Top

Published in:

2021 | OriginalPaper | Chapter

Detecting Video-Game Injectors Exchanged in Game Cheating Communities

Authors : Panicos Karkallis, Jorge Blasco, Guillermo Suarez-Tangil, Sergio Pastrana

Published in: Computer Security – ESORICS 2021

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Video game cheats destroy the online play experience of users and result in financial losses for game developers. Similar to hacking communities, cheat developers often organize themselves around forums where they share game cheats and know-how. In this paper, we perform a large-scale measurement of two online forums, MPGH and UnknownCheats, devoted to video game cheating that are nowadays very active and altogether have more than 7 million posts. Video game cheats often require an auxiliary tool to access the victim process, i.e., an injector. This is a type of program that manipulates the game program memory, and it is a key piece for evading cheat detection on the client side. We leverage the output of our measurement study to build a machine learning classifier that identifies injectors based on their behavioural traits. Our system will help game developers and the anti-cheat industry to identify attack vectors more quickly and will reduce the barriers to study this topic within the academic community.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter An Explainable Online Password Strength Estimator

next chapter Revocable Policy-Based Chameleon Hash

Available only for authorised users

Data extracted from https://steamcharts.com/app/730 on 16th April 2021.

https://www.mpgh.net/.

https://www.unknowncheats.me/.

https://www.cambridgecybercime.uk.

In the remainder of the paper, we use the terms ‘user’ and ‘actor’ indistinguishably to refer a forum account uniquely identified by a user ID.

As a result of our work, these attachments have been included in the CrimeBB catalog, and are thus available for other researchers under a legal agreement with the Cambridge Cybercrime Centre.

https://store.steampowered.com Accessed on 10th May 2021.

Some attachments are duplicated or re-released in different posts.

https://github.com/erocarrera/pefile Accessed on 10th May 2021.

https://www.virustotal.com Accessed on 10th May 2021.

https://community.mcafee.com/t5/Malware/quot-False-Artemis-4DD89AF63CF7-quot/m-p/521383 Accessed on 10th May 2021.

https://github.com/tarekwiz/LeagueDumper Accessed on 10th May 2021.

https://support-valorant.riotgames.com/hc/en-us/articles/360046160933.

Allodi, L.: Economic factors of vulnerability trade and exploitation. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 1483–1499. ACM (2017)

Blackburn, J., Kourtellis, N., Skvoretz, J., Ripeanu, M., Iamnitchi, A.: Cheating in online games: a social network perspective. ACM Trans. Internet Technol. (TOIT) 13(3), 1–25 (2014)CrossRef

Breiman, L., et al.: Arcing classifier (with discussion and a rejoinder by the author). Ann. Stat. 26(3), 801–849 (1998)CrossRef

Cano, N.: Game hacking: developing autonomous bots for online games. No Starch Press (2016)

Chen, Y., Wang, S., She, D., Jana, S.: On training robust pdf malware classifiers. In: 29th USENIX Security Symposium USENIX Security 20), pp. 2343–2360 (2020)

Chinchor, N., Sundheim, B.M.: Muc-5 evaluation metrics. In: Fifth Message Understanding Conference (MUC-5): Proceedings of a Conference Held in Baltimore, Maryland, 25–27 August, 1993 (1993)

Chumachenko, K.: Machine learning methods for malware detection and classification. The annals of statistics (2017)

Clayton, R.: The impact of lockdown on dos-for-hire. Tech. rep., Cambridge Cybercrime Centre COVID Briefing Papers, July 2020. https://www.cambridgecybercrime.uk/COVID/COVIDbriefing-3.pdf

Duh, H.B.-L., Chen, V.H.H.: Cheating behaviors in online gaming. In: Ozok, A.A., Zaphiris, P. (eds.) OCSC 2009. LNCS, vol. 5621, pp. 567–573. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02774-1_61CrossRef

10.

Feng, W.C., Kaiser, E., Schluessler, T.: Stealth measurements for cheat detection in on-line games. In: Proceedings of the 7th ACM SIGCOMM Workshop on Network and System Support for Games, pp. 15–20. NetGames 2008. Association for Computing Machinery, New York (2008). https://doi.org/10.1145/1517494.1517497. https://doi.org/10.1145/1517494.1517497

11.

Fields, D.A., Kafai, Y.B.: “stealing from grandma” or generating cultural knowledge? contestations and effects of cheating in a tween virtual world. Games Culture 5(1), 64–87 (2010)

12.

FireEye: Capa. https://github.com/fireeye/capa, https://github.com/fireeye/capa. Accessed July 2020

13.

Glaser, B.G., Strauss, A.L., Strutzel, E.: The discovery of grounded theory; strategies for qualitative research. Nurs. Res. 17(4), 364 (1968)CrossRef

14.

Hughes, J., Collier, B., Hutchings, A.: From playing games to committing crimes: a multi-technique approach to predicting key actors on an online gaming forum. In: 2019 APWG Symposium on Electronic Crime Research (eCrime). IEEE (2019)

15.

