Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
P3k1
Circle of Crows
3
|
Posted - 2012.02.22 00:48:00 -
[1] - Quote
So... English is not my native tongue, apologies for that... and i didn't know where to place this topic. If DEV would be so kind to move it to it's rightful place i would be really thankful.
So the topic/subject is part of the behavioural biometrics. My question is to someone from CCP department of security (Anti-bot team). I will have to watch last year fanfest youtube video (EVE Fanfest 2011: Security) to see who they are.
link: http://www.youtube.com/watch?v=mDSNd_w86Hw
Have you considered to implement something from above to detect non-human players using the game client? I know that keystroke dynamic is not really good as authentication method, but as identification it would probably do the job of finding out it there is human player using the game client or not.
Looking forward to reply from security dev team |
Eugene Spencer
Rodents of Unusual Size
84
|
Posted - 2012.02.22 14:52:00 -
[2] - Quote
This was actually mentioned in the most recent CSM Minutes.
Page 10:
Quote:The CSM suggested using behavioral analysis (similar to spam-detection) to identify botters. While CCP Sreegs did not dismiss its potential effectiveness, he strongly asserted his preference for a technical approach GÇô at the very least relying on technical solutions more than behavioral ones. He argued this would prevent customer support from being inundated with false-positives and fringe cases brought about by the behavioral-flagging. It must be noted that there isnGÇÖt a dichotomy between technical solutions and behavioral analysis, both methods allow you to be more effective than relying solely on either one. And when it comes to a decision of banning an account, Sreegs prefers a technical solution over behavioral analysis.
That should answer your question :) I have a specific comb for my beard. |
Dragonaire
Corax. The Big Dirty
33
|
Posted - 2012.02.22 18:02:00 -
[3] - Quote
On a related issue I know people that when they are mining look like bots all the time just because they do things so exactly the same all the time like the bots do so all the self appointed anti-bots players from in game shoot them constantly so that is also a problem that needs addressed.
On the use of behavioral biometrics it can also be fooled by simply scripting in some small bits of randomness to the clicking position and/or keyboard commands being used. The best that any 'solution' can do is make it more difficult and maybe limit how long they get by with it or how many there are but in the end you won't stop all of them. Finds camping stations from the inside much easier. Designer of Yapeal for Eve API. Check out the Yapeal PHP API library thread for more information. |
P3k1
Circle of Crows
3
|
Posted - 2012.02.22 18:23:00 -
[4] - Quote
Dragonaire wrote:// CUT
On the use of behavioral biometrics it can also be fooled by simply scripting in some small bits of randomness to the clicking position and/or keyboard commands being used. The best that any 'solution' can do is make it more difficult and maybe limit how long they get by with it or how many there are but in the end you won't stop all of them.
Algorithm is much smarter than that. You can youtube it and see how it works. Or see the link below: http://www.youtube.com/watch?v=_vMb9JUhC1g
So, neuron networks :) This semester I had time to play with it, really nice stuff. In video it is being used as additional authentication method. One more layer of security. I think it is around 20% false positive. In our example we would teach our neuron network only to identify if there is human using the input interface (a.k.a. keyboard). And the best part, neuron network would constantly learn and adopt :)
I'm just saying to use it as tool for identification.
