skip to main content
10.1145/3372297.3417890acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

BlackMirror: Preventing Wallhacks in 3D Online FPS Games

Published: 02 November 2020 Publication History

Abstract

Online gaming, with a reported 152 billion US dollar market, is immensely popular today. One of the critical issues in multiplayer online games is cheating, in which a player uses an illegal methodology to create an advantage beyond honest game play. For example, wallhacks, the main focus of this work, animate enemy objects on a cheating player's screen, despite being actually hidden behind walls (or other occluding objects). Since such cheats discourage honest players and cause game companies to lose revenue, gaming companies deploy mitigation solutions alongside game applications on the player's machine. However, their solutions are fundamentally flawed since they are deployed on a machine where the attacker has absolute control.

Supplementary Material

MOV File (Copy of CCS2020_fpc490_SeonghyunPark - Brian Hollendyke.mov)
Presentation video

References

[1]
Global games market report. https://newzoo.com/products/reports/global-games-market-report/.
[2]
Report: Cheating is becoming a big problem in online gaming. https://www.forbes.com/sites/nelsongranados/2018/04/30/report-cheating-is-becoming-a-big-problem-in-online-gaming.
[3]
Battleye: The anti-cheat gold standard. https://www.battleye.com. Accessed: 2020-01-03.
[4]
Valve anti-cheat system (vac). https://support.steampowered.com/kb/7849-RADZ-6869/#whatisvac. Accessed: 2020-01-03.
[5]
Easy anti-cheat. https://www.easy.ac/en-us/. Accessed: 2020-01-03.
[6]
Joel Noguera. Unveiling the underground world of anti-cheats. Recon Montreal 2019, 2019.
[7]
Cheat engine. https://www.cheatengine.org/. Accessed: 2020-01-02.
[8]
Joel Noguera. Creating your own wallhack. https://niemand.com.ar/2019/01/13/creating-your-own-wallhack/, January 2019.
[9]
Carl Schou. Hooking the graphics kernel subsystem. https://secret.club/2019/10/18/kernel_gdi_hook.html, October 2019.
[10]
Peter Andreasen. Deep dive into networking for unity's fps sample game. Unite LA, 2018.
[11]
Quake 2 gpl release. https://github.com/id-Software/Quake-2.
[12]
Frank McKeen, Ilya Alexandrovich, Alex Berenzon, Carlos V. Rozas, Hisham Shafi, Vedvyas Shanbhogue, and Uday R. Savagaonkar. Innovative instructions and software model for isolated execution. In Proceedings of the 2Nd International Workshop on Hardware and Architectural Support for Security and Privacy, HASP '13, pages 10:1--10:1, New York, NY, USA, 2013. ACM.
[13]
Ittai Anati, Shay Gueron, Simon P Johnson, and Vincent R Scarlata. Innovative technology for cpu based attestation and sealing.
[14]
Samuel Weiser and Mario Werner. Sgxio: Generic trusted i/o path for intel sgx. In Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, CODASPY '17, 2017.
[15]
S. Eskandarian, J. Cogan, S. Birnbaum, P. C. W. Brandon, D. Franke, F. Fraser, G. Garcia, E. Gong, H. T. Nguyen, T. K. Sethi, V. Subbiah, M. Backes, G. Pellegrino, and D. Boneh. Fidelius: Protecting user secrets from compromised browsers. In Proceedings of the 40th IEEE Symposium on Security and Privacy (Oakland), San Francisco, CA, May 2019.
[16]
Aritra Dhar, Enis Ulqinaku, Kari Kostiainen, and Srdjan Capkun. Protection: Root-of-trust for io in compromised platforms. In Proceedings of the 2020 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2020.
[17]
Stavros Volos, Kapil Vaswani, and Rodrigo Bruno. Graviton: Trusted execution environments on gpus. In Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Carlsbad, CA, October 2018.
[18]
Insu Jang, Adrian Tang, Taehoon Kim, Simha Sethumadhavan, and Jaehyuk Huh. Heterogeneous isolated execution for commodity gpus. In Proceedings of the 24th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Providence, RI, April 2019.
[19]
