Privacy and Cloud Services
#The Internet of Things Infrastructure
#Display don't need to be rectangular
#Twitter live streaming
#This quarter major security breach
#Social Media monitoring - Big Data style
Mobile Security for Smartphones and TabletsVince Verbeke
Are security concerns for mobile devices, like smartphones and tablets, real? Or, are claims of exponential growth in malware simply FUD? We will explore the major mobile operating systems and security concerns with each. This session will provide tips that can be shared to help your users protect their personal info and data when viewed from a mobile device. Information on mobile security programs will be shared, as well, including a look at whether free or commercial offerings provide better protection.
Our Air Hockey Game project will be based on these trends, making a simple air hockey game in web platform. This game will be remote controlled using user’s own smart devices such as Galaxy or iPhone and they can see their game play view through web pages in their laptop or PC.
A practical walkthrough into why you need a manual pentest.
Real reasons and metrics from the trenches.
The presentation was delivered during an Episode of the SecRepo Podcast with hosts Mackenzie Jackson and Dwayne McDaniel, who asked very good questions.
Mobile Penetration Testing: Episode 1 - The Forensic MenaceNowSecure
This is Episode 1 of a trilogy on mobile penetration testing - forensic analysis of data at rest on the device.
Episode 2 - Return of the Network/Back-end
http://www.slideshare.net/nowsecure/mobile-penetration-testing-episode-ii-attack-of-the-code
Episode 3 - Attack of the Code
http://www.slideshare.net/nowsecure/mobile-penetration-testing-episode-iii-attack-of-the-code
Mobile Gaming Application Development Mobile Gaming Application Tutorials, Course On Mobile Gaming Application Development at Learning Catalyst for beginners. The sessions will include J2ME platform & specifications, CLDC Config & MIDP Profiles, MIDlets, MIDlet User Interfaces, Low-Level MIDlet User Interface API, Networking and Persistent Storage, Packages – Mobile Gaming, Packages - Mobile Application.
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDANowSecure
From the creators behind top mobile tools R2 and FRIDA, get the inside scoop on the R2 and FRIDA OSS projects. Led by NowSecure Research Team including David Weinstein, Ole André and Pancake (Sergi Àlvarez), this webinar speaks to our favorite mobile AST OSS projects. Peek behind the curtain on these tools, check out on their latest updates, and learn about potential future enhancements.
This time AppTalk will focus on the everyday question of web applications vs hybrid applications vs native mobile applications. We'll provide guidance in making the business decision between these approaches. This will be presented through practical real-life cases. The focus will be on mobile applications rather than games.
Agenda:
14:00 Welcoming words, Karl Ots / Symbio
Responsive web
Dedicated mobile site
PhoneGap hybrid apps
Native HTML5 apps
Discussion & networking
Speaker:
Sebastian de Mel, frontend developer at Exove Oy.
Sebastian has been in the web business as a entrepreneur for over 5 years until recently when he joined the ranks of Exove Oy, whose customers include: Nelonen, Fiskars Bonnier publication and others. He studied algorithms in University of Tampere and has a Media-assistant degree. Technologies he uses in his daily work are: JavaScript (Underscore, jQuery, Zepto etc.), PhoneGap, eZ Publish, Drupal, Concrete5.
Event coordinator, Karl Ots: tel. 050 480 1102, email karl.ots [at] youngdevelopers.fi
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)Vince Verbeke
Are security concerns for mobile devices, like smartphones and tablets, real? Or, are claims of exponential growth in malware simply FUD? We will explore the major mobile operating systems and security concerns with each. This session will provide tips that can be shared to help your users protect their personal info and data when viewed from a mobile device. Information on mobile security programs will be shared, as well, including a look at whether free or commercial offerings provide better protection.
This edition includes contribution from a wider group of Endava experts who bring under the spotlight leading innovations in the marketplace.
Here are some highlights from the report:
#Using Big Data to find tax
# Privacy and Cloud Services
#The Internet of Things Infrastructure
#Display don't need to be rectangular
#Twitter live streaming
#This quarter major security breach
#Social Media monitoring - Big Data style
Mobile Security for Smartphones and TabletsVince Verbeke
Are security concerns for mobile devices, like smartphones and tablets, real? Or, are claims of exponential growth in malware simply FUD? We will explore the major mobile operating systems and security concerns with each. This session will provide tips that can be shared to help your users protect their personal info and data when viewed from a mobile device. Information on mobile security programs will be shared, as well, including a look at whether free or commercial offerings provide better protection.
Our Air Hockey Game project will be based on these trends, making a simple air hockey game in web platform. This game will be remote controlled using user’s own smart devices such as Galaxy or iPhone and they can see their game play view through web pages in their laptop or PC.
