陳文進臺灣大學：資訊工程學研究所江志偉Jiang, Jhih-WeiJhih-WeiJiang2007-11-262018-07-052007-11-262018-07-052006http://ntur.lib.ntu.edu.tw//handle/246246/53678多人線上角色扮演遊戲的一大挑戰就是使用機器人程式來玩遊戲的狀況越來越頻繁.然而像這種透過使用程式來進行遊戲的行為是非常缺乏運動家精神,並且是不被允許的.因此,遊戲公司為了維持遊戲世界中的秩序,通常都會安排一些遊戲管理者透過觀察以及進一步對話的方式來取締這種非法的行為.明顯可見的是,這樣的解決方式並不高明且缺乏效率.面對這樣的問題,我們首先對真實玩家以及機器人程式在進行遊戲時所產生的封包資料加以分析,進而提出自動判定的方法. 以仙境傳說這款非常流行的遊戲作為研究的對象.我們發現一份真實玩家所產生的封包資料與機器人程式所產生的可以藉由以下幾點特性來區別: 1.發出指令的時間規律. 2.傳送的封包數量的變動性相對於時間的趨勢以及程度. 3.對網路情況的反應. 基於以上三點特性我們提出了四種判定的方法以及兩種整合性的方法.其中保守的整合性方法可以把將玩家判斷成機器人程式的機率降到最低;而積極的方法可以找出絕大部分的機器人程式.最後,我們說明了這些方法的一般性以及對機器人程式開發者的抵抗能力.MMORPGs have become extremely popular among network gamers. Despite their success, one of MMORPG’s greatest challenges is the increasing use of game bots, i.e., autoplaying game clients. The use of game bots is considered unsportsmanlike and is therefore forbidden. To keep games in order, game police, played by actual human players, often patrol game zones and question suspicious players. This practice, however, is labor-intensive and ineffective. To address this problem, we analyze the traffic generated by human players vs. game bots and propose solutions to automatically identify game bots. Taking Ragnarok Online, one of the most popular MMORPGs, as our subject, we study the traffic generated by mainstream game bots and human players. We find that their traffic is distinguishable by: 1) the regularity in the release time of client commands, 2) the trend and magnitude of traffic burstiness in multiple time scales, and 3) the sensitivity to network conditions. We propose four strategies and two integrated schemes to identify bots. For our data sets, the conservative scheme completely avoids making false accusations against bona fide players, while the aggressive scheme tracks game bots down more aggressively. Finally, we show that the proposed methods are generalizable to other games and robust against counter-measures from bot developers.致謝 iii 中文摘要 v ABSTRACT vii List of Figures xi Chapter 1. INTRODUCTION 1 1.1. Background 1 1.2. Motivation 2 1.3. Problem Statement 3 1.4. Thesis Goal and Organization 4 Chapter 2. RELATED WORK 5 2.1. Ragnarok and the BOTs 5 2.2. Cheat Prevention Related Projects (Papers) 7 2.2.1. Cheat-Proof Playout for Centralized and Distributed Online Games. [1] 7 2.2.2. Cheat-Proofing Dead Reckoned Multiplayer Games. [4] 12 2.2.3. Is runtime verification applicable to cheat detection? [5] 14 2.2.4. A systematic classification of cheating in online games. [13] 15 2.3. Techniques 16 2.3.1. R 16 2.3.2. windump and winpcap 17 Chapter 3. TRACE COLLECTION 19 Chapter 4. ANALYSIS OF TRAFFIC PATTERNS 21 4.1. Regularity in Client Traffic 22 4.1.1. Packet Interarrivals: 22 4.1.2. Entropy of Packet Interarrival Times 23 4.1.3. Frequency Component 25 4.2. Command Timing 27 4.2.1. Prompt Response 29 4.2.2. Regularity in Response Times 29 4.3. Traffic Burstiness 30 4.4. Sensitivity to Network Conditions 32 Chapter 5. PROPOSED BOT DETECTION SCHEMES 35 5.1. Command Timing 35 5.1.1. Multimodality Test 35 5.1.2. Regularity Test 35 5.2. Trend of Traffic Burstiness 37 5.3. Magnitude of Traffic Burstiness 38 5.4. Reaction to Network Condition 38 5.5. Performance Evaluation 39 5.6. Discussion 40 5.6.1. Generality 41 5.6.2. Robustness against Counter-Attacks 41 Chapter 6. IMPLEMENTATION 45 6.1. System Architecture 45 6.2. Performance Evaluation 47 6.3. Discussion 49 Chapter 7. CONCLUSION and FUTURE WORKS 51 7.1. Conclusion 51 7.2. Future Work 52 BIBLIOGRAPHY 532255349 bytesapplication/pdfen-US多人線上遊戲機器人程式網路流量分析Online GamesGame BotTraffic Analysisthesishttp://ntur.lib.ntu.edu.tw/bitstream/246246/53678/1/ntu-95-R93922091-1.pdf