Y. Xu, W. Cui, and M. Peinado. Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In 2015 IEEE Symposium on Security and Privacy, San Jose, CA, May 2015.
[20]
Jo Van Bulck, Nico Weichbrodt, Rüdiger Kapitza, Frank Piessens, and Raoul Strackx. Telling your secrets without page faults: Stealthy page table-based attacks on enclaved execution. In Proceedings of the 26th USENIX Security Symposium (Security), Vancouver, Canada, August 2017.
[21]
Ferdinand Brasser, Urs Müller, Alexandra Dmitrienko, Kari Kostiainen, Srdjan Capkun, and Ahmad-Reza Sadeghi. Software grand exposure: SGX cache attacks are practical. In 11th USENIX Workshop on Offensive Technologies (WOOT 17), Vancouver, BC, August 2017. USENIX Association.
[22]
Jo Van Bulck, Frank Piessens, and Raoul Strackx. Sgx-step: A practical attack framework for precise enclave execution control. In Proceedings of the 2nd Workshop on System Software for Trusted Execution, SysTEX'17, 2017.
[23]
Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution. In Proceedings of the 27th USENIX Security Symposium (Security), Baltomore, MD, August 2018.
[24]
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. Spectre attacks: Exploiting speculative execution. In Proceedings of the 40th IEEE Symposium on Security and Privacy (Oakland), San Francisco, CA, May 2019.
[25]
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. Meltdown: Reading kernel memory from user space. In Proceedings of the 27th USENIX Security Symposium (Security), Baltomore, MD, August 2018.
[26]
Jaehyuk Lee, Jinsoo Jang, Yeongjin Jang, Nohyun Kwak, Yeseul Choi, Changho Choi, Taesoo Kim, Marcus Peinado, and Brent ByungHoon Kang. Hacking in darkness: Return-oriented programming against secure enclaves. In Proceedings of the 26th USENIX Security Symposium (Security), Vancouver, Canada, August 2017.
[27]
Andrea Biondo, Mauro Conti, Lucas Davi, Tommaso Frassetto, and Ahmad-Reza Sadeghi. The guardtextquoterights dilemma: Efficient code-reuse attacks against intel SGX. In Proceedings of the 27th USENIX Security Symposium (Security), Baltomore, MD, August 2018.
[28]
Jaebaek Seo, Byounyoung Lee, Seongmin Kim, Ming-Wei Shih, Insik Shin, Dongsu Han, and Taesoo Kim. Sgx-shield: Enabling address space layout randomization for sgx programs. In Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2017.
[29]
Dmitrii Kuvaiskii, Oleksii Oleksenko, Sergei Arnautov, Bohdan Trach, Pramod Bhatotia, Pascal Felber, and Christof Fetzer. Sgxbounds: Memory safety for shielded execution. In Proceedings of the Twelfth European Conference on Computer Systems, EuroSys '17. ACM, 2017.
[30]
Nicilas Guigo and Joel St. John. Next level cheating and leveling up mitigations. Black Hat Europe 2014, 2014.
[31]
Playerunknown's battleground. https://www.pubg.com. Accessed: 2020-04--30.
[32]
Osiris. https://github.com/danielkrupinski/Osiris.
[33]
Charlatano. https://github.com/Jire/Charlatano.
[34]
Onebytewallhack. https://github.com/danielkrupinski/OneByteWallhack.
[35]
E. Bursztein, M. Hamburg, J. Lagarenne, and D. Boneh. Openconflict: Preventing real time map hacks in online games. In Proceedings of the 32nd IEEE Symposium on Security and Privacy (Oakland), Oakland, CA, May 2011.
[36]
imgui. https://github.com/ocornut/imgui.
[37]
Chia che Tsai, Donald E. Porter, and Mona Vij. Graphene-sgx: A practical library OS for unmodified applications on SGX. In Proceedings of the 2017 USENIX Annual Technical Conference (ATC), Santa Clara, CA, July 2017.
[38]
Swiftshader. https://github.com/google/swiftshader.
[39]
Xigncode3. https://www.wellbia.com/home/en/pages/xigncode3/. Accessed: 2020-01-03.
[40]
Riot's approach to anti-cheat. https://technology.riotgames.com/news/riots-approach-anti-cheat. Accessed: 2019--12--28.
[41]
Carl Schou. Battleye anticheat: analysis and mitigation. https://vmcall.github.io/reversal/2019/02/10/battleye-anticheat.html/, February 2019.
[42]
