Detecting a Colluding Subset in a Simple Two-Dimensional Game

Collusion is covert co-operation between the participants of a game. Detecting the colluding players can require discerning and understanding the player's motivation, which is often difficult task even for humans. In this paper we analyse experimental data from a simple two-dimensional game using synthetic players. We calculate information gains of the features in the data to show how well they indicate collusion. Then we examine J4.8 decision tree classifiers learned from the data and use them to detect the colluding subsets

Anomaly detection in competitive multiplayer games

As online video games rise in popularity, there has been a significant increase in fraudulent behavior and malicious activity. Numerous methods have been proposed to automate the identification and detection of such behaviors but most studies focused on situations with perfect prior knowledge of the gaming environment, particularly, in regards to the malicious behaviour being identified. This assumption is often too strong and generally false when it comes to real-world scenarios. For these reasons, it is useful to consider the case of incomplete information and combine techniques from machine learning and solution concepts from game theory that are better suited to tackle such settings, and automate the detection of anomalous behaviors. In this thesis, we focus on two major threats in competitive multiplayer games: intrusion and device compromises, and cheating and exploitation. The former is a knowledge-based anomaly detection, focused on understanding the technology and strategy being used by the attacker in order to prevent it from occurring. One of the major security concerns in cyber-security are Advanced Persistent Threats (APT). APTs are stealthy and constant computer hacking processes which can compromise systems bypassing traditional security measures in order to gain access to confidential information held in those systems. In online video games, most APT attacks leverage phishing and target individuals with fake game updates or email scams to gain initial access and steal user data, including but not limited to account credentials and credit card numbers. In our work, we examine the two player game called FlipIt to model covert compromises and stealthy hacking processes in partial observable settings, and show the efficiency of game theory concept solutions and deep reinforcement learning techniques to improve learning and detection in the context of fraud prevention. The latter defines a behavioral-based anomaly detection. Cheating in online games comes with many consequences for both players and companies; hence, cheating detection and prevention is an important part of developing a commercial online game. However, the task of manually identifying cheaters from the player population is unfeasible to game designers due to the sheer size of the player population and lack of test datasets. In our work, we present a novel approach to detecting cheating in competitive multiplayer games using tools from hybrid intelligence and unsupervised learning, and give proof-of-concept experimental results on real-world datasets

Collusion features from a simple two-dimensional game

<p>Data and supplementary files for TUCS Technical Report "Detecting a colluding subset in a simple two-dimensional game" [1]</p> <p>The files aoi.arff, block.arff and tabu.arff contain features for area-of-intererst, blocking and tabu colluders respectively. Each file contains 23800 rows from 500 simulated games. Each row represents one subset of players in a single game. Simulations used 2 to 6 colluders and 100 games were performed with each number of colluders. For each game only data of subsets of players with a size equal to the number of colluders were collected. The data contains features proposed in [2] and in addition the following features:</p> <p>- colluderRatio: fraction of colluders in the subset<br>- colluders: number of colluders and subset's size<br>- collusion: 1 if all members of the subset are colluders, 0 otherwise.</p> <p>swiftness.csv contains mean time used to generate data for each subset size.</p> <p>wins.csv contains collusion pay-off as wins per 1000 games per colluder in dispenser setting from [2].</p> <p>experiment_final.Rmd is the R Markdown file for generating the figures in the report.</p> <p> </p> <p>[1] Jussi Laasonen, Jouni Smed, Detecting a Colluding Subset in a Simple Two-Dimensional Game. TUCS Technical Reports 1074, 2013.</p> <p>[2] J. Laasonen, T. Knuutila, and J. Smed, “Eliciting collusion features,” in Proceedings of the 4th International ICST Conference on Simulation Tools and Techniques, 2011, pp. 296–303.</p