Server-side bot detection in massively multiplayer online games

Mitterhofer, Stefan; Kruegel, Christopher; Kirda, Engin; Platzer, Christian
IEEE Security and Privacy, Vol 7, N°3, May-June 2009

One of the greatest threats that Massive Multiplayer Online Games (MMOG) face nowadays is botting. Botting is a form of cheating where a player uses a script to automate actions in a game without actually playing herself. This has a severe adverse effect on honest players and impacts their motivation to continue the game, threatening the subscription-based business model of online game providers. However, if game companies make an effort at all to automatically detect bots, it is done through signature checking for suspicious programs on the client-side, essentially relying on information from an untrusted source outside their control. To address the botting problem, we propose an automated approach to detect bots on the server-side, solely based on the activity of a character. Our approach is completely transparent to the end-user and takes advantage of the fact that bots follow a script that guides them through the virtual world. More precisely, by analyzing the movement data of a character, we extract waypoints and detect paths that are taken repeatedly. This allows us to find movement patterns that repeat frequently, indicating that a character is controlled by a script and not a human player. 

Digital Security
Eurecom Ref:
© 2009 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.