Youren Shen, Hongliang Tian, Yu Chen, Kang Chen, Runji Wang, Yi Xu, Yubin Xia, and Shoumeng Yan. Occlum: Secure and efficient multitasking inside a single enclave of intel sgx. In Proceedings of the 25th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Lausanne, Switzeland, April 2020.
[43]
Guoxing Chen, Yinqian Zhang, and Ten-Hwang Lai. Opera: Open remote attestation for intel's secure enclave. In Proceedings of the 26th ACM Conference on Computer and Communications Security (CCS), London, UK, November 2018.
[44]
Adil Ahmad, Kyungtae Kim, Muhammad Ihsanulhaq Sarfaraz, and Byoungyoung Lee. OBLIVIATE: A data oblivious filesystem for intel SGX. In Proceedings of the 2018 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2018.
[45]
Meni Orenbach, Pavel Lifshits, Marina Minkin, and Mark Silberstein. Eleos: Exitless os services for sgx enclaves. In Proceedings of the 12th European Conference on Computer Systems (EuroSys), Belgrade, Serbia, April 2017.
[46]
Surenthar Selvaraj. Overview of protected file system library using software guard extensions, 2016.
[47]
Daniel Lupei, Bogdan Simion, Don Pinto, Matthew Misler, Mihai Burcea, William Krick, and Cristiana Amza. Transactional memory support for scalable and transparent parallelization of multiplayer games. In Proceedings of the 5th European Conference on Computer Systems (EuroSys), Paris, France, April 2010.
[48]
Vladimir Gajinov, Ferad Zyulkyarov, Osman S. Unsal, Adrian Cristal, Eduard Ayguade, Tim Harris, and Mateo Valero. Quaketm: parallelizing a complex sequential application using transactional memory. In Proceedings of the 23rd International Conference on Supercomputing (ICS), Yorktown Heights, NY, June 2009.
[49]
A. Yahyavi, K. Huguenin, J. Gascon-Samson, J. Kienzle, and B. Kemme. Watchmen: Scalable cheat-resistant support for distributed multi-player online games. In Proceedings of the 33st International Conference on Distributed Computing Systems (ICDCS), 2013.
[50]
Ferad Zyulkyarov, Vladimir Gajinov, Osman S. Unsal, Adrián Cristal, Eduard Ayguadé, Tim Harris, and Mateo Valero. Atomic quake: using transactional memory in an interactive multiplayer game server. In Proceedings of the 14th ACM Symposium on Principles and Practice of Parallel Programming (PPOPP), Releigh, USA, February 2009.
[51]
ccQ2RTX. https://github.com/NVIDIA/Q2RTX.
[52]
ccQ2PRO. https://github.com/skullernet/q2pro.
[53]
Masked software occlusion culling. https://github.com/gametechdev/maskedocclusionculling.
[54]
J. Hasselgren, M. Andersson, and T. Akenine-Möller. Masked software occlusion culling. In Proceedings of High Performance Graphics, HPG '16, 2016.
[55]
ccARB_occlusion_query. https://www.khronos.org/registry/OpenGL/extensions/ARB/ARB_occlusion_query.txt.
[56]
Xonotic. https://github.com/xonotic/xonotic.
[57]
Red eclipse 2. https://github.com/redeclipse/base.
[58]
Visibilty and occlusion culling. https://docs.unrealengine.com/en-US/Engine/Rendering/VisibilityCulling/index.html.
[59]
Skinned mesh renderer. https://docs.unity3d.com/Manual/class-SkinnedMeshRenderer.html. Accessed: 2020--5--1.
[60]
David Kaplan, Jeremy Powell, and Tom Woller. Amd memory encryption. Technical report, Advaned Micro Devices, 2016.
[61]
Saeid Mofrad, Fengwei Zhang, Shiyong Lu, and Weidong Shi. A comparison study of intel sgx and amd memory encryption technology. In Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy, 2018.
[62]
Andreas Haeberlen, Paarijaat Aditya, Rodrigo Rodrigues, and Peter Druschel. Accountable virtual machines. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Vancouver, Canada, October 2010.
[63]
Erick Bauman and Zhiqiang Lin. A case for protecting computer games with sgx. In Proceedings of the 1st Workshop on System Software for Trusted Execution, SysTEX '16, 2016.
[64]
Michal Valient. Practical occlusion culling in killzone 3: Will vale -- second intention limited -- contract r&d for guerrilla bv. In ACM SIGGRAPH 2011 Talks, SIGGRAPH '11, 2011.

