skip to main content
10.1145/1653662.1653694acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

Battle of Botcraft: fighting bots in online games with human observational proofs

Published: 09 November 2009 Publication History

Abstract

The abuse of online games by automated programs, known as game bots, for gaining unfair advantages has plagued millions of participating players with escalating severity in recent years. The current methods for distinguishing bots and humans are based on human interactive proofs (HIPs), such as CAPTCHAs. However, HIP-based approaches have inherent drawbacks. In particular, they are too obtrusive to be tolerated by human players in a gaming context. In this paper, we propose a non-interactive approach based on human observational proofs (HOPs) for continuous game bot detection. HOPs differentiate bots from human players by passively monitoring input actions that are difficult for current bots to perform in a human-like manner. We collect a series of user-input traces in one of the most popular online games, World of Warcraft. Based on the traces, we characterize the game playing behaviors of bots and humans. Then, we develop a HOP-based game bot defense system that analyzes user-input actions with a cascade-correlation neural network to distinguish bots from humans. The HOP system is effective in capturing current game bots, which raises the bar against game exploits and forces a determined adversary to build more complicated game bots for detection evasion in the future.

References

[1]
A. A. E. Ahmed and I. Traore. A new biometric technology based on mouse dynamics. IEEE Trans. on Dependable and Secure Computing (TDSC), 4(3), 2007.
[2]
N. E. Baughman and B. N. Levine. Cheat-proof playout for centralized and distributed online games. In Proceedings of the 20th IEEE INFOCOM, Anchorage, AK, USA, April 2001.
[3]
BBC News Staff. Legal battle over warcraft 'bot'. http://news.bbc.co.uk/2/hi/technology/7314353.stm {Accessed: Jan. 30, 2009}.
[4]
J. Bennett. AutoIt: Automate and script windows tasks. http://www.autoit.com/ {Accessed: Apr. 20, 2009}.
[5]
F. Bergadano, D. Gunetti, and C. Picardi. User authentication through keystroke dynamics. ACM Trans. on Information and System Security (TISSEC), 5(4), 2002.
[6]
Blizzard Entertainment. MDY industries, LLC., vs. Blizzard Entertainment, Inc., and Vivendi Games, Inc. http://gamepolitics.com/images/legal/blizz-v-MDY.pdf {Accessed: Jan. 30, 2009}.
[7]
Blizzard Entertainment. World of Warcraft subscriber base reaches 11.5 million worldwide. http://eu.blizzard.com/en/press/081223.html {Accessed: Jul. 24, 2009}.
[8]
P. Caldwell. Blizzard bans 59,000 WOW accounts. http://www.gamespot.com/news/6154708.html {Accessed: Aug. 13, 2009}.
[9]
B. D. Chen and M. Maheswaran. A cheat controlled protocol for centralized online multiplayer games. In Proceedings of the 3rd ACM SIGCOMM NetGames, Portland, OR, USA, August 2004.
[10]
K.-T. Chen, J.-W. Jiang, P. Huang, H.-H. Chu, C.-L. Lei, and W.-C. Chen. Identifying MMORPG bots: A traffic analysis approach. In Proceedings of the 2006 ACM SIGCHI International Conference on Advances in Computer Entertainment Technology (ACE'06), June 2006.
[11]
K.-T. Chen, A. Liao, H.-K. K. Pao, and H.-H. Chu. Game bot detection based on avatar trajectory. In Proceedings of the 7th International Conference on Entertainment Computing, Pittsburgh, PA, USA, September 2008.
[12]
K.-T. Chen, H.-K. K. Pao, and H.-C. Chang. Game bot identification based on manifold learning. In Proceedings of the 7th ACM SIGCOMM NetGames, Worcester, MA, USA, October 2008.
[13]
E. Cronin, B. Filstrup, and S. Jamin. Cheat-proofing dead reckoned multiplayer games (extended abstract). In Proceedings of the 2nd International Conference on Application and Development of Computer Games, Hong Kong, China, January 2003.
[14]
Diablo 2 Guide. D2 bots. http://www.diablo2guide.com/bots.php {Accessed: Nov. 2, 2008}.
[15]
C. G. Dickey, D. Zappala, V. Lo, and J. Marr. Low latency and cheat-proof event ordering for peer-to-peer games. In Proceedings of the 14th ACM NOSSDAV, Cork, Ireland, June 2004.
[16]
DMW World. DMW anti-cheat system. http://www.dmwworld.com/viewfaq/show/374 {Accessed: Aug. 13, 2009}.
[17]
Even Balance Inc. PunkBuster online countermeasures. http://www.evenbalance.com {Accessed: Jul. 9, 2008}.
[18]
Exploits R Us. Ultima Online bots and cheats. http://www.exploitsrus.com/uo/bots.html {Accessed: Nov. 2, 2008}.
[19]
S. E. Fahlman and C. Lebiere. The cascade-correlation learning architecture. In Advances in Neural Information Processing Systems 2, 1990.
[20]
H. Gamboa and A. Fred. A behavioral biometric system based on human computer interaction. In Proceedings of SPIE: Biometric Technology for Human Identification, volume 5404, 2004.
[21]
S. Gianvecchio, M. Xie, Z. Wu, and H. Wang. Measurement and classification of humans and bots in internet chat. In Proceedings of the 17th USENIX Security Symposium, San Jose, CA, USA, July 2008.
[22]
P. Golle and N. Ducheneaut. Preventing bots from playing online games. Computers in Entertainment, 3(3), 2005.
[23]
