As a result of physically owning the client machine, cheaters in online games currently have the upper-hand when it comes to avoiding detection. To address this problem and turn the table on cheaters, this paper presents Fides, an anomalybased cheat detection approach that remotely validates game execution. With Fides, a server-side Controller specifies how and when a client-side Auditor measures the game. To accurately validate measurements, the Controller partially emulates the client and collaborates with the server. This paper examines a range of cheat methods and initial measurements that counter them, showing that a Fides prototype is able to efficiently detect several existing cheats, including one state-of-the-art cheat that is advertised as “undetectable”. Categories and Subject Descriptors K.6.5 [Security and Protection]: Invasive Software General Terms Security Keywords Online Games, Anti-cheating, Anomaly-based Detection, Remote Measurement, Partial Client Emulation
Edward C. Kaiser, Wu-chang Feng, Travis Schluessle