It is actually easier to stop many game cheaters than you'd think. There is a lot more that can be done to protect your critical information. If you are interested, send me an email to steve @ free2secure.com with the subject “Cheating”. If you are interested in keeping up with the latest books, articles, and tools from me at Free2Secure send me an email steve @ free2secure.com with the subject “Subscribe”. Finally, if you have any security questions, issues, or shoot me a note to steve @ free2secure.com with the subject “Help”.

1. Security eBooks
Fight Cheating
The Easy
Way
Steven Davis
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

2. Security eBooks
Control
CARRDS • The building blocks that
Reference comprise a game
– Control
Model – Action
Action
– (Random) – I.e.,
Random the creation of
random events in
Rules the game
– Rules
– Display Elements
– State
State
Display
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

3. Security eBooks
Standard Multi-player Strategy -
Distributed Object Networking Control
s ta te
emote
Action Action
• State-based networking occurs
ew” r
“below” the game level, and Game Engine Game Engine
therefore is vulnerable to raw
n
spoofing
erify “
– Two models: State State
∆ (State)/∆Time State(time+1)
y to v
– Tools for re-synchronization become
tools for attack
No wa
State(time+x) is newer, so replaces
State(time)
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

4. Security eBooks
• Transaction-based
Networking occurs at or
above the game engine Distributed
level
• Initialization is to a known Transaction
or agreed to state based
on the rules of the Game Networking
• Network Model:
(Action,time) or (Old
State, Action, time) • If the Game Engine Verifies
Actions, invalid action & state
injection cheating is stopped
Action Action – If (Action, Time) given
Control (Local Old State) is OK, then
proceed
Game Engine Game Engine
– Transactions have to make
logical sense given the
previous state
State State • Timing attacks can be reduced
much more easily (and
stopped with SecurePlay)
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

5. Security eBooks
Distributed Object Systems vs.
Distributed Transactions Systems – Summary 1
• Most networked games use a distributed object based design
– Easy to program
– Multi-player can be added as an “afterthought”
– Numerous standard tools
– Network design does not need to understand the game design
– Problems
• Makes attacks easy
• Synchronization is inherently trusting because it occurs below the level
of the game
• Lack of understanding of game means it is impossible to validated
remote updates
• Can be limiting:
Even simple games like poker will not work with a distributed object
model
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

6. Security eBooks
Distributed Object Systems vs.
Distributed Transactions Systems – Summary 2
• Distributed Transaction Systems naturally reflect games
– Games are rule-based transaction systems that migrate from state
to state based on player actions and random events
– Does require game developers to think about game rules (at least a bit)
• Change from game objects focus to game object action focus – nouns to
verbs. Also more naturally supports control of information sharing
– Rules & Action Validation becomes possible
• Validating state differences is hard. Validating actions tends to be much
easier
– Time hacks are also more naturally stopped
• Re-synchronization is based on rolling back to a known state or updating
from a known state. Multiple updates/actions are clearly detectable – and
should be verifiable.
• Transaction base synchronization is as Bandwidth Efficient as state-
based synchronization
– Players actions are inherently narrow-band
– If local or AI activities are automatic, then this is WORST CASE the
same as Distributed Object approaches (RTS games with many units)
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

7. Security eBooks
Safer Networking with Server
Control Control
or
Action or Action
Client Client
Partial Partial
State State
Display
Display
Random
• Push Actions
to Server
Rules
• Let Server or
Other Players
Validate
Server
State
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

8. Security eBooks
Proxy Security
Some online games dangerously include a SQL client and talk directly to the game server
Rules Validation
Data Validation
Validation
Message
Incoming
Message Database
• Protecting Database from SQL injection / direct queries
• Allows Rules Validation on Server or reallocation to other
players
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

9. Security eBooks
• How “out of synch” should players
be allowed to get?
– Delays -There is effectively an
underlying notion of time “ticks” where
The Trouble with
–
the game must stop
Interaction – There is an important
game play notion of how players are able
Time
to interact with each other (action/re-
action) in terms of information available. •
For a network game this sets a notion of Lifecycle of a Network Player
“minimum duration”. Action
– Interference – The interaction of – Decision – the instant at which the
different player actions need to have action enters the game play engine
reasonable and understandable – Commitment – the instant before
consequences based on each player’s which the action will be automatically
notion of state and action. aborted/changed to address new
– Prediction & Confusion – The incoming information that was not
interaction of the player presentation and available
the actual game state can become – Success – the instant after which the
complicated by poor predictions by the action has some probability of
game presentation engine and the actual resolving successfully.
actions of the remote player. This is a – Resolution – the instant when the
problem for presentation & control action triggers consequences in the
• How long does something take? game
– Click-driven play fails for network games play engine.
– when computers must share or – Conclusion – the instant after which
coordinate state, simple physical the player is allowed to choose a
interaction as a basis for temporal next action
control breaks down
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

10. Security eBooks
Platform and Architectural Security Issues
• Increasing complexity often leads to architectural compromises… often
unintentional
– Move from traditional games to more complicated games may undermine
server-based model
• Frequent examples in MMOs and casual games
• Server-based model is not the only security approach
– Server-based design does not necessarily address player trust issues
• Why should players trust the server?
• How can the operator trust the developer?
• How can the regulator trust anyone?
– Server-based design does not solve all threats
• Distributed and Peer-based Designs have potential benefits
• Developers are often the biggest “cheaters”
– Implicit design decisions can have substantial, and surprising, security impacts
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

11. Security eBooks
What next?
• Don’t give up!
• More security presentations at:
http://free2secure.com/
• Check out my book “Protecting Games”
– Additional information at http://playnoevil.com/
• You can “win” the security game
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

12. Security eBooks
About Me
• Steven Davis
– 25+ Years of Security Expertise
– I have worked on everything from
online games and satellite TV to
Nuclear Command and Control and
military communications
• http://www.linkedin.com/in/playnoevil
– Author, “Protecting Games”
• Why Free2Secure?
– Security is too expensive and isn’t working. There has to be a better way.
I’m exploring these issues for IT security, ebooks, games, and whatever
else strikes my fancy at http://free2secure.com/
– Join me there, ask questions, challenge assumptions, let’s make things
better
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416