G. Gu, R. Perdisci, J. Zhang, and W. Lee. BotMiner: Clustering analysis of network traffic for protocol- and structure-independent botnet detection. In Proceedings of the 17th USENIX Security Symposium, San Jose, CA, USA, July 2008.
[24]
G. Hoglund and G. McGraw. Exploiting Online Games: Cheating Massively Distributed Systems. No Starch Press, 2007.
[25]
R. Joyce and G. Gupta. Identity authentication based on keystroke latencies. Communications of the ACM, 33(2), 1990.
[26]
E. Kirda, C. Kruegel, G. Banks, G. Vigna, and R. Kemmerer. Behavior-based Spyware Detection. In Proceedings of the 15th USENIX Security Symposium, Vancouver, Canada, August 2006.
[27]
U. Kukreja, W. E. Stevenson, and F. E. Ritter. RUI - recording user input from interfaces under Windows and Mac OS X. Behavior Research Methods, Instruments, and Computers, 38(4):656--659, 2006.
[28]
C. McSherry. A new gaming feature? spyware. http://www.eff.org/deeplinks/2005/10/ new-gaming-feature-spyware {Accessed: Jul. 9, 2008}.
[29]
MDY Industries. MMO glider. http://www.mmoglider.com/ {Accessed: Nov. 2, 2008}.
[30]
W. Meloni. State of the game industry 2008. In GameOn Finance Conference, San Diego, CA, USA, October 2008.
[31]
S. Mitterhofer, C. Platzer, C. Kruegel, and E. Kirda. Server-side bot detection in massive multiplayer online games. IEEE Security and Privacy, 7(3), May/June 2009.
[32]
C. Mönch, G. Grimen, and R. Midtstraum. Protecting online games against cheating. In Proceedings of the 5th ACM SIGCOMM NetGames, Singapore, October 2006.
[33]
F. Monrose and A. Rubin. Authentication via keystroke dynamics. In Proceedings of the 4th ACM CCS, Zurich, Switzerland, April 1997.
[34]
I. Muttik. Securing virtual worlds against real attacks. http://www.mcafee.com/us/local_content/white_papers/threat_center/wp_online_gaming.pdf {Accessed: Nov. 2, 2008}.
[35]
A. Nazar. Synthesis and simulation of mouse dynamics. Master's thesis, University of Victoria, October 2007.
[36]
A. Nazar, I. Traore, and A. A. E. Ahmed. Inverse biometrics for mouse dynamics. International Journal of Pattern Recognition and Artificial Intelligence, 22(3):461--495, 2008.
[37]
P. Neva. Bots back in the box. http://www.secondlifeherald.com/slh/2006/11/bots_back_in_th.html {Accessed: Nov. 2, 2008}.
[38]
nProtect. nProtect GameGuard. http://eng.nprotect. com/nprotect_gameguard.htm {Accessed: Jul. 9, 2008}.
[39]
M. M. Owned. World of Warcraft bots and programs forum. http://www.mmowned.com/forums/bots-programs/ {Accessed: Jul. 21, 2009}.
[40]
A. Peacock, X. Ke, and M. Wilkerson. Typing patterns: A key to user identification. IEEE Security and Privacy, 2(5), 2004.
[41]
PiroX. PiroX Bot - World of Warcraft bot. http://www.piroxbots.com/ {Accessed: Jul. 25, 2009}.
[42]
M. D. Preda, M. Christodorescu, S. Jha, and S. Debray. A semantics-based approach to malware detection. In Proceedings of the 34th ACM POPL, Nice, France, January 2007.
[43]
M. Pusara and C. E. Brodley. User re-authentication via mouse movements. In Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, Washington, DC, USA, October 2004.
[44]
Rhabot. Rhabot - World of Warcraft bot. http://www.rhabot.com/ {Accessed: Nov. 2, 2008}.
[45]
T. Schluessler, S. Goglin, and E. Johnson. Is a bot at the controls?: Detecting input data attacks. In Proceedings of the 6th ACM SIGCOMM NetGames, Melbourne, Australia, September 2007.
[46]
Slashdot. Confessions of an Ultima Online gold farmer. http://slashdot.org/games/05/01/26/1531210.shtml {Accessed: Jul. 9, 2008}.
[47]
R. Thawonmas, Y. Kashifuji, and K.-T. Chen. Detection of MMORPG bots based on behavior analysis. In Proceedings of 5th ACM International Conference on Advances in Computer Entertainment Technology (ACE'08), Yokohama, Japan, December 2008.
[48]
The MMO RPG Exchange. World of Warcraft exchange. http://themmorpgexchange.com/ {Accessed: Jul. 25, 2009}.
[49]
Valve Corporation. Valve anti-cheat system (VAC). https://support.steampowered.com/kb_article.php?p_faqid=370 {Accessed: Jul. 9, 2008}.
[50]
D. Wagner and P. Soto. Mimicry attacks on host-based intrusion detection systems. In Proceedings of the 9th ACM CCS, Washingtion, DC, USA, November 2002.
[51]
H. Wang, D. Zhang, and K. G. Shin. Detecting SYN flooding attacks. In Proceedings of the 21st IEEE INFOCOM, New York, NY, USA, June 2002.
[52]
S. D. Webb and S. Soh. Cheating in networked computer games -- a review. In Proceedings of the 2nd International Conference on Digital Interactive Media in Entertainment and Arts, Perth, Australia, September 2007.
[53]
W. Willinger, V. Paxson, and M. S. Taqqu. Self-similarity and heavy tails: Structural modeling of network traffic. In Statistical Techniques and Applications, pages 27--53. Verlag, 1998.
[54]
WoW Panda. ZoloFighter - World of Warcraft bot. http://www.zolohouse.com/wow/wowFighter/ {Accessed: Jul. 25, 2009}.
[55]
R. V. Yampolskiy and V. Govindaraju. Embedded non-interactive continuous bot detection. Computers in Entertainment, 5(4), 2007.
[56]
J. Yan and B. Randell. A systematic classification of cheating in online games. In Proceedings of the 4th ACM SIGCOMM NetGames, Hawthorne, NY, USA, October 2005.