@Eugene Spencer: I know i have examined it closely ;) |
Dragonaire
Corax. The Big Dirty
33
|
Posted - 2012.02.23 04:36:00 -
[5] - Quote
Watched the video and it is interesting but you run in to a problem as well that most keyboards don't return data on how hard keys are pressed etc just which and maybe how long they are held. The only way to get all the data they are using is to replace the OS keyboard driver with their own and by using a custom keyboard which isn't an option for something like Eve ;) Finds camping stations from the inside much easier. Designer of Yapeal for Eve API. Check out the Yapeal PHP API library thread for more information. |
P3k1
Circle of Crows
3
|
Posted - 2012.02.23 11:13:00 -
[6] - Quote
Dragonaire wrote:Watched the video and it is interesting but you run in to a problem as well that most keyboards don't return data on how hard keys are pressed etc just which and maybe how long they are held. The only way to get all the data they are using is to replace the OS keyboard driver with their own and by using a custom keyboard which isn't an option for something like Eve ;)
Two parameters that you watch are:
- Dwell time - the time duration that a key is pressed
- Flight time - the time duration in between releasing a key and pressing the next key
You don't have to know how hard the key was pressed. I can link you some material for you to read. link: http://biometric-solutions.com/solutions/index.php?story=keystroke_dynamics |
TorTorden
NorCorp Enterprise No Holes Barred
19
|
Posted - 2012.02.23 12:36:00 -
[7] - Quote
Dragonair's first reply still remain valid, if these metrics are taken in use, the bot makers will just include randomized values of them as well. |
P3k1
Circle of Crows
3
|
Posted - 2012.02.23 14:09:00 -
[8] - Quote
TorTorden wrote:Dragonair's first reply still remain valid, if these metrics are taken in use, the bot makers will just include randomized values of them as well.
That's true :) They will include it, but it will still converge around some value (will not go into technical mumble). The question here was not how this technique works, but can it be used to identify bot behavior. We are not trying to authenticate some one, just tell apart human behavior versus programmed script. You can observe other metrics. The key thing here is that you teach neuron network behavior of group "H" (Humans), and behavior of group "S" (Scripts).
Would the community like CCP to implement something like that? |
Abdiel Kavash
Paladin Order Fidelas Constans
368
|
Posted - 2012.02.24 05:07:00 -
[9] - Quote
P3k1 wrote:So, neuron networks :) This semester I had time to play with it, really nice stuff. In video it is being used as additional authentication method. One more layer of security. I think it is around 20% false positive. In our example we would teach our neuron network only to identify if there is human using the input interface (a.k.a. keyboard).
So you would ban 20% of real people from the game. I can see why CCP is so enthusiastic about this. |
Steve Ronuken
Fuzzwork Enterprises
243
|
Posted - 2012.02.24 06:31:00 -
[10] - Quote
Until someone records fifty odd typings of passwords, then uses that as a generator for the randomness for the key press times.
If it can be coded, it can be beaten. And generally, beating it is easier than coding it in the first place. FuzzWork Enterprises http://www.fuzzwork.co.uk/ Blueprint calculator and other 'useful' utilities. |
|
Henry Haphorn
Aliastra Gallente Federation
198
|
Posted - 2012.02.24 14:16:00 -
[11] - Quote
Abdiel Kavash wrote:P3k1 wrote:So, neuron networks :) This semester I had time to play with it, really nice stuff. In video it is being used as additional authentication method. One more layer of security. I think it is around 20% false positive. In our example we would teach our neuron network only to identify if there is human using the input interface (a.k.a. keyboard). So you would ban 20% of real people from the game. I can see why CCP is so enthusiastic about this.
P3k didn't say in his post that this method of detection would ban 20% of the playerbase automatically. It's just a hint that those 20% would be identified and investigated further. At least that's what I understood. ***CSM Interstellar Debate - Mining Profession*** ***CSM Interstellar Debate - Combat PvP*** |
P3k1
Circle of Crows
3
|
Posted - 2012.02.24 17:18:00 -
[12] - Quote
Henry Haphorn wrote: // CUT P3k1 didn't say in his post that this method of detection would ban 20% of the playerbase automatically. It's just a hint that those 20% would be identified and investigated further. At least that's what I understood.
Correct, it would be used as additional layer of security/indication that some one is using bot/scripts. 20% false positive means that this method can be wrong every fifth time. That number depends on how good you teach your neural network to resemble group A, and group B.
It is used when you have complex mathematical model. So you give behavior facts of group A, and group B. Teach neural network to resemble those two groups. Because it learns on itself how to resemble them. And it learns constantly :)
Bottom line... it would be additional layer of security, and could be used as indicator for Game Masters to look closer if some one is behaving suspicious. There would still be report a bot feature :) But observation would first be given to neural network, and then to Game Master to put the final verdict.
This is just an idea :) |
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |