• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1415-1425
• /
• 2018

MMORPG genre is based on the belief that all users in virtual world are equal. All users are able to obtain the corresponding wealth or status as they strive under the same resource, time. However, game bot is the main factor for harming this fair competition, causing benign gamers to feel a relative deprivation and deviate from the game. Game bots mainly form GFG(Gold Farming Group), which collects the goods in the game indiscriminately and adversely affects the economic system of the game. A general game bot detection algorithm is useful for detecting each bot, but it only covers few portions of GFG, not the whole, so it needs a wider range of detecting method. In this paper, we propose a method of detecting GFG based on items used in MMORPG genre. Several items that are mainly traded in the game were selected and the flows of those items were represented by a network. We Identified the characteristics of exchanging items of GFG bots and can identify the GFG's item trade network with real datasets from one of the popular online games.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.585-600
• /
• 2012

Security issues in online games are increasing as the online game industry grows. Real money trading (RMT) by online game users has become a security issue in several countries including Korea because RMT is related to criminal activities such as money laundering or tax evasion. RMT-related activities are done by professional work forces, namely gold-farmers, and many of them employ the automated program, bot, to gain cyber asset in a quick and efficient way. Online game companies try to prevent the activities of gold-farmers using game bots detection algorithm and block their accounts or IP addresses. However, game bot detection algorithm can detect a part of gold-farmer's network and IP address blocking also can be detoured easily by using the virtual private server or IP spoofing. In this paper, we propose a method to detect gold-farmer groups by analyzing their connection patterns to the online game servers, particularly information on their routing and source locations. We verified that the proposed method can reveal gold-farmers' group effectively by analyzing real data from the famous MMORPG.

• Journal of Information Technology Services
• /
• v.10 no.2
• /
• pp.293-308
• /
• 2011

The preliminary security assessment is an information security process to analyze security weaknesses before beginning of services. Discovering security weakness through preliminary security assessment is highly required because it costs much when security incident occur in the middle of service operation. However, this assessment is not widely spread in the online game service domain yet. In this paper, we summarize the security risk existed in the online game service, and we classify the security requirements related to the each risk. Also, through the case study, we evaluated the effectiveness of preliminary security assessment in this domain. In addition, we suggest checklists that should be reviewed once in game-client side, network-side and game-server side for the purpose of security enhancement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1153-1160
• /
• 2018

As the number of online game users increases and the market size grows, various kinds of cheating are occurring. Game bots are a typical illegal program that ensures playtime and facilitates account leveling and acquisition of various goods. In this study, we propose a method to detect game bots based on user action time interval (ATI). This technique observes the behavior of the bot in the game and selects the most frequent actions. We distinguish between normal users and game bots by applying Machine Learning to feature frequency, ATI average, and ATI standard deviation for each selected action. In order to verify the effectiveness of the proposed technique, we measured the performance using the actual log of the 'Aion' game and showed an accuracy of 97%. This method can be applied to various games because it can utilize all actions of users as well as character movements and social actions.

• Journal of Korea Game Society
• /
• v.14 no.5
• /
• pp.107-116
• /
• 2014

The traditional methodology of online game development is separating server development module and cilent development module. However developing and maintaining expenses have been increased a lot due to duplicated modules such as definitions of network protocols and managements of planning data. In this paper, we suggest an advanced methodology of online game development based on the integrated single module with client and server. Its effectiveness was shown by applying the proposed methodology in the development of the online game 'Chungmukong's Battle on the Sea'. In this case, the project size was reduced by 15.1% by using the integrated single module with client and server.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.9
• /
• pp.4200-4206
• /
• 2012

Recently, online-game industry has been rapidly expanding in these days. But, the various game service victimized cases are generated by the bots program. Particularly, the abnormal collection of the game money and item loses the inherent fun of a game. It reaches ultimately the definite bad effect to the game life cycle. In this paper, we propose a Bots detection method by observing the playing patterns of game characters with game log data. It analyzed behaviors of human players as well as bots and identified features to build the model to differentiate bots from human players. In an experiment, by using the served online-game, the model of a user and bots were generated was distinguished. And the reasonable result was confirmed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1077-1084
• /
• 2015

Security issues such as an illegal acquisition of personal information and identity theft happen due to using game bots in online games. Game bots collect items and money unfairly, so in-game contents are rapidly depleted, and honest users feel deprived. It causes a downturn in the game market. In this paper, we defined the growth types by analyzing the growth processes of users with actual game data. We proposed the framework that classify hard-core users and game bots in the growth patterns. We applied the framework in the actual data. As a result, we classified five growth types and detected game bots from hard-core users with 93% precision. Earlier studies show that hard-core users are also detected as a bot. We clearly separated game bots and hard-core users before full growth.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1131-1141
• /
• 2015

In this paper, we proposed a new approach of machine learning based method for detecting game-bots from normal players in MMORPG by inspecting the player's action log data especially in-game money increasing/decreasing event log data. DBSCAN (Density Based Spatial Clustering of Applications with Noise), an one of density based clustering algorithms, is used to extract the attributes of spatial characteristics of each players such as a number of clusters, a ratio of core points, member points and noise points. Most of all, even game-bot developers know principles of this detection system, they cannot avoid the system because moving a wide area to hunt the monster is very inefficient and unproductive. As the result, game-bots show definite differences from normal players in spatial characteristics such as very low ratio, less than 5%, of noise points while normal player's ratio of noise points is high. In experiments on real action log data of MMORPG, our game-bot detection system shows a good performance with high game-bot detection accuracy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.849-861
• /
• 2015

As the rise in popularity of online games, the users start exchanging rare items for real money. As RMT (Real Money Trade) is prevalent, GFG (Gold Farming Group) who abuse RMT shows up. GFG causes social problems such as identity theft, privacy leaks. Because they needs many bot characters to gather game items. In addition, GFG induce RMT that makes in-game problems such as a destroying game economy, account hacking. Therefore, It is very important work to collapse GFG at the perspective of social and in-game. In this paper, we proposed a fundamental method for detecting RMT buyers for the collapse of GFG at the perspective of buyer by Law of Demand and Supply. We found two type of RMT by analyzing actual game data and detected RMT buyers with high recall ratio of 98% by ruled-based detection.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1431-1439
• /
• 2017

In the security field, log analysis is important to detect malware or abnormal behavior. Recently, image visualization techniques for malware dectection becomes to a major part of security. These techniques can also be used in online games. Users can leave a game when they felt bad experience from game bot, automatic hunting programs, malicious code, etc. This churning can damage online game's profit and longevity of service if game operators cannot detect this kind of events in time. In this paper, we propose a new technique of PNG image conversion based churn prediction to improve the efficiency of data analysis for the first. By using this log compression technique, we can reduce the size of log files by 52,849 times smaller and increase the analysis speed without features analysis. Second, we apply data mining technique to predict user's churn with a real dataset from Blade & Soul developed by NCSoft. As a result, we can identify potential churners with a high accuracy of 97%.