O Impacto de Software Anti-cheat na Privacidade do Usuário
Resumo
O mercado de jogos eletrônicos está em constante crescimento e, com ele, o uso de softwares de cheat, onde os usuários trapaceiam para obter benefícios irregulares. Como consequência, desenvolvedores de jogos dedicam esforços ao desenvolvimento de técnicas para detectar e impedir que usuários mal-intencionados usem tais softwares. Uma das estratégias utilizadas consiste na adoção de software anti-cheat. No entanto, os anti-cheats tipicamente operam de maneira intrusiva nos sistemas de seus usuários, podendo requerer permissões de execução até em kernel-level, gerando preocupação quanto à privacidade e segurança dos dados pessoais coletados. Este trabalho apresenta uma análise técnica de anti-cheats, capturando e investigando suas operações executadas em busca de potenciais brechas de privacidade para os usuários.
Referências
Basque-Rice, I. (2023). Cheaters could prosper: An analysis of the security of video game anti-cheat. Honours Project Proposal, School of Design and Informatics, Abertay University. [link].
BattlEye (2024). Battleye - the anti-cheat gold standard. [link].
Bhardwaj, A. and Goundar, S. (2020). Keyloggers: silent cyber security weapons. Network Security, 2020(2):14–19.
Boldt, M. and Carlsson, B. (2006). Privacy-invasive software and preventive mechanisms. In International Conference on Systems and Networks Communications, pages 21–21.
Chen, Z., Roussopoulos, M., Liang, Z., Zhang, Y., Chen, Z., and Delis, A. (2012). Malware characteristics and threats on the internet ecosystem. Journal of Systems and Software, 85(7):1650–1672.
DeLap, M., Knutsson, B., Lu, H., Sokolsky, O., Sammapun, U., Lee, I., and Tsarouchis, C. (2004). Is runtime verification applicable to cheat detection? In Workshop on Network and System Support for Games, pages 134–138.
Dias Canedo, E., Toffano Seidel Calazans, A., Toffano Seidel Masson, E., Teixeira Costa, P. H., and Lima, F. (2020). Perceptions of ICT practitioners regarding software privacy. Entropy, 22(4):429.
Doneda, D. (2006). Da Privacidade à Proteção de Dados Pessoais. Revista dos Tribunais, São Paulo, SP, Brasil.
Eung, S., Lui, J. C., Liu, J., and Yan, J. (2006). Detecting cheaters for multiplayer games: Theory, design and implementation. In Consumer Communications and Networking Conference, pages 1178–1182.
Games, R. (2024). Riot games privacy notice. [link].
Gao, J., Li, L., Kong, P., Bissyandé, T. F., and Klein, J. (2019). Should you consider adware as malware in your study? In International Conference on Software Analysis, Evolution and Reengineering, pages 604–608.
Goh, E., Al-Tabbaa, O., and Khan, Z. (2023). Unravelling the complexity of the video game industry: An integrative framework and future research directions. Telematics and Informatics Reports, page 100100.
Greidanus, R. (2017). Client-side Anti-cheat in Online Games: Legal Implications from a Privacy and Data Protection Perspective. PhD thesis, Tilburg University, Tilburgo, Países Baixos.
Iachello, G., Hong, J., et al. (2007). End-user privacy in human-computer interaction. Foundations and Trends® in Human–Computer Interaction, pages 1–137.
Lan, X., Zhang, Y., and Xu, P. (2009). An overview on game cheating and its counter-measures. In 2nd International Symposium on Computer Science and Computational Technology, page 195, Huangshan, China.
Maario, A., Shukla, V. K., Ambikapathy, A., and Sharma, P. (2021). Redefining the risks of kernel-level anti-cheat in online gaming. In International Conference on Signal Processing and Integrated Networks, pages 676–680.
Machado, J. d. M. S. (2014). A expansão do conceito de privacidade e a evolução na tecnologia de informação com o surgimento dos bancos de dados. Revista da AJURIS, 41(134).
Maziero, C. (2020). Sistemas Operacionais: Conceitos e Mecanismos. Universidade Federal do Paraná, Curitiba, PR, Brasil.
Microsoft (2024). Determine allow-deny list and application inventory for software restriction policies. [link].
PCGamingWiki (2023). List of games with anti-cheat technology. [link].
Pilipovic, S. (2023). Every game with kernel–level anti–cheat software. [link].
Pontiroli, S. (2019). The cake is a lie! uncovering the secret world of malware-like cheats in video games. Virus Bulletin.
Riot, G. (2024a). /DEV: Vanguard X LoL. [link].
Riot, G. (2024b). Vanguard anti-cheat. [link].
Ronkainen, W. (2021). Prevention vs Detection in Online Game Cheating. PhD thesis, University of Oulu, Oulu, Finlândia.
Schellens, K. (2021). Addressing Privacy in Software Architecture. PhD thesis, Utrecht University, Utreque, Países Baixos.
Shin, D.-H. (2010). The effects of trust, security and privacy in social networking: A security-based approach to understand the pattern of adoption. Interacting with Computers, pages 428–438.
Stafford, T. F. and Urbaczewski, A. (2004). Spyware: The ghost in the machine. The Communications of the Association for Information Systems, 14(1):49.
