• Journal of the Korea Society of Computer and Information
• /
• v.20 no.12
• /
• pp.61-66
• /
• 2015

In this paper, we draw a security assessment by analyzing possible vulnerabilities of the designated PC service which is supposed for strengthening security of current online identification methods that provide various areas such as the online banking and a game and so on. There is a difference between the designated PC service and online identification methods. Online identification methods authenticate an user by the user's private information or the user's knowledge-based information, though the designated PC service authenticates a hardware-based unique information of the user's PC. For this reason, high task significance services employ with online identification methods and the designated PC service for improving security multiply. Nevertheless, the security assessment of the designated PC service has been absent and possible vulnerabilities of the designated PC service are counterfeiter and falsification when the hardware-based unique-information is extracted on the user's PC and sent an authentication server. Therefore, in this paper, we analyze possible vulnerabilities of the designated PC service and draw the security assessment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.767-770
• /
• 2015

With the deployment of web-based educational game over the internet, the user's registration becomes a critical element. The user is authenticated by the system using username, password, and unique code. However, it cannot be handled properly because the data is transmitted through insecure channel on the network. Hence, security requirement is needed to avoid identity leakage from malicious user. In this paper, we propose a secure communication approach using SSL protocol for an online game. We also describe the security requirements for our approach. In future work, we intend to configure and implement the SSL protocol by enabling HTTPS in web-based online game.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.91-99
• /
• 2003

In this paper, we analyze the current trading systems and suggest two secure electronic trading systems that make a fair exchange for online game items. The system is made up for the weak points in the current item trading system. In the proposed system, a game server issues a certificate each item on the user's request. On the one hand, this certificate is used to recover the item when the system error is occured. On the other hand, the user may exchange it with another item or cyber money. The proposed system supports private and reliable trading. Further, the trading can be completed only by online processing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1415-1425
• /
• 2018

MMORPG genre is based on the belief that all users in virtual world are equal. All users are able to obtain the corresponding wealth or status as they strive under the same resource, time. However, game bot is the main factor for harming this fair competition, causing benign gamers to feel a relative deprivation and deviate from the game. Game bots mainly form GFG(Gold Farming Group), which collects the goods in the game indiscriminately and adversely affects the economic system of the game. A general game bot detection algorithm is useful for detecting each bot, but it only covers few portions of GFG, not the whole, so it needs a wider range of detecting method. In this paper, we propose a method of detecting GFG based on items used in MMORPG genre. Several items that are mainly traded in the game were selected and the flows of those items were represented by a network. We Identified the characteristics of exchanging items of GFG bots and can identify the GFG's item trade network with real datasets from one of the popular online games.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.849-861
• /
• 2015

As the rise in popularity of online games, the users start exchanging rare items for real money. As RMT (Real Money Trade) is prevalent, GFG (Gold Farming Group) who abuse RMT shows up. GFG causes social problems such as identity theft, privacy leaks. Because they needs many bot characters to gather game items. In addition, GFG induce RMT that makes in-game problems such as a destroying game economy, account hacking. Therefore, It is very important work to collapse GFG at the perspective of social and in-game. In this paper, we proposed a fundamental method for detecting RMT buyers for the collapse of GFG at the perspective of buyer by Law of Demand and Supply. We found two type of RMT by analyzing actual game data and detected RMT buyers with high recall ratio of 98% by ruled-based detection.

• Journal of Korea Game Society
• /
• v.9 no.5
• /
• pp.53-61
• /
• 2009

Game industry, especially MMORPG (Massively Multiplayer Online Role Playing Game) has rapidly been expanding in these days. In this background, lots of online game security incidents have been increasing and getting more diversity. One of the most critical security incidents is 'Bots', mimics human player's playing behaviors. Bots performs the task without any manual works, it is considered unfair with other players. So most game companies try to block Bots by analyzing the packets between clients and servers. However this method can be easily attacked, because the packets are changeable when it is send to server. In this paper, we propose a Bots detection method by observing the playing patterns of game characters with data on server. In this method, Bots developers cannot handle the data, because it is working on server. Therefore Bots cannot avoid it and we can find Bots users more completely.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1153-1160
• /
• 2018

As the number of online game users increases and the market size grows, various kinds of cheating are occurring. Game bots are a typical illegal program that ensures playtime and facilitates account leveling and acquisition of various goods. In this study, we propose a method to detect game bots based on user action time interval (ATI). This technique observes the behavior of the bot in the game and selects the most frequent actions. We distinguish between normal users and game bots by applying Machine Learning to feature frequency, ATI average, and ATI standard deviation for each selected action. In order to verify the effectiveness of the proposed technique, we measured the performance using the actual log of the 'Aion' game and showed an accuracy of 97%. This method can be applied to various games because it can utilize all actions of users as well as character movements and social actions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.235-255
• /
• 2019

Recent technological advances and industry changes, the game industry is maximizing fun by supporting cross-play that can be enjoyed by different platform users in PC, Mobile and Console games. If the boundaries are lost through the cross play, unexpected security threats can occur due to new services, even if existing security is maintained above a certain level. The existing online game security researches are mostly fraud detection that can occur in PC and mobile environment, but it is also necessary to study the security of the console game as cross play becomes possible. Therefore, this paper systematically identifies the security threats that can occur when enjoying cross play against console game users using STRIDE and LINDDUN threat modeling, derives security requirements using the international common evaluation standard.

• Journal of Fisheries and Marine Sciences Education
• /
• v.28 no.3
• /
• pp.790-798
• /
• 2016

Currently, web-based online games is becoming popular in supporting learning process due to their effective and efficient tool. However, online games have lack of security aspect, in particular due to increase in the number of personal information leakage. Since the data are transmitted over insecure channel, it will be vulnerable of being intercepted by attackers who want to exploit user's identity. This paper aims to propose an online web-based educational game, Vidyanusa which allows the students to register their personal information using a unique code, a user name and a password. It manages the users according to their schools, subject teachers and class levels. In addition, by adopting a unique code, the confidentiality of the user identity can be kept away from attackers. Moreover, in order to provide a secure data communication between client and server, Secure Socket Layer (SSL) protocol is adopted. The performance of the system after implementing SSL protocol is examined by loading a number of requests for various users. From the experiment result, it can be concluded that the SSL protocol can be applied to web-based educational system in order to offer security services and reliable connection.

• Journal of Korea Game Society
• /
• v.15 no.3
• /
• pp.177-188
• /
• 2015

In-game cheating by the use of unauthorized software programs has always been a big problem that they can damage in First Person Shooting games, although companies operate a variety of client security solutions in order to prevent games from the cheating attempts. This paper proposes a method for detecting cheaters in FPS games by using game log analysis in a server-side. To accomplish this, we did a comparative analysis of characteristics between cheaters and general users focused on commonly loaded logs in the game. We proposed a cheating detection model by using artificial neural network algorithm. In addition, we did the performance evaluation of the proposed model by using the real dataset used in business.