463 0 2 class project
This presentation is the property of its rightful owner.
Sponsored Links
1 / 22

463.0.2 Class Project PowerPoint PPT Presentation


  • 82 Views
  • Uploaded on
  • Presentation posted in: General

463.0.2 Class Project. UIUC CS463 Computer Security. Outline. Online games Game Hacking 101 Project Schedule. Online Games. Exceedingly popular Excellent examples of massively distributed systems Push the limits of software technology Time and state are big issues

Download Presentation

463.0.2 Class Project

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


463 0 2 class project

463.0.2 Class Project

UIUC CS463

Computer Security


Outline

Outline

  • Online games

  • Game Hacking 101

  • Project Schedule


Online games

Online Games

  • Exceedingly popular

  • Excellent examples of massively distributed systems

  • Push the limits of software technology

  • Time and state are big issues

  • Cheating pays off in MMORPGs


Basic architecture of mmos

Basic Architecture of MMOs


Internal architecture

Internal Architecture


Managing state

Managing State

  • Clients have to manage state

  • The internet is too slow to allow game state to reside on the server

  • Allowing the client to manage state is a security risk


Game hacking 101

Game Hacking 101


Two kinds of cheating

Two kinds of cheating

  • “Exploits”

    • Taking advantage of program bugs

    • Race conditions

    • Seeing things you aren’t supposed to see

  • Bots

    • Both AFK and non-AFK

    • Building something that controls the game for you


Hacking the game

Hacking the game

  • Going over the game

  • Getting in the game

  • Getting under the game

  • Standing way outside the game


Going over the game

Going over the game

  • Controlling the user interface

  • Botting is about going over the game

  • This happens because parts of the game are boring

    • Grinding

    • Farming

  • Can also make gaming easier

    • “Stupid Warlock Button”

    • Automated combat


Getting in the game

Getting in the game

  • Manipulating the data in the game

  • Finding registers and changing them

  • Change your coordinates to “teleport” around the game


Getting under the game

Getting Under the game

  • Games rely on DLLs and video cards

  • You can inject your own DLLs that effect game rendering

    • Wall Hack


Standing way outside the game

Standing Way Outside the Game

  • Manipulating communication between client and server

  • This is often difficult because encryption is used on the wire


Countermeasures

Countermeasures

  • The Warden

    • Monitors the processes on a machine

    • Prevents users from running bots etc. that are separate from the main process

    • Also looks at calls to DLLs

    • Is this crossing the line?

  • Account banning


Resources

Resources

  • Book: Exploiting Online Games by Greg Hoglund and Gary McGraw

  • http://www.exploitingonlinegames.com/

    • Gary McGraw’s lecture available

    • Chapters 2 and 6 available


Your project

Your Project


4 phases

4 Phases

  • Analysis of an existing game

  • Propose a new architecture for your chosen game

  • Build a prototype

  • Analyze someone else’s project


Phase 1

Phase 1

  • Choose a partner or 2 (you have to work in teams of 2-3)

  • Choose an MMORPG (World of Warcraft is off limits)

  • Learn about the architecture of the game and the hacks, and cheats available

  • Also, what countermeasures are in place

  • A 15 to 20 page paper for this phase is due Feb. 15th


Phase 2

Phase 2

  • Propose a new architecture for your chosen game

  • Discuss tradeoffs between security and performance that you had to make

  • Also talk about how you counter the known hacks

  • Define the scope of your prototype

  • A 15 page paper is due Feb. 29th


Phase 3

Phase 3

  • Build part of your proposed architecture

  • Prepare a demo

  • More details on demo prep to come

  • This is due April 18th


Phase 4

Phase 4

  • Your papers and demo will be handed over to another team

  • Your job will be to analyze how they stand up to known hacks for their chosen game

  • Your score won’t be lowered based on a negative peer review

  • Due May 2


Calendar

Calendar

  • Project stage 1 (analysis): Friday, February 15.

  • Project stage 2 (proposed architecture fixes): Friday, February 29. (We will plan on providing feedback by March 7.)

  • Project stage 3 (demo): Friday, April 18.

  • Project stage 4 (peer review): Friday, May 2.


  • Login