A practical walkthrough into why you need a manual pentest.
Real reasons and metrics from the trenches.
The presentation was delivered during an Episode of the SecRepo Podcast with hosts Mackenzie Jackson and Dwayne McDaniel, who asked very good questions.
Mobile Penetration Testing: Episode 1 - The Forensic MenaceNowSecure
This is Episode 1 of a trilogy on mobile penetration testing - forensic analysis of data at rest on the device.
Episode 2 - Return of the Network/Back-end
http://www.slideshare.net/nowsecure/mobile-penetration-testing-episode-ii-attack-of-the-code
Episode 3 - Attack of the Code
http://www.slideshare.net/nowsecure/mobile-penetration-testing-episode-iii-attack-of-the-code
Bullet Physics is a professional open source collision detection, rigid body and soft body dynamics library. The library is free for commercial use under the ZLib license.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
2. Mobile Games: The Not-So Surprising
Numbers
● “Worldwide spending on mobile game apps tripled in 2013 to $16B”
(http://venturebeat.com/2014/02/19/worldwide-spending-on-mobile-
game-apps-tripled-in-2013-to-16b/)
● “Mobile games account for top global apps worldwide in Jan 2014”
(http://e27.co/mobile-games-account-for-top-global-apps-
worldwide-in-jan-2014/)
● “Gaming apps accounted for around 41% of downloads from the
Apple and Google stores, and was 61% on Amazon” (http://blogs.
wsj.com/digits/2014/04/10/the-one-thing-mobile-users-can-agree-
on-games/)
3. Mobile: What We Know
● Devices are of high value, can be easily lost or broken
● Has good computational power
● It is “always on” (including networking)
● Features: GPS, accelerometer, compass, bluetooth, Wi-
Fi, NFC
● Constraints: battery, screen size, input
● New security model including app distribution
● No authorized method for gaining administrative access
by default
4. What Has Changed for Games
● Development cycle and cost
● The goal for players
● Business model
● Distribution of game client and content
● Dependency on network connection and
third-party systems
5. Typical Architecture of Mobile Games
● The game client
● Servers
● APIs
● Operating System
● Mobile Carriers
6. Motivations for Abuse, Unethical
Behavior
● Don’t want to grind
● Don’t want to wait for next full meter
● Don’t want to spend money on virtual goods
● Don’t want to lose
● Achievements
● Want to win
● Want to steal data
7. Abuse Mechanisms
● File modifications and tampering
● Malware and piracy
● Time state attacks
● Faking location and sensor data
● Disconnection and latency
● API abuse
8. File Modifications and Tampering
● Game data commonly stored in .plist or XML files or in
SQLite databases on the client side (the app)
● Example: Pocket Trains
○ iOS: Edit the .plist file under preferences for the
game; risk getting banned
○ Android (assumes rooted device): Edit the file
root/data/data/com.nimblebit.
pockettrains/shared_prefs/com.nimblebit.
pockettrains.xml
○ Source: http://www.pockettrainswiki.com/wiki/Cheating
9. Malware
● Repackage apps on Android
● Example 1: Freedom (Android) - reveals “hackable”
applications on device; in-app purchases made free
through middle-man, not through Google Play http:
//www.netnames.com/blog/2013/09/in-appropriate-
mobile-behaviour/
● Example 2: Flappy Birds http://nakedsecurity.sophos.
com/2014/02/11/flappy-bird-really-is-dead-beware-of-
infected-fakes-that-promise-to-keep-him-alive/
10. Out-of-Band Spam
● Case-in-point, do a search for candy crush
saga cheats
● Seedy ad networks http://blog.trendmicro.
com/leaky-ad-networks-put-mobile-game-
players-risk/
● ...leading to potentially malicious websites and
networks
11. Time State Attacks
● Many games are dependent on the actual time
● The idea: (incrementally) change the phone or tablet's internal clock
forward or backwards
● “10 year old girl hacker CyFi reveal her first zero-day in Game at #DefCon
19” http://thehackernews.com/2011/08/10-year-old-girl-hacker-cyfi-reveal-
her.html
● Works in games such as:
○ Candy Crush Saga: http://forum.xda-developers.com/showthread.
php?t=2235910
○ Pocket Trains (jobs finish faster by moving clock forward BUT trains
may then have negative fuel)
12. Disconnection and Latency
● Higher disconnection, higher latency, and high data
loss on mobile devices.
