Cheating in multiplayer games

Cheating in multiplayer games is an intriguing issue, and it seems that it begins to receive some attention. See for instance "A Legal Analysis of Cheating in Online Multiplayer Games" by Joel Zetterström. Of course I am less interested by the legal aspects than by the cheating techniques employed in First Person Shooters, Real Time Strategy and Massive Multiplayer Online Role-playing games. The authors cites a study by Yan and Choi which describes 11 kinds of cheats:

1. Cheating by collusion. This can occur in games where one player is not suppose to know what other players know but exchanges information anyway, such cheat can for example occur in an online version of the card game Bridge. In FPS and RTS, players are allowed and encouraged to cooperate if they play on the same team, and it is very common to do that by using voice chat programs. 2. Cheating by abusing procedure or policy. Some games record wins and losses for each player profile in a statistic database21 and by abusing certain procedures the player can escape having his loss recorded. The winner will therefore not have his win recorded. 3. Cheating related to virtual assets. The trading of virtual assets is a big business worth lots of real money, and thus cheating related to virtual assets is attractive. Trading in MMORPG’s can therefore be abused by certain players who accept the money for an item, but then keep it. 4. Cheating by compromising passwords. Passwords (I would say that this category also includes CD-keys) for online games can be vulnerable targets for malicious users. Once acquired, they can be used access crucial game data and authorization thus enabling cheats in various ways, for example to steal items from another player or to block his access to the game (see number 5 below). 5. Cheating by denying service to peer players. Various techniques, like flooding the other players connection so he times out, or forcing him to disconnect (disconnect hack) at the right time can lead to benefits in computer games. 6. Cheating due to lack of secrecy. Servers and computer communicate with each other with packets of information. These packets can be intercepted and read, or inserted with different data, enabling cheats. 7. Cheating due to lack of authentication. This is cheats related to authentication between server and client. 8. Cheating related to internal misuse. Game operators and system administrators have special power over a gaming environment that could be misused in order to cheat, an example can be to create valuable items in MMORPG’s and sell them. 9. Cheating by social engineering. There are various ways of scamming people to get access to their passwords and CD-keys, e.g. by posing as a system administrator. 10. Cheating by modifying game software or data. This is the traditional way of cheating in online multiplayer games. Cheat-creators can reverse engineer the gaming software and create special programs that can be used to gain unfair advantages. This is also called “hacks”. 11. Cheating by exploiting bug or design flaw.

Why do I blog this? cheats are interesting because it reveals how users detect misuses, flaws and hackable issue, surely a good form of creativity (which is however a problem for game companies).