Bots and macros are a big problem in some online games. There are a couple of standard ways to catch bot users. This presentation discusses a number of standard bot fighting strategies and introduces a new approach. There is a lot more that can be done to protect your game. If you are interested, send me an email to steve @ free2secure.com with the subject “Bots”. If you are interested in keeping up with the latest books, articles, and tools from me at Free2Secure send me an email steve @ free2secure.com with the subject “Subscribe”. Finally, if you have any security questions, issues, or shoot me a note to steve @ free2secure.com with the subject “Help”.

1. Security eBooks
Battling Bots
and Macros, and Steven Davis
outsourced
players, and …
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

2. Security eBooks
Core Problem… everything is a bot
Drivers OS Application
• Keyboards, mice, controllers… everything is a device
behind a driver program
• On top of an operating system
• Interacting with an application
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

3. Security eBooks
There is always
“outsourced”
options for the
bad guys
• The worst case
strategy you need
to face is someone
hiring people to
“work” your game..
If it is profitable,
they will do it
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

4. Security eBooks
Classic anti-bot strategy
Server
Application
Client
Bot Detector
Application
Checksum
Bot Detector Filename
• Client-side signature detection
– Checksums and names of programs and
libraries in memory and on machine
• Just like anti-virus….
• … except the bad guy wants the virus to
work
• … and the bad guy has all the same tools:
encryption, stealth, polymorphism
• .. And a bigger budget than you!
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

5. Security eBooks
The Best
Strategy: Good
Game Play
• Makes AI for Bots harder at worst…
• .. at best, players actually want to play instead of
use bots or hire help
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

6. Security eBooks
Detecting bots –
A Strategy from
World War 2
• Telegraph Operators were
found to have a “handle”
that made them identifiable
just by listening to their
Morse code taps
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

7. Security eBooks
Server • Pass individual key
strokes (with clock
Application
information) and mouse
Bot Detector clicks (with coordinate
and clock information)
Client to server to build model
Keystroke/ of player behavior
Application Click Info – Encrypted, of course
Keystroke/Mouse Info • No detection logic on
client
Server-based • Stable under different
Player “Handle” bots
Detection
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

8. Security eBooks
Server-side Analysis
• Becomes a server-side datamining and analysis
challenge
• Can look for:
– Patterns and time for response
– Time interval between keystokes and clicks
– Locations of mouse clicks
– Variations from known player responses
– Correlation with other bots
– Combine with game state info
• Enhance by:
– Moving “Hot spots” on client
– Screen-based Quick Time events with different keys
• Use client side design to make server side analysis
easier
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

9. Security eBooks
What next?
• Don’t give up!
• More security presentations at:
http://free2secure.com/
• Check out my book “Protecting Games”
– Additional information at http://playnoevil.com/
• You can “win” the security game
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416

10. Security eBooks
About Me
• Steven Davis
– 25+ Years of Security Expertise
– I have worked on everything from
online games and satellite TV to
Nuclear Command and Control and
military communications
• http://www.linkedin.com/in/playnoevil
– Author, “Protecting Games”
• Why Free2Secure?
– Security is too expensive and isn’t working. There has to be a better way.
I’m exploring these issues for IT security, ebooks, games, and whatever
else strikes my fancy at http://free2secure.com/
– Join me there, ask questions, challenge assumptions, let’s make things
better
steve@free2secure.com
Games, iGaming, and Gambling +1.650.278.7416