Cited By

View all
  • (2024)Anti-Cheat: Attacks and the Effectiveness of Client-Side DefencesProceedings of the 2024 Workshop on Research on offensive and defensive techniques in the context of Man At The End (MATE) attacks10.1145/3689934.3690816(30-43)Online publication date: 19-Nov-2024
  • (2024)The Big Brother's New Playground: Unmasking the Illusion of Privacy in Web Metaverses from a Malicious User's PerspectiveProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3690249(2162-2176)Online publication date: 2-Dec-2024
  • (2023)BotScreenProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620265(481-498)Online publication date: 9-Aug-2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
October 2020
2180 pages
ISBN:9781450370899
DOI:10.1145/3372297
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 November 2020

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Intel SGX
  2. multi-player games
  3. wallhacks

Qualifiers

  • Research-article

Funding Sources

  • National Research Foundation

Conference

CCS '20
Sponsor:

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)155
  • Downloads (Last 6 weeks)4
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Anti-Cheat: Attacks and the Effectiveness of Client-Side DefencesProceedings of the 2024 Workshop on Research on offensive and defensive techniques in the context of Man At The End (MATE) attacks10.1145/3689934.3690816(30-43)Online publication date: 19-Nov-2024
  • (2024)The Big Brother's New Playground: Unmasking the Illusion of Privacy in Web Metaverses from a Malicious User's PerspectiveProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3690249(2162-2176)Online publication date: 2-Dec-2024
  • (2023)BotScreenProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620265(481-498)Online publication date: 9-Aug-2023
  • (2023)Extracting Threat Intelligence From Cheat Binaries For Anti-CheatingProceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3607199.3607211(17-31)Online publication date: 16-Oct-2023
  • (2023)SoK: A Systematic Review of TEE Usage for Developing Trusted ApplicationsProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3600169(1-15)Online publication date: 29-Aug-2023
  • (2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
  • (2023)“Is It Legit, To You?”. An Exploration of Players’ Perceptions of Cheating in a Multiplayer Video Game: Making Sense of UncertaintyInternational Journal of Human–Computer Interaction10.1080/10447318.2023.220427640:15(4021-4041)Online publication date: 28-Apr-2023
  • (2022)vSGX: Virtualizing SGX Enclaves on AMD SEV2022 IEEE Symposium on Security and Privacy (SP)10.1109/SP46214.2022.9833694(321-336)Online publication date: May-2022
  • (2022)Pagoda: Towards Binary Code Privacy Protection with SGX-based Execute-Only Memory2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED55351.2022.00019(133-144)Online publication date: Sep-2022

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media