朱利安·沃伊辛_竞争性电子游戏中的现代反滥用机制.pdf

1、#BHUSA BlackHatEventsModern Anti-Abuse Mechanisms in Modern Anti-Abuse Mechanisms in Competitive Video GamesCompetitive Video GamesJulien Voisin dustri.orgJulien Voisin dustri.org#BHUSA BlackHatEventsAgenda-Cheats&abuses?-Countermeasures-Technical-Social-Exotic-Conclusion#BHUSA BlackHatEvents#BHUSA

2、BlackHatEvents#BHUSA BlackHatEventsToxicity?Play Counter Strike or League of Legends for 10 minutes to get vivid examples.#BHUSA BlackHatEventsCheats,abuses,toxicity,Cheats arent hunted down because theyre morally questionable:theyre hunted down because they disturb the way the game is meant to be e

3、njoyed.Toxic and abusive behaviours lead to the very same effects.Those arent purely technical issues:they cant be solved by technical means only.#BHUSA BlackHatEventsTechnical countermeasuresLike a EDR,but shadier.#BHUSA BlackHatEventsIntegrity-based countermeasures-Open network connections to know

4、 cheat servers,C2-style#BHUSA BlackHatEventsIntegrity-based countermeasures-Open network connections to know cheat servers,C2-style-Presence of some specific files on the filesystem#BHUSA BlackHatEventsIntegrity-based countermeasures-Open network connections to know cheat servers,C2-style-Presence o

5、f some specific files on the filesystem-Process names and signatures#BHUSA BlackHatEventsIntegrity-based countermeasures-Open network connections to know cheat servers,C2-style-Presence of some specific files on the filesystem-Process names and signatures-Windows names/titles/icons/#BHUSA BlackHatEv

6、entsIntegrity-based countermeasures-Open network connections to know cheat servers,C2-style-Presence of some specific files on the filesystem-Process names and signatures-Windows names/titles/icons/-Loaded modules/dll/#BHUSA BlackHatEventsIntegrity-based countermeasures-Open network connections to k