463 0 2 class project
Download
Skip this Video
Download Presentation
463.0.2 Class Project

Loading in 2 Seconds...

play fullscreen
1 / 22

463.0.2 Class Project - PowerPoint PPT Presentation


  • 106 Views
  • Uploaded on

463.0.2 Class Project. UIUC CS463 Computer Security. Outline. Online games Game Hacking 101 Project Schedule. Online Games. Exceedingly popular Excellent examples of massively distributed systems Push the limits of software technology Time and state are big issues

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' 463.0.2 Class Project' - sancho


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
463 0 2 class project

463.0.2 Class Project

UIUC CS463

Computer Security

outline
Outline
  • Online games
  • Game Hacking 101
  • Project Schedule
online games
Online Games
  • Exceedingly popular
  • Excellent examples of massively distributed systems
  • Push the limits of software technology
  • Time and state are big issues
  • Cheating pays off in MMORPGs
managing state
Managing State
  • Clients have to manage state
  • The internet is too slow to allow game state to reside on the server
  • Allowing the client to manage state is a security risk
two kinds of cheating
Two kinds of cheating
  • “Exploits”
    • Taking advantage of program bugs
    • Race conditions
    • Seeing things you aren’t supposed to see
  • Bots
    • Both AFK and non-AFK
    • Building something that controls the game for you
hacking the game
Hacking the game
  • Going over the game
  • Getting in the game
  • Getting under the game
  • Standing way outside the game
going over the game
Going over the game
  • Controlling the user interface
  • Botting is about going over the game
  • This happens because parts of the game are boring
    • Grinding
    • Farming
  • Can also make gaming easier
    • “Stupid Warlock Button”
    • Automated combat
getting in the game
Getting in the game
  • Manipulating the data in the game
  • Finding registers and changing them
  • Change your coordinates to “teleport” around the game
getting under the game
Getting Under the game
  • Games rely on DLLs and video cards
  • You can inject your own DLLs that effect game rendering
    • Wall Hack
standing way outside the game
Standing Way Outside the Game
  • Manipulating communication between client and server
  • This is often difficult because encryption is used on the wire
countermeasures
Countermeasures
  • The Warden
    • Monitors the processes on a machine
    • Prevents users from running bots etc. that are separate from the main process
    • Also looks at calls to DLLs
    • Is this crossing the line?
  • Account banning
resources
Resources
  • Book: Exploiting Online Games by Greg Hoglund and Gary McGraw
  • http://www.exploitingonlinegames.com/
    • Gary McGraw’s lecture available
    • Chapters 2 and 6 available
4 phases
4 Phases
  • Analysis of an existing game
  • Propose a new architecture for your chosen game
  • Build a prototype
  • Analyze someone else’s project
phase 1
Phase 1
  • Choose a partner or 2 (you have to work in teams of 2-3)
  • Choose an MMORPG (World of Warcraft is off limits)
  • Learn about the architecture of the game and the hacks, and cheats available
  • Also, what countermeasures are in place
  • A 15 to 20 page paper for this phase is due Feb. 15th
phase 2
Phase 2
  • Propose a new architecture for your chosen game
  • Discuss tradeoffs between security and performance that you had to make
  • Also talk about how you counter the known hacks
  • Define the scope of your prototype
  • A 15 page paper is due Feb. 29th
phase 3
Phase 3
  • Build part of your proposed architecture
  • Prepare a demo
  • More details on demo prep to come
  • This is due April 18th
phase 4
Phase 4
  • Your papers and demo will be handed over to another team
  • Your job will be to analyze how they stand up to known hacks for their chosen game
  • Your score won’t be lowered based on a negative peer review
  • Due May 2
calendar
Calendar
  • Project stage 1 (analysis): Friday, February 15.
  • Project stage 2 (proposed architecture fixes): Friday, February 29. (We will plan on providing feedback by March 7.)
  • Project stage 3 (demo): Friday, April 18.
  • Project stage 4 (peer review): Friday, May 2.
ad