A method for preventing online games hacking using memory monitoring

Chang Seon Lee; Huy Kang Kim; Hey Rin Won; Kyounggon Kim

doi:10.4218/etrij.2019-0427

A method for preventing online games hacking using memory monitoring

Chang Seon Lee, Huy Kang Kim, Hey Rin Won, Kyounggon Kim

School of Cybersecurity

Research output: Contribution to journal › Article › peer-review

2 Citations (Scopus)

Abstract

Several methods exist for detecting hacking programs operating within online games. However, a significant amount of computational power is required to detect the illegal access of a hacking program in game clients. In this study, we propose a novel detection method that analyzes the protected memory area and the hacking program's process in real time. Our proposed method is composed of a three-step process: the collection of information from each PC, separation of the collected information according to OS and version, and analysis of the separated memory information. As a result, we successfully detect malicious injected dynamic link libraries in the normal memory space.

Original language	English
Pages (from-to)	141-151
Number of pages	11
Journal	ETRI Journal
Volume	43
Issue number	1
DOIs	https://doi.org/10.4218/etrij.2019-0427
Publication status	Published - 2021 Feb

Bibliographical note

Publisher Copyright:
© 2020 ETRI

Keywords

abuse monitoring
game abuse
injection detection
malware detection and damage recovery
memory map

ASJC Scopus subject areas

Electronic, Optical and Magnetic Materials
Computer Science(all)
Electrical and Electronic Engineering

Access to Document

10.4218/etrij.2019-0427

Cite this

@article{f8bfbb358f50455f8b63a31e1e2b00e7,

title = "A method for preventing online games hacking using memory monitoring",

abstract = "Several methods exist for detecting hacking programs operating within online games. However, a significant amount of computational power is required to detect the illegal access of a hacking program in game clients. In this study, we propose a novel detection method that analyzes the protected memory area and the hacking program's process in real time. Our proposed method is composed of a three-step process: the collection of information from each PC, separation of the collected information according to OS and version, and analysis of the separated memory information. As a result, we successfully detect malicious injected dynamic link libraries in the normal memory space.",

keywords = "abuse monitoring, game abuse, injection detection, malware detection and damage recovery, memory map",

author = "Lee, {Chang Seon} and Kim, {Huy Kang} and Won, {Hey Rin} and Kyounggon Kim",

note = "Publisher Copyright: {\textcopyright} 2020 ETRI",

year = "2021",

month = feb,

doi = "10.4218/etrij.2019-0427",

language = "English",

volume = "43",

pages = "141--151",

journal = "ETRI Journal",

issn = "1225-6463",

publisher = "ETRI",

number = "1",

}

TY - JOUR

T1 - A method for preventing online games hacking using memory monitoring

AU - Lee, Chang Seon

AU - Kim, Huy Kang

AU - Won, Hey Rin

AU - Kim, Kyounggon

PY - 2021/2

Y1 - 2021/2

N2 - Several methods exist for detecting hacking programs operating within online games. However, a significant amount of computational power is required to detect the illegal access of a hacking program in game clients. In this study, we propose a novel detection method that analyzes the protected memory area and the hacking program's process in real time. Our proposed method is composed of a three-step process: the collection of information from each PC, separation of the collected information according to OS and version, and analysis of the separated memory information. As a result, we successfully detect malicious injected dynamic link libraries in the normal memory space.

AB - Several methods exist for detecting hacking programs operating within online games. However, a significant amount of computational power is required to detect the illegal access of a hacking program in game clients. In this study, we propose a novel detection method that analyzes the protected memory area and the hacking program's process in real time. Our proposed method is composed of a three-step process: the collection of information from each PC, separation of the collected information according to OS and version, and analysis of the separated memory information. As a result, we successfully detect malicious injected dynamic link libraries in the normal memory space.

KW - abuse monitoring

KW - game abuse

KW - injection detection

KW - malware detection and damage recovery

KW - memory map

UR - http://www.scopus.com/inward/record.url?scp=85097281746&partnerID=8YFLogxK

U2 - 10.4218/etrij.2019-0427

DO - 10.4218/etrij.2019-0427

M3 - Article

AN - SCOPUS:85097281746

SN - 1225-6463

VL - 43

SP - 141

EP - 151

JO - ETRI Journal

JF - ETRI Journal

IS - 1

ER -

A method for preventing online games hacking using memory monitoring

Abstract

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this