[MA] Construction of Secure Anti-Cheat Systems

  • Name:

    Construction of Secure Anti-Cheat Systems

  • Venue:

    Ge. 50.34, SR 252 und online: https://i62bbb.tm.kit.edu/b/mic-7xx-rfr

  • Date:


  • Time:


  • With the popularity of online multiplayer games there is also an inherent need for securing
    a fair game to all players. Some players actively try to achieve an advantage over other
    players by measures that are not part of the game. These measures are casually also
    referred to as hacks or cheats. Hacks can be constructed in multiple ways, ranging from
    social engineering to low level packet modification and network replay attacks.
    For game developers the need emerged to counter these hacks with so-called anti-
    cheat systems. The purpose of an anti-cheat system is to not let possible game hacks go
    undetected and act on findings. The anti-cheat system should provide state-of-the art
    detection and anti-tampering techniques to prevent hacks. If a game hack is detected
    this often leads to permanent banning of the hacker from game services. This thesis
    provides a technological deep dive into techniques used for constructing game hacks as
    well as counter measures that help to prevent them. For this we have constructed our own
    solution to the problem called Re:Guard anti-cheat. Foundation for Re:Guard anti-cheat
    was an in-depth security analysis of existing anti-cheat solutions under consideration
    of cryptographic primitives and general usability. Re:Guard anti-cheat was developed
    with practices against state-of-the-art game hacking techniques as well as technological
    knowledge of game hackers. Re:Guard provides a holistic approach to anti-cheat systems,
    securing game servers as well as game clients from malicious activity. We implemented
    Re:Guard anti-cheat with the following modules usable for further research and evaluation:
    anti-cheat client and server, anomaly analysis server, hack tools for evaluation of cheat
    development, obfuscator for binaries and a demo game as well as demo cheats for testing.
    Some techniques used in Re:Guard anti-cheat can generally not be found in academia for
    this use case. Hacking techniques such as Random API Hashing and Mid-Function-Hooks as
    well as forensic investigation techniques such as Variadic Client Code Integrity Validation
    or Code Entropy Analysis are introduced in this thesis for further use. These techniques
    are listed for reproducibility of the thesis’ results as well as for educational purposes. The
    source code for Re:Guard anti-cheat is protected under the AGPL license.
    Our evaluation findings indicate that future research should be done regarding data
    privacy in anti-cheat systems as well as extension of academic systems for fraud prevention.