Cited By

View all
  • (2023)Exploring visual representations of computer mouse movements for bot detection using deep learning approachesExpert Systems with Applications10.1016/j.eswa.2023.120225229(120225)Online publication date: Nov-2023
  • (2022)Cheating and Detection Method in Massively Multiplayer Online Role-Playing Game: Systematic Literature ReviewIEEE Access10.1109/ACCESS.2022.317211010(49050-49063)Online publication date: 2022
  • (2022)Are You a Cyborg, Bot or Human?—A Survey on Detecting Fake News SpreadersIEEE Access10.1109/ACCESS.2022.315772410(27069-27083)Online publication date: 2022
  • Show More Cited By

Index Terms

  1. Battle of Botcraft: fighting bots in online games with human observational proofs

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    CCS '09: Proceedings of the 16th ACM conference on Computer and communications security
    November 2009
    664 pages
    ISBN:9781605588940
    DOI:10.1145/1653662
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 09 November 2009

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. game bots
    2. human observational proofs

    Qualifiers

    • Research-article

    Conference

    CCS '09
    Sponsor:

    Acceptance Rates

    Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)40
    • Downloads (Last 6 weeks)5
    Reflects downloads up to 19 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2023)Exploring visual representations of computer mouse movements for bot detection using deep learning approachesExpert Systems with Applications10.1016/j.eswa.2023.120225229(120225)Online publication date: Nov-2023
    • (2022)Cheating and Detection Method in Massively Multiplayer Online Role-Playing Game: Systematic Literature ReviewIEEE Access10.1109/ACCESS.2022.317211010(49050-49063)Online publication date: 2022
    • (2022)Are You a Cyborg, Bot or Human?—A Survey on Detecting Fake News SpreadersIEEE Access10.1109/ACCESS.2022.315772410(27069-27083)Online publication date: 2022
    • (2021)HLISAProceedings of the 21st ACM Internet Measurement Conference10.1145/3487552.3487843(380-389)Online publication date: 2-Nov-2021
    • (2021)UTrackProceedings of the Eleventh ACM Conference on Data and Application Security and Privacy10.1145/3422337.3447831(161-172)Online publication date: 26-Apr-2021
    • (2021)Detecting the Capacitance-Based Gamepad for Protecting Mobile Game FairnessIEEE Transactions on Computers10.1109/TC.2020.300937470:9(1374-1387)Online publication date: 1-Sep-2021
    • (2021)SapiAgent: A Bot Based on Deep Learning to Generate Human-Like Mouse TrajectoriesIEEE Access10.1109/ACCESS.2021.31110989(124396-124408)Online publication date: 2021
    • (2021)Mouse Dynamics Based Bot Detection Using Sequence LearningBiometric Recognition10.1007/978-3-030-86608-2_6(49-56)Online publication date: 8-Sep-2021
    • (2020)Aim low, shoot highProceedings of the 13th European workshop on Systems Security10.1145/3380786.3391397(19-24)Online publication date: 27-Apr-2020
    • (2020)The Gravy Value: A Set of Features for Pinpointing BOT Detection MethodInformation Security Applications10.1007/978-3-030-65299-9_11(142-153)Online publication date: 9-Dec-2020
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media