• Journal of Information Technology Services
• /
• v.10 no.2
• /
• pp.293-308
• /
• 2011

The preliminary security assessment is an information security process to analyze security weaknesses before beginning of services. Discovering security weakness through preliminary security assessment is highly required because it costs much when security incident occur in the middle of service operation. However, this assessment is not widely spread in the online game service domain yet. In this paper, we summarize the security risk existed in the online game service, and we classify the security requirements related to the each risk. Also, through the case study, we evaluated the effectiveness of preliminary security assessment in this domain. In addition, we suggest checklists that should be reviewed once in game-client side, network-side and game-server side for the purpose of security enhancement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1097-1114
• /
• 2015

As the online game market grows, illegal activities such as cheating play using game bots or game hack programs, running private servers, hacking game companies' system and network, and account theft are also increasing. There are various security measures for online games to prevent illegal activities. However, the current security measures are not enough to prevent all highly evolving game attacks and frauds. Some security measure can do harm game players usability, game companies need to develop usable security measure that is well fit to game genre and contents design. In this study, we surveyed the recent trend of various security measure applied in online games. This research also classified illegal activities and their related countermeasure for detection and prevention.

• Information Systems Review
• /
• v.9 no.3
• /
• pp.83-98
• /
• 2007

This study focused on online game security, which has been considered relatively insignificant when compared to the online game industry's rapid growth. In this study, the state of security incidents in the Korean game industry and security solutions for such cases were examined. At first the security incidents were classified according to the type of game security infringement. Based upon this classification, this study analyzed the causes that give rise to infringement of online game security, and developed technical solutions for such cases. Finally, this study verified whether or not these technical solutions could be applied to online game sites.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.627-637
• /
• 2015

As game item trading becomes more popular with the rapid growth of online game market, the market for trading game items by cash has increased up to KRW 1.6 trillion. Thanks to this active market, it has been easy to turn these items and game money into real money. As a result, some malicious users have often attempted to steal other players' rare and valuable game items by using their account. Therefore, this study proposes a detection model through analysis on these account thieves' behavior in the Massive Multiuser Online Role Playing Game(MMORPG). In case of online game identity theft, the thieves engage in economic activities only with a goal of stealing game items and game money. In this pattern are found particular sequences such as item production, item sales and acquisition of game money. Based on this pattern, this study proposes a detection model. This detection model-based classification revealed 86 percent of accuracy. In addition, trading patterns when online game identity was stolen were analyzed in this study.

• Review of Korea Contents Association
• /
• v.15 no.3
• /
• pp.40-47
• /
• 2017

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.225-238
• /
• 2012

Among the various security threats in online games, the use of game bots is the most serious problem. In this paper, we propose a framework for user behavior analysis for bot detection in online games. Specifically, we focus on party play that reflects the social activities of gamers: In a Massively Multi-user Online Role Playing Game (MMORPG), party play log includes a distinguished information that can classify game users under normal-user and abnormal-user. That is because the bot users' main activities target on the acquisition of cyber assets. Through a statistical analysis of user behaviors in game activity logs, we establish the threshold levels of the activities that allow us to identify game bots. Also, we build a knowledge base of detection rules based on this statistical analysis. We apply these rule reasoner to the sixth most popular online game in the world. As a result, we can detect game bot users with a high accuracy rate of 95.92%.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.11
• /
• pp.2866-2879
• /
• 2012

Among the various security threats in online games, the use of game bots is the most serious problem. Previous studies on game bot detection have proposed many methods to find out discriminable behaviors of bots from humans based on the fact that a bot's playing pattern is different from that of a human. In this paper, we look at the chatting data that reflects gamers' communication patterns and propose a communication pattern analysis framework for online game bot detection. In massive multi-user online role playing games (MMORPGs), game bots use chatting message in a different way from normal users. We derive four features; a network feature, a descriptive feature, a diversity feature and a text feature. To measure the diversity of communication patterns, we propose lightly summarized indices, which are computationally inexpensive and intuitive. For text features, we derive lexical, syntactic and semantic features from chatting contents using text mining techniques. To build the learning model for game bot detection, we test and compare three classification models: the random forest, logistic regression and lazy learning. We apply the proposed framework to AION operated by NCsoft, a leading online game company in Korea. As a result of our experiments, we found that the random forest outperforms the logistic regression and lazy learning. The model that employs the entire feature sets gives the highest performance with a precision value of 0.893 and a recall value of 0.965.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1297-1307
• /
• 2018

The rise of Online game ESD(Electronic Software Distribution) like Steam, the method of game piracy are more diversified. In Online Game ESD, Software DRM is applied to game because we have to play in offline situation, but it is easily bypassed due to low security level. In this study, we analyze crack files of pirated games to learn how to bypass Steam DRM and to establish countermeasures for based on API call birthmark. The generated birthmark showed more than 85% resilience in representing crack groups and 95% credibility in detecting cracked games. With this study, it is possible to enhance the security of the online game Electronic Software Distribution platform, and to provide a high level of game piracy protection for indie game developers, especially those who can not purchase Third Party DRM to protect their own games.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1115-1122
• /
• 2015

In recent years, the use of game bots by illegal programs has been expanded from individual to group scale; this brings about serious problems in online game industry. The gold farmers group creates an in-game social community so-called "guild" to obtain a large amount of game money and manage game bots efficiently. Although game developers detect game bots by detection algorithms, the algorithms can detect only part of the gold farmers group. In this paper, we propose a detection method for the gold farmers group on a basis of normal and bot guilds characteristic analysis. In order to differentiate normal and bots guild, we analyze transaction patterns for individuals, auction house and chatting. With the analyzed results, we can detect game bot guilds. We demonstrate the feasibility of the proposed methods with real datasets from one of the popular online games named AION in Korea.

• Journal of Korea Game Society
• /
• v.11 no.6
• /
• pp.81-93
• /
• 2011

Identity theft happens frequently in popular MMORPG(Massively Multi-player Online Role Playing Games) where profits can be gained easily. In spite of the importance of security about identity theft in MMORPG, few methods to prevent and detect identity theft in online games have been proposed. In this study, we investigate real identity theft cases of an online game and define the representative patterns of identity theft as the speedy type, cautious type, and bold type. We then propose the automatic identity theft detection model based on the multi-class classification. We verify the system with one of the leading online games in Korea. The multi-class detection model outperforms the existing binary-class one(hacked or not).