● Detecting time state attacks is much harder… (e.g.,
disconnect device from Wi-Fi)
● Double-edge sword for player:
○ In favor: disconnect on imminent loss, no
penalty. Example: FIFA ‘14
○ Not in favor: dead as you know it
13. Faking Location and Sensor Data
● For augmented reality or location-based games
● Was a big problem for Foursquare
● Easy to spoof gyroscope, accelerometer, compass,
geolocation data --especially on a rooted or
jailbroken device
● “Most systems currently lack software or hardware
checks (e.g., Trusted Platform Module)” (Yahyavi,
Pang, and Kemme)
14. API Abuse
● Use a proxy as middle-man (e.g., mitmproxy)
● iOS allows for system-wide HTTP proxy
● Example (now fixed): Apple Game Center
○ Attack 1: intercept and modify score-value field
○ Attack 2: capture email hashes (SHA-1)
○ Source: “Hacking iOS Game Center and Passbook
with Proxies” by Karl Fosaaen, NetSPI http:
//louisvilleinfosec.com/wp-
content/uploads/2013/02/KarlFosaaen-iOS-GC-and-
PB.pdf
16. Privacy and Information Leakage
● Still way too many apps and developers transmit data HTTP (i.e.,
plaintext) and not HTTPS
● App permissions hell: http://blog.zscaler.com/angry-apps-saga
● Two years ago, Angry Birds and many other iOS games were
calling ABAddressBookCopyArrayOfAllPeople. Source: http:
//blog.veracode.com/2012/02/adios-say-goodbye-to-nosy-iphone-
apps/
● Example: QuizUp http://www.theverge.
com/2013/11/26/5146998/quizup-security-privacy-issues-fix-on-the-
way
● Facebook, Twitter, etc. credentials stored in plaintext in SQLite
databases (thanks Joey Peloquin)
17. Existing Security Mechanisms
● Banning
● Penalties
● CAPTCHAs
● Hash functions and checksums
● (PC games have more glorified mechanisms including
PunkBuster, Valve Anti-Cheat, Warden for WoW)
● Mobile Guard: continuous exchange of protection
mechanisms between client and server (Grimen, Mönch,
Midtstraum)
● Dead reckoning to predict location of player at certain
moment
18. Proposed Solutions (Yahyavi, Pang,
Kemme)
● Verify Wi-Fi position by sending nearest SSIDs and their signal
strength
● Q&A using local places information (e.g., Google Places API). So
we have a game within a game
● Verify unreachable positions (e.g., middle of ocean) via path
● Verify location using picture taken from camera => reverse image
search
● Verify network statistics and information, carrier specific (e.g., via
AT&T API)
● Facial recognition via camera and biometrics for transaction
security
19. The Good News
● Many complexities (and hence, culprits), are not
available in mobile games (Bono, Caselden, Landau,
Miller):
○ Third-party plugins
○ User-generated content (e.g., the “nude patch”)
○ Scripting engines
○ Botting (without a lot of difficulties)
20. What’s the Loss (or why do we care)?
1. Players - loss of fun; declining resources (including
battery life); loss of purchased virtual goods; loss of
personal data; spike in cell phone and credit card bills
2. Game Developers - loss revenue from in-app
purchases or from the app itself; bad data; cost for
computing services increase
3. Carriers and Computing Services- declining quality of
service
4. Platforms (e.g., iOS, Android)
21. To Ponder
● Mobile games is a great arena to see
whatcouldpossiblegowrong in the mobile space
● No one wins; everyone’s reputation and a lot of
money are at stake
● Many stories; a mess as evident by the cases
presented
● Question: what’s the trust model now?
● The bigger question: why are we not emphasizing
on the security of mobile games?
22. Additional References
● G. Grimen, C. Mönch, R. Midtstraum, “Tamper Protection of Online Clients through Random
Checksum Algorithms,” in Proceedings of Information Systems Technology and its Applications
5th International Conference (ISTA 2006), May 2006.
● Stephen Bono , Dan Caselden , Gabriel Landau , Charlie Miller, Reducing the Attack Surface in
Massively Multiplayer Online Role-Playing Games, IEEE Security and Privacy, v.7 n.3, p.13-19,
May 2009.
● A. Yahyavi, J. Pang, B. Kemme, "Towards Providing Security For Mobile Games," in
Proceedings of 8th ACM MobiCom Workshop on Mobility in the Evolving Internet Architecture
(MobiArch), Miami, USA, 2013, p47-52. http://www.cs.mcgill.ca/~syahya/Yahyavi-MobiArch-
MobGameSec.pdf
● “AWS Case Study: Supercell” http://aws.amazon.com/solutions/case-studies/supercell/
● “Building Mobile Games on AWS” http://www.slideshare.net/AmazonWebServices/building-
mobile-games-on-aws-gmg301
● http://www.bloomberg.com/news/2014-01-29/nsa-spying-on-apps-shows-perils-of-google-candy-
crush-.html