This Article 
 Bibliographic References 
 Add to: 
Server-Side Bot Detection in Massively Multiplayer Online Games
May/June 2009 (vol. 7 no. 3)
pp. 29-36
Stefan Mitterhofer, Vienna University of Technology
Christopher Kruegel, University of California, Santa Barbara
Engin Kirda, Institute Eurecom
Christian Platzer, Vienna University of Technology
One of the greatest threats that massive multiplayer online games (MMOGs) face today is botting, a form of cheating in which a player uses a script to automate actions in a game without actually playing. This has a severe adverse effect on honest players and impacts their motivation to continue the game, threatening online game providers' subscription-based business model. However, if game companies make an effort at all to automatically detect bots, it's usually through signature checking for suspicious programs on the client side, essentially relying on information from an untrusted source beyond their control. To address the problem, we propose an automated approach to detect bots on the server side, solely based on character activity. Our approach is completely transparent to the end user and exploits the fact that bots follow a script that guides them through the virtual world. More precisely, by analyzing a character's movement data, we can extract waypoints and detect repeated paths. This allows us to find movement patterns that appear frequently, indicating that a character is controlled by a script and not a human player.

1. J. Yan and B. Randell, "A Systematic Classification of Cheating in Online Games," Proc. 4th ACM SIGCOMM Workshop on Network and System Support for Games, ACM Press, 2005, pp. 1–9.
2. G. Hoglund, "4.5 Million Copies of EULA--Compliant Spyware," Oct. 2005; www.rootkit.comblog.php?newsid=358.
3. C. McSherry, "A New Gaming Feature? Spyware," Electronic Frontier Foundation, Oct. 2005; www.e?.org/deeplinks/2005/10new-gaming-feature-spyware .
4. R. Heeks, "Current Analysis and Future Research Agenda on 'Gold Farming': Real-World Production in Developing Countries for the Virtual Eco-nomies of Online Games," Working Paper Series, vol. 32, 2008; wp/didi_wp32.htm.
5. Torak, "Bots: What *Is* NCSoft Doing?", 18 Oct. 2006; http://l2vault.ign.comView.php?view=Articles.Detail&id=15 .
6. D.H. Douglas and T.K. Peucker, "Algorithms for the Reduction of the Number of Points Required to Represent a Line or its Caricature," The Canadian Cartographer, vol. 10, no. 2, 1973, pp. 112–122.
7. H.-F. Eckey, R. Kosfeld, and M. Rengers, Multivariate Statistics, Gabler, 2002.
8. D. Gusfield, Algorithms on Strings, Trees, and Sequences: Computer Science and Computational Biology, Cambridge Univ. Press, 1997.

Index Terms:
gaming, security, online games, cheating, gaming bots, bot detection, world of warcraft, mmorpg security, waypoint extraction
Stefan Mitterhofer, Christopher Kruegel, Engin Kirda, Christian Platzer, "Server-Side Bot Detection in Massively Multiplayer Online Games," IEEE Security & Privacy, vol. 7, no. 3, pp. 29-36, May-June 2009, doi:10.1109/MSP.2009.78
Usage of this product signifies your acceptance of the Terms of Use.