Ven, B. (2023). Cheating and anti-cheat system action impacts on user experience. PhD thesis, Radbound University, Nimega, Países Baixos.
Wendel, E. (2012). Cheating in Online Games A Case Study of Bots and Bot-Detection in Browser-Based Multiplayer Games. PhD thesis, Norwegian University of Science and Technology, Trondheim, Noruega.
BattlEye (2024). Battleye - the anti-cheat gold standard. [link].
Bhardwaj, A. and Goundar, S. (2020). Keyloggers: silent cyber security weapons. Network Security, 2020(2):14–19.
Boldt, M. and Carlsson, B. (2006). Privacy-invasive software and preventive mechanisms. In International Conference on Systems and Networks Communications, pages 21–21.
Chen, Z., Roussopoulos, M., Liang, Z., Zhang, Y., Chen, Z., and Delis, A. (2012). Malware characteristics and threats on the internet ecosystem. Journal of Systems and Software, 85(7):1650–1672.
DeLap, M., Knutsson, B., Lu, H., Sokolsky, O., Sammapun, U., Lee, I., and Tsarouchis, C. (2004). Is runtime verification applicable to cheat detection? In Workshop on Network and System Support for Games, pages 134–138.
Dias Canedo, E., Toffano Seidel Calazans, A., Toffano Seidel Masson, E., Teixeira Costa, P. H., and Lima, F. (2020). Perceptions of ICT practitioners regarding software privacy. Entropy, 22(4):429.
Doneda, D. (2006). Da Privacidade à Proteção de Dados Pessoais. Revista dos Tribunais, São Paulo, SP, Brasil.
Eung, S., Lui, J. C., Liu, J., and Yan, J. (2006). Detecting cheaters for multiplayer games: Theory, design and implementation. In Consumer Communications and Networking Conference, pages 1178–1182.
Games, R. (2024). Riot games privacy notice. [link].
Gao, J., Li, L., Kong, P., Bissyandé, T. F., and Klein, J. (2019). Should you consider adware as malware in your study? In International Conference on Software Analysis, Evolution and Reengineering, pages 604–608.
Goh, E., Al-Tabbaa, O., and Khan, Z. (2023). Unravelling the complexity of the video game industry: An integrative framework and future research directions. Telematics and Informatics Reports, page 100100.
Greidanus, R. (2017). Client-side Anti-cheat in Online Games: Legal Implications from a Privacy and Data Protection Perspective. PhD thesis, Tilburg University, Tilburgo, Países Baixos.
Iachello, G., Hong, J., et al. (2007). End-user privacy in human-computer interaction. Foundations and Trends® in Human–Computer Interaction, pages 1–137.
Lan, X., Zhang, Y., and Xu, P. (2009). An overview on game cheating and its counter-measures. In 2nd International Symposium on Computer Science and Computational Technology, page 195, Huangshan, China.
Maario, A., Shukla, V. K., Ambikapathy, A., and Sharma, P. (2021). Redefining the risks of kernel-level anti-cheat in online gaming. In International Conference on Signal Processing and Integrated Networks, pages 676–680.
Machado, J. d. M. S. (2014). A expansão do conceito de privacidade e a evolução na tecnologia de informação com o surgimento dos bancos de dados. Revista da AJURIS, 41(134).
Maziero, C. (2020). Sistemas Operacionais: Conceitos e Mecanismos. Universidade Federal do Paraná, Curitiba, PR, Brasil.
Microsoft (2024). Determine allow-deny list and application inventory for software restriction policies. [link].
PCGamingWiki (2023). List of games with anti-cheat technology. [link].
Pilipovic, S. (2023). Every game with kernel–level anti–cheat software. [link].
Pontiroli, S. (2019). The cake is a lie! uncovering the secret world of malware-like cheats in video games. Virus Bulletin.
Riot, G. (2024a). /DEV: Vanguard X LoL. [link].
Riot, G. (2024b). Vanguard anti-cheat. [link].
Ronkainen, W. (2021). Prevention vs Detection in Online Game Cheating. PhD thesis, University of Oulu, Oulu, Finlândia.
Schellens, K. (2021). Addressing Privacy in Software Architecture. PhD thesis, Utrecht University, Utreque, Países Baixos.
Shin, D.-H. (2010). The effects of trust, security and privacy in social networking: A security-based approach to understand the pattern of adoption. Interacting with Computers, pages 428–438.
Stafford, T. F. and Urbaczewski, A. (2004). Spyware: The ghost in the machine. The Communications of the Association for Information Systems, 14(1):49.
Ven, B. (2023). Cheating and anti-cheat system action impacts on user experience. PhD thesis, Radbound University, Nimega, Países Baixos.
Wendel, E. (2012). Cheating in Online Games A Case Study of Bots and Bot-Detection in Browser-Based Multiplayer Games. PhD thesis, Norwegian University of Science and Technology, Trondheim, Noruega.
Publicado
16/09/2024
Como Citar
MATHEUS, Vinicius; HEINRICH, Tiago; FULBER-GARCIA, Vinicius; WILL, Newton C.; OBELHEIRO, Rafael R.; MAZIERO, Carlos A..
O Impacto de Software Anti-cheat na Privacidade do Usuário. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 24. , 2024, São José dos Campos/SP.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 477-491.
DOI: https://doi.org/10.5753/sbseg.2024.241475.
