2006. 2. 9 A Taxonomy of Online Game Attacks and Defenses Presentation Computer and Communication Security Laboratory Korea University.

Slides:

Advertisements

Similar presentations

An Approach to Wrap Legacy Applications into Web Services Wesal Al Belushi, Youcef Baghdadi Department of Computer Science, Sultan Qaboos University, Sultanate.

Advertisements

Online Game Security - Quake III and its Hacks - (related paper: A Systematic Classification of Cheating in Online Games, Jeff Yanand and Brian Randell.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

SECURING NETWORKS USING SDN AND MACHINE LEARNING DRAGOS COMANECI –

Chirag N. Modi and Prof. Dhiren R. Patel NIT Surat, India Ph. D Colloquium, CSI-2011 Signature Apriori based Network.

University of Zagreb MMVE 2012 workshop1 Towards Reinterpretation of Interaction Complexity for Load Prediction in Cloud-based MMORPGs Mirko Sužnjević,

Network Intrusion Detection Using Random Forests Jiong Zhang Mohammad Zulkernine School of Computing Queen's University Kingston, Ontario, Canada.

CORE KAIST EECS Computer Engineering Research Lab A General Purpose Proxy Filtering Mechanism Applied to the Mobile Environment Bruce Zenel Jupyung Lee.

Project Proposal Interface Design Website Coding Website Testing & Launching Website Maintenance.

Attacks Against Database By: Behnam Hossein Ami RNRN i { }

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.

Division of IT Convergence Engineering Towards Unified Management A Common Approach for Telecommunication and Enterprise Usage Sung-Su Kim, Jae Yoon Chung,

Honeypot and Intrusion Detection System

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Software Security Testing Vinay Srinivasan cell:

nd Joint Workshop between Security Research Labs in JAPAN and KOREA Profile-based Web Application Security System Kyungtae Kim High Performance.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Chapter 14 Part II: Architectural Adaptation BY: AARON MCKAY.

1 Firewalls G53ACC Chris Greenhalgh. 2 Contents l Attacks l Principles l Simple filters l Full firewall l Books: Comer ch

 Chapter 14 – Security Engineering 1 Chapter 12 Dependability and Security Specification 1.

Detecting Targeted Attacks Using Shadow Honeypots Authors: K.G. Anagnostakis, S. Sidiroglou, P. Akritidis, K. Xinidis, E. Markatos, A.D. Keromytis Published:

Lecture 20 Hacking. Over the Internet Over LAN Locally Offline Theft Deception Modes of Hacker Attack.

A System for Denial-of- Service Attack Detection Based on Multivariate Correlation Analysis.

4 - 1 Copyright © 2006, The McGraw-Hill Companies, Inc. All rights reserved. Computer Software Chapter 4.

I-Hack’08 International Hacking Competition “Details”

nd Joint Workshop between Security Research Labs in JAPAN and KOREA Marking Scheme for Semantic- aware Web Application Security HPC.

1 HoneyNets. 2 Introduction Definition of a Honeynet Concept of Data Capture and Data Control Generation I vs. Generation II Honeynets Description of.

Network Perimeter Defense Josef Pojsl, Martin Macháček, Trusted Network Solutions, Inc.

Secui.com Goh, Kyeongwon Secui.com Goh, Kyeongwon GRID Security Infrastructure

Unconstrained Endpoint Profiling Googling the Internet Ionut Trestian, Supranamaya Ranjan, Alekandar Kuzmanovic, Antonio Nucci Reviewed by Lee Young Soo.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

4061 Session 26 (4/19). Today Network security Sockets: building a server.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Unix Security Assessing vulnerabilities. Classifying vulnerability types Several models have been proposed to classify vulnerabilities in UNIX-type Oses.

Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking Author : Tommy Chin Jr., Xenia Mountrouidou, Xiangyang Li and Kaiqi.

Security Distributed Systems Lecture # 14. Why care about security? Authentication Use another person’s ID for sending Non-repudiation E-commerce.

ICS-FORTH WISDOM Workpackage 3: New security algorithm design FORTH-ICS Update and plans for the next six months Heraklion, 4 th June 2007.

Slammer Worm By : Varsha Gupta.P 08QR1A1216.

Content Delivery Networks: Status and Trends Speaker: Shao-Fen Chou Advisor: Dr. Ho-Ting Wu 5/8/

1 NES554: Computer Networks Defense Course Overview.

Chapter 1 Real World Incidents Spring Incident Response & Computer Forensics.

1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

@Yuan Xue Worm Attack Yuan Xue Fall 2012.

FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.

Database and Cloud Security

TMG Client Protection 6NPS – Session 7.

Top 5 Open Source Firewall Software for Linux User

Network Security Analysis Name : Waleed Al-Rumaih ID :

Security mechanisms and vulnerabilities in .NET

Marking Scheme for Semantic-aware Web Application Security

Introduction to Networking

Chapter 27 Security Engineering

Intrusion Detection system

Identifying Slow HTTP DoS/DDoS Attacks against Web Servers DEPARTMENT ANDDepartment of Computer Science & Information SPECIALIZATIONTechnology, University.

Towards Unified Management

Presentation transcript:

A Taxonomy of Online Game Attacks and Defenses Presentation Computer and Communication Security Laboratory Korea University

Copyright © 2005 CCS lab., All rights reserved ㅊ 2 CONTENTS  INTRODUCTION  RESEARCH TREND  MOTIVATION  A TAXONOMY OF ONLINE GAME ATTACKS  RESPECTIVE ATTACKS AND DEFENSES MECHANISMS  EVALUATION  CONCLUSION

Copyright © 2005 CCS lab., All rights reserved ㅊ 3 The shining star area people are enjoying enthusiastically The emergence of online game cheating INTRODUCTION Sensational game popularity in Korea An example of game cheating

Copyright © 2005 CCS lab., All rights reserved ㅊ 4 J.J. Yan and Ying-Chieh etc. : Classifying some key security issues (International Conference on Information Technology: Coding and Computing, 2005.) Matt Pritchard : Patterning online game hacker’s rules out (Information Security, 2001.) Brian Neil Levine, etc. : Secure online game network architecture (Global Telecommunications Conference Workshops, 2004.) Brenda Harger etc. : Secure online game interface design (International Conference on Entertainment Computing 2004) Christopher Ruggles etc. : The external factor of online game security (International Federation for Information Processing 2005) RESEARCH TREND

Copyright © 2005 CCS lab., All rights reserved ㅊ 5 Classifying online game attacks with respect to vulnerable spots to know what threats exist in online game Analyzing the principles of respective attack Proposing defense mechanisms Evaluating applied defense mechanisms to online games MOTIVATION

Copyright © 2005 CCS lab., All rights reserved ㅊ 6 A definition of game cheating II+1 Game variable set GS = {Memory, File, Time, Event, Packet} J Game cheatingNormal play J ≠ I+1

Copyright © 2005 CCS lab., All rights reserved ㅊ 7 A taxonomy of online game attacks

Copyright © 2005 CCS lab., All rights reserved ㅊ 8 A taxonomy of online game attacks

Copyright © 2005 CCS lab., All rights reserved ㅊ 9 Server attacks Session server Database server Game state computation server Update server FTP server Server directory attack Buffer overflow attack Inadequate parameter attack SQL injection attack Backdoor attack Game server group Top Five Server Attack Techniques

Copyright © 2005 CCS lab., All rights reserved ㅊ 10 Server countermeasure Item ID Item max transfer value Item max transaction number User 1 User 2 ……… … … … …

Copyright © 2005 CCS lab., All rights reserved ㅊ 11 Online game network architecture

Copyright © 2005 CCS lab., All rights reserved ㅊ 12 Network attacks Game client Proxy server Game client (An attacker) Game server group Packet fabrication attack for game packet analysis Packet pace attack for game packet speed or acceptance control Packet flooded attack (DDoS) for game service interruption Controlling packet Client traffic control Appling Random Pseudo Number to game packet for PACKET DISIMMILIARITY

Copyright © 2005 CCS lab., All rights reserved ㅊ 13 Client attacks

Copyright © 2005 CCS lab., All rights reserved ㅊ 14 Memory alteration attack

Copyright © 2005 CCS lab., All rights reserved ㅊ 15 Memory alteration attack

Copyright © 2005 CCS lab., All rights reserved ㅊ 16 Memory alteration countermeasure VirtualAllocMemory OpenProcess ReadMemory WriteMemory Memory access functions Access denied by moving function execution pointers

Copyright © 2005 CCS lab., All rights reserved ㅊ 17 File fabrication attack A file fabrication attack made the target mark more accurate form.

Copyright © 2005 CCS lab., All rights reserved ㅊ 18 File fabrication countermeasure Game client Game server group The latest file checksum inspection when running a game

Copyright © 2005 CCS lab., All rights reserved ㅊ 19 Time frame-up attack

Copyright © 2005 CCS lab., All rights reserved ㅊ 20 Time frame-up attack countermeasure timeGetTime QueryPerformanceCounter Timer functions Access denied by moving function execution pointers Time synchronization check between server and client

Copyright © 2005 CCS lab., All rights reserved ㅊ 21 Time frame-up attack countermeasure algorithm

Copyright © 2005 CCS lab., All rights reserved ㅊ 22 Event faking attack

Copyright © 2005 CCS lab., All rights reserved ㅊ 23 Event faking countermeasure MouseEvent KeyEvent Check repetition actions by using simple data structure Event functions Checking events and access denied to event class

Copyright © 2005 CCS lab., All rights reserved ㅊ 24 Fraud Social engineering Internal absurdity Collusion User attacks

Copyright © 2005 CCS lab., All rights reserved ㅊ 25 Evaluation

Copyright © 2005 CCS lab., All rights reserved ㅊ 26 Evaluation

Copyright © 2005 CCS lab., All rights reserved ㅊ 27 The contribution of an attack classification The importance of identifying attack mechanisms Building up the defense mechanisms focusing the anomaly the attacker provokes Future work : Developing more accurate and reliable anomaly-detection solutions to online games Conclusion