Presentation is loading. Please wait.

Presentation is loading. Please wait.

Anti-Cheating Mechanisms for Computer Games Michael Rudolph Jason Cook.

Published byLola Tirey Modified over 9 years ago

Similar presentations

Presentation on theme: "Anti-Cheating Mechanisms for Computer Games Michael Rudolph Jason Cook."— Presentation transcript:

1 Anti-Cheating Mechanisms for Computer Games Michael Rudolph Jason Cook

2 Brief history of cheating  Cheats have been around about as long as video games have, but early on these were inserted by the developer to aid in debugging  Only become a problem when games were starting to be played over Internet around early to mid-90’s  Developer released patches to fix these cheats along with other bugs that may have been in the game  Anti-cheating mechanism a major concern for developers after Counter-strike created and released in 2000

3 Techniques for cheating  Hard coded hacks – earliest form of hacks, uses modified game files to cheat. Used in games as early as Doom because of the monolithic architecture of the game. Easily defeated by checking file sizes and config files for known cheats before joining game server  OpenGL driver hacks – modifies OpenGL graphics driver on client machine. Allows for wallhacks by altering driver so that they are drawn transparently, disabled smoke/flashbang effects, also disables “fog of war” in RTS games.  Client DLL hooks – most popular form of gaming hack now, due to its relative difficulty to detect. The game is loaded through an external client loading program, which injects or hooks DLL cheat instructions into game code at execution time. This is the type of cheat that will be covered in detail.

4 Why do games use.DLLs?  A dynamic link library (.DLL) is a collection of small programs, any of which can be called when needed by a larger program.  Saves space in memory because.DLLs don't get loaded into RAM with the main program. A.DLL file is loaded and run if and when needed..DLL files are dynamically linked with the program that uses them during program execution rather than being compiled with the main program.  When the functions in a.DLL change, the applications that use them do not need to be recompiled or relinked as long as the function arguments, calling conventions, and return values do not change. .DLLs provide a way to modularize applications so they can be loaded, updated, and reused more easily.  API’s such as OpenGL and DirectX implemented through.DLL’s.

5 How are client hooks developed?  Required knowledge of C/C++ programming and assembly – new would-be hackers often told to start learning C and ask again in a year  Knowledge of OpenGL and DirectX API’s also very useful  Some game develop SDK’s for the purpose of fostering a “mod community” – helps in finding out information for developing hacks  Not releasing SDK’s for games not necessarily a preventative measure for cheating – games have been hacked since original DOOM, when only relatively sparse user creation tools were created (custom skins, level builder, but no way to develop total conversions)  Tutorials available for creating DLL hacks  Client loading executables for injecting cheat code at runtime also available on Internet

6 Client Hook “detours” execution to do what the hacker wants to do then “trampolines” execution back to the program Picture from http://wiki.counter-hack.net/howhackswork How a Client Hook Works

7 Solutions to cheats?  Obfuscate.dll files – Q3 based games have done this by changing them to.qvm files – hooks still available for games that use.qvm  PunkBuster – third-party utility used by many recent titles. Acts kind of like an anti-virus program in that it scans the game’s memory space for known hacks, and kicks players upon finding cheats  Early attempts to defeat PunkBuster attacked PB itself – EvenBalance responds by issuing a “global ban” on hard drives that have used PB attacks  Current hacks simply try to spoof PB to avoid this risk

8 End Result

9

10

11

12  Constant back and forth battle between hackers and developers – hackers develop cheat, eventually is discovered and fixed by developers, hackers develop more sophisticated hack, etc.  Recent development – Quake III source code released under GPL August 2005. End of security through obscurity for Q3 engine?  Hacks still being developed for Q3 engine based games – new W:ET hacks released as recent as one week ago  Hacks for recent id games (Doom 3, Quake 4) few and far between – only OpenGL hacks available as of now. Conclusion

Download ppt "Anti-Cheating Mechanisms for Computer Games Michael Rudolph Jason Cook."

Similar presentations

New Security Issues Raised by Open Cards Pierre GirardJean-Louis Lanet GERMPLUS R&D.

New Security Issues Raised by Open Cards Pierre GirardJean-Louis Lanet GERMPLUS R&D.
Online Game Security - Quake III and its Hacks - (related paper: A Systematic Classification of Cheating in Online Games, Jeff Yanand and Brian Randell.

Online Game Security - Quake III and its Hacks - (related paper: A Systematic Classification of Cheating in Online Games, Jeff Yanand and Brian Randell.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.

Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
Mr. D. J. Patel, AITS, Rajkot 1 Operating Systems, by Dhananjay Dhamdhere1 Static and Dynamic Memory Allocation Memory allocation is an aspect of a more.

Mr. D. J. Patel, AITS, Rajkot 1 Operating Systems, by Dhananjay Dhamdhere1 Static and Dynamic Memory Allocation Memory allocation is an aspect of a more.
Operating System Security : David Phillips A Study of Windows Rootkits.

Operating System Security : David Phillips A Study of Windows Rootkits.
RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.

RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.
Day 4-1-1 anti-virus 3-3-1.anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
1 Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code (DOME) Subha Ramanathan & Arun Krishnamurthy Nov 15, 2005.

1 Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code (DOME) Subha Ramanathan & Arun Krishnamurthy Nov 15, 2005.
1 Code/DLL Injection ECE4112 – Internetwork Security Georgia Institute of Technology By Andrei Bersatti and Brandon Harrington.

1 Code/DLL Injection ECE4112 – Internetwork Security Georgia Institute of Technology By Andrei Bersatti and Brandon Harrington.
Chapter 5: Common Support Problems

Chapter 5: Common Support Problems
Hastings Purify: Fast Detection of Memory Leaks and Access Errors.

Hastings Purify: Fast Detection of Memory Leaks and Access Errors.
Chapter 8 Runtime Support. How program structures are implemented in a computer memory? The evolution of programming language design has led to the creation.

Chapter 8 Runtime Support. How program structures are implemented in a computer memory? The evolution of programming language design has led to the creation.
Status – Week 291 Victor Moya. Tracing 3D applications Three layers or levels for tracing: Three layers or levels for tracing: 3D Appl API Driver GPU.

Status – Week 291 Victor Moya. Tracing 3D applications Three layers or levels for tracing: Three layers or levels for tracing: 3D Appl API Driver GPU.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Software Development and Software Loading in Embedded Systems.

Software Development and Software Loading in Embedded Systems.
CHAPTER 1: INTORDUCTION TO C LANGUAGE

CHAPTER 1: INTORDUCTION TO C LANGUAGE
Systems Software Operating Systems.

Systems Software Operating Systems.
JAVA v.s. C++ Programming Language Comparison By LI LU SAMMY CHU By LI LU SAMMY CHU.

JAVA v.s. C++ Programming Language Comparison By LI LU SAMMY CHU By LI LU SAMMY CHU.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Chapter 2 Build Your First Project A Step-by-Step Approach 2 Exploring Microsoft Visual Basic 6.0 Copyright © 1999 Prentice-Hall, Inc. By Carlotta Eaton.

Chapter 2 Build Your First Project A Step-by-Step Approach 2 Exploring Microsoft Visual Basic 6.0 Copyright © 1999 Prentice-Hall, Inc. By Carlotta Eaton.

Similar presentations

Ads by Google