Hutchings, A., Pastrana, S.: Understanding ewhoring. In: 2019 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 201–214. IEEE (2019)

16.

Jordaney, R., Sharad, K., Dash, S.K., Wang, Z., Papini, D., Nouretdinov, I., Cavallaro, L.: Transcend: detecting concept drift in malware classification models. In: 26th USENIX Security Symposium (USENIX Security 2017), pp. 625–642. USENIX Association, Vancouver, BC, August 2017. https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/jordaney

17.

Koskinas, P., Paloetti, M.: Anti-cheat in lol ( & more), May 2020 https://na.leagueoflegends.com/en-us/news/dev/dev-anti-cheat-in-lol-more/. https://na.leagueoflegends.com/en-us/news/dev/dev-anti-cheat-in-lol-more/. Accessed on May 2020

18.

Lee, E., Woo, J., Kim, H., Kim, H.K.: No silk road for online gamers! using social network analysis to unveil black markets in online games. In: Proceedings of the 2018 World Wide Web Conference, pp. 1825–1834 (2018)

19.

Liu, D., Gao, X., Zhang, M., Wang, H., Stavrou, A.: Detecting passive cheats in online games via performance-skillfulness inconsistency. In: 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 615–626. IEEE (2017)

20.

Motoyama, M., McCoy, D., Levchenko, K., Savage, S., Voelker, G.M.: An analysis of underground forums. In: Proceedings of the 2011 ACM SIGCOMM conference on Internet Measurement Conference, pp. 71–80. ACM (2011)

21.

Narula, H.: A billion new players are set to transform the gaming industry, December 2019. https://www.wired.co.uk/article/worldwide-gamers-billion-players. https://www.wired.co.uk/article/worldwide-gamers-billion-players. Accessed on May 2020

22.

National Cyber Crime Unit/Prevent Team: Pathways into cyber crime, January 2017. https://www.nationalcrimeagency.gov.uk/who-we-are/publications/6-pathways-into-cyber-crime-1/file. Accessed July 2020

23.

Onwuzurike, L., Mariconti, E., Andriotis, P., Cristofaro, E.D., Ross, G., Stringhini, G.: Mamadroid: detecting android malware by building Markov chains of behavioral models (extended version). ACM Trans. Privacy Secur. (TOPS) 22(2), 1–34 (2019)CrossRef

24.

Pastrana, S., Hutchings, A., Caines, A., Buttery, P.: Characterizing eve: analysing cybercrime actors in a large underground forum. In: Bailey, M., Holz, T., Stamatogiannakis, M., Ioannidis, S. (eds.) RAID 2018. LNCS, vol. 11050, pp. 207–227. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-00470-5_10CrossRef

25.

Pastrana, S., Thomas, D.R., Hutchings, A., Clayton, R.: Crimebb: enabling cybercrime research on underground forums at scale. In: Proceedings of the 2018 World Wide Web Conference, pp. 1845–1854 (2018). https://doi.org/10.1145/3178876.3186178

26.

Pedregosa, F., Varoquaux, G., Gramfort, A., Michel, V., Thirion, B., Grisel, O., Blondel, M., Prettenhofer, P., Weiss, R., Dubourg, V., Vanderplas, J., Passos, A., Cournapeau, D., Brucher, M., Perrot, M., Duchesnay, E.: Scikit-learn: machine learning in Python. J. Mach. Learn. Res. 12, 2825–2830 (2011)MathSciNetMATH

27.

Portnoff, R.S., Afroz, S., Durrett, G., Kummerfeld, J.K., Berg-Kirkpatrick, T., McCoy, D., Levchenko, K., Paxson, V.: Tools for automated analysis of cybercriminal markets. In: Proceedings of 26th International World Wide Web Conference (WWW) (2017)

28.

Richter, J., Nasarre, C.: Windows via C/C++. Microsoft Press, 5th edn., November 2007

29.

Shannon, C.E.: A mathematical theory of communication. Bell Syst. Tech. J. 27(3), 379–423 (1948)MathSciNetCrossRef

30.

Sherena.johnson@nist.gov: Nist special database 28, September 2020. https://www.nist.gov/srd/nist-special-database-28

31.

Witschel, T., Wressnegger, C.: Aim low, shoot high: evading aimbot detectors by mimicking user behavior. In: Proceedings of the 13th European workshop on Systems Security, pp. 19–24 (2020)

32.

Woo, J., Kang, S.W., Kim, H.K., Park, J.: Contagion of cheating behaviors in online social networks. IEEE Access 6, 29098–29108 (2018)CrossRef

Title: Detecting Video-Game Injectors Exchanged in Game Cheating Communities
Authors: Panicos Karkallis
Jorge Blasco
Guillermo Suarez-Tangil
Sergio Pastrana
Publisher: Springer International Publishing
Book: Computer Security – ESORICS 2021
Print ISBN: 978-3-030-88417-8

Electronic ISBN: 978-3-030-88418-5

Copyright Year: 2021
DOI: https://doi.org/10.1007/978-3-030-88418-5_15

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner