If It Looks Like a Rootkit and Deceives Like a Rootkit: A Critical Examination of Kernel-Level Anti-Cheat Systems

If It Looks Like a Rootkit and Deceives Like a Rootkit: A Critical Examination of Kernel-Level Anti-Cheat Systems

Addressing a critical aspect of cybersecurity in online gaming, this paper systematically evaluates the extent to which kernel-level anti-cheat systems mirror the properties of rootkits, highlighting the importance of distinguishing between protective and potentially invasive software. After establi...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:arXiv.org 2024-08
Hauptverfasser: Dorner, Christoph, Klausner, Lukas Daniel
Format: Artikel
Sprache:eng
Schlagworte:
Computer program integrity
Computer Science - Computers and Society
Computer Science - Cryptography and Security
Cybersecurity
Evaluation
Privacy
Software engineering
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title arXiv.org
container_volume
creator Dorner, Christoph
Klausner, Lukas Daniel
description Addressing a critical aspect of cybersecurity in online gaming, this paper systematically evaluates the extent to which kernel-level anti-cheat systems mirror the properties of rootkits, highlighting the importance of distinguishing between protective and potentially invasive software. After establishing a definition for rootkits (making distinctions between rootkits and simple kernel-level applications) and defining metrics to evaluate such software, we introduce four widespread kernel-level anti-cheat solutions. We lay out the inner workings of these types of software, assess them according to our previously established definitions, and discuss ethical considerations and the possible privacy infringements introduced by such programs. Our analysis shows two of the four anti-cheat solutions exhibiting rootkit-like behaviour, threatening the privacy and the integrity of the system. This paper thus provides crucial insights for researchers and developers in the field of gaming security and software engineering, highlighting the need for informed development practices that carefully consider the intersection of effective anti-cheat mechanisms and user privacy.
doi_str_mv 10.48550/arxiv.2408.00500
format Article
fullrecord <record><control><sourceid>proquest_arxiv</sourceid><recordid>TN_cdi_arxiv_primary_2408_00500</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>3087443173</sourcerecordid><originalsourceid>FETCH-LOGICAL-a523-8838b4dba5a1140c9cc106edb347e76b43cb84fa49c539c678d7493c6a8dc0d53</originalsourceid><addsrcrecordid>eNpdkMFLwzAchYMgOOb-AE8GPHem-SVN6m3UqcOCoLuXNE0xa9dsSTa2_965efL0Du_j8fgQukvJlEnOyaPyB7ufUkbklBBOyBUaUYA0kYzSGzQJYUUIoZmgnMMIbRctXkRcOtcFXNrOYIU_nYudjVgNDX422ti9-d894RkuvI1Wqx7PD2ptBxWtG7Br8bvxg-mT0uxNj2dDtEnxbVTEX8cQzTrcoutW9cFM_nKMli_zZfGWlB-vi2JWJopTSKQEWbOmVlylKSM61zolmWlqYMKIrGaga8laxXLNIdeZkI1gOehMyUaThsMY3V9mzz6qjbdr5Y_Vr5fq7OVEPFyIjXfbnQmxWrmdH06fKiBSMAapAPgBrbxkng</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3087443173</pqid></control><display><type>article</type><title>If It Looks Like a Rootkit and Deceives Like a Rootkit: A Critical Examination of Kernel-Level Anti-Cheat Systems</title><source>arXiv.org</source><source>Open Access Journals</source><creator>Dorner, Christoph ; Klausner, Lukas Daniel</creator><creatorcontrib>Dorner, Christoph ; Klausner, Lukas Daniel</creatorcontrib><description>Addressing a critical aspect of cybersecurity in online gaming, this paper systematically evaluates the extent to which kernel-level anti-cheat systems mirror the properties of rootkits, highlighting the importance of distinguishing between protective and potentially invasive software. After establishing a definition for rootkits (making distinctions between rootkits and simple kernel-level applications) and defining metrics to evaluate such software, we introduce four widespread kernel-level anti-cheat solutions. We lay out the inner workings of these types of software, assess them according to our previously established definitions, and discuss ethical considerations and the possible privacy infringements introduced by such programs. Our analysis shows two of the four anti-cheat solutions exhibiting rootkit-like behaviour, threatening the privacy and the integrity of the system. This paper thus provides crucial insights for researchers and developers in the field of gaming security and software engineering, highlighting the need for informed development practices that carefully consider the intersection of effective anti-cheat mechanisms and user privacy.</description><identifier>EISSN: 2331-8422</identifier><identifier>DOI: 10.48550/arxiv.2408.00500</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Computer program integrity ; Computer Science - Computers and Society ; Computer Science - Cryptography and Security ; Cybersecurity ; Evaluation ; Privacy ; Software engineering</subject><ispartof>arXiv.org, 2024-08</ispartof><rights>2024. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,776,780,881,27904</link.rule.ids><backlink>$$Uhttps://doi.org/10.1145/3664476.3670433$$DView published paper (Access to full text may be restricted)$$Hfree_for_read</backlink><backlink>$$Uhttps://doi.org/10.48550/arXiv.2408.00500$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Dorner, Christoph</creatorcontrib><creatorcontrib>Klausner, Lukas Daniel</creatorcontrib><title>If It Looks Like a Rootkit and Deceives Like a Rootkit: A Critical Examination of Kernel-Level Anti-Cheat Systems</title><title>arXiv.org</title><description>Addressing a critical aspect of cybersecurity in online gaming, this paper systematically evaluates the extent to which kernel-level anti-cheat systems mirror the properties of rootkits, highlighting the importance of distinguishing between protective and potentially invasive software. After establishing a definition for rootkits (making distinctions between rootkits and simple kernel-level applications) and defining metrics to evaluate such software, we introduce four widespread kernel-level anti-cheat solutions. We lay out the inner workings of these types of software, assess them according to our previously established definitions, and discuss ethical considerations and the possible privacy infringements introduced by such programs. Our analysis shows two of the four anti-cheat solutions exhibiting rootkit-like behaviour, threatening the privacy and the integrity of the system. This paper thus provides crucial insights for researchers and developers in the field of gaming security and software engineering, highlighting the need for informed development practices that carefully consider the intersection of effective anti-cheat mechanisms and user privacy.</description><subject>Computer program integrity</subject><subject>Computer Science - Computers and Society</subject><subject>Computer Science - Cryptography and Security</subject><subject>Cybersecurity</subject><subject>Evaluation</subject><subject>Privacy</subject><subject>Software engineering</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GOX</sourceid><recordid>eNpdkMFLwzAchYMgOOb-AE8GPHem-SVN6m3UqcOCoLuXNE0xa9dsSTa2_965efL0Du_j8fgQukvJlEnOyaPyB7ufUkbklBBOyBUaUYA0kYzSGzQJYUUIoZmgnMMIbRctXkRcOtcFXNrOYIU_nYudjVgNDX422ti9-d894RkuvI1Wqx7PD2ptBxWtG7Br8bvxg-mT0uxNj2dDtEnxbVTEX8cQzTrcoutW9cFM_nKMli_zZfGWlB-vi2JWJopTSKQEWbOmVlylKSM61zolmWlqYMKIrGaga8laxXLNIdeZkI1gOehMyUaThsMY3V9mzz6qjbdr5Y_Vr5fq7OVEPFyIjXfbnQmxWrmdH06fKiBSMAapAPgBrbxkng</recordid><startdate>20240801</startdate><enddate>20240801</enddate><creator>Dorner, Christoph</creator><creator>Klausner, Lukas Daniel</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20240801</creationdate><title>If It Looks Like a Rootkit and Deceives Like a Rootkit: A Critical Examination of Kernel-Level Anti-Cheat Systems</title><author>Dorner, Christoph ; Klausner, Lukas Daniel</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a523-8838b4dba5a1140c9cc106edb347e76b43cb84fa49c539c678d7493c6a8dc0d53</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Computer program integrity</topic><topic>Computer Science - Computers and Society</topic><topic>Computer Science - Cryptography and Security</topic><topic>Cybersecurity</topic><topic>Evaluation</topic><topic>Privacy</topic><topic>Software engineering</topic><toplevel>online_resources</toplevel><creatorcontrib>Dorner, Christoph</creatorcontrib><creatorcontrib>Klausner, Lukas Daniel</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science &amp; Engineering Database (Proquest)</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>ProQuest Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering collection</collection><collection>arXiv Computer Science</collection><collection>arXiv.org</collection><jtitle>arXiv.org</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Dorner, Christoph</au><au>Klausner, Lukas Daniel</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>If It Looks Like a Rootkit and Deceives Like a Rootkit: A Critical Examination of Kernel-Level Anti-Cheat Systems</atitle><jtitle>arXiv.org</jtitle><date>2024-08-01</date><risdate>2024</risdate><eissn>2331-8422</eissn><abstract>Addressing a critical aspect of cybersecurity in online gaming, this paper systematically evaluates the extent to which kernel-level anti-cheat systems mirror the properties of rootkits, highlighting the importance of distinguishing between protective and potentially invasive software. After establishing a definition for rootkits (making distinctions between rootkits and simple kernel-level applications) and defining metrics to evaluate such software, we introduce four widespread kernel-level anti-cheat solutions. We lay out the inner workings of these types of software, assess them according to our previously established definitions, and discuss ethical considerations and the possible privacy infringements introduced by such programs. Our analysis shows two of the four anti-cheat solutions exhibiting rootkit-like behaviour, threatening the privacy and the integrity of the system. This paper thus provides crucial insights for researchers and developers in the field of gaming security and software engineering, highlighting the need for informed development practices that carefully consider the intersection of effective anti-cheat mechanisms and user privacy.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><doi>10.48550/arxiv.2408.00500</doi><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier EISSN: 2331-8422
ispartof arXiv.org, 2024-08
issn 2331-8422
language eng
recordid cdi_arxiv_primary_2408_00500
source arXiv.org; Open Access Journals
subjects Computer program integrity
Computer Science - Computers and Society
Computer Science - Cryptography and Security
Cybersecurity
Evaluation
Privacy
Software engineering
title If It Looks Like a Rootkit and Deceives Like a Rootkit: A Critical Examination of Kernel-Level Anti-Cheat Systems
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-24T20%3A28%3A51IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_arxiv&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=If%20It%20Looks%20Like%20a%20Rootkit%20and%20Deceives%20Like%20a%20Rootkit:%20A%20Critical%20Examination%20of%20Kernel-Level%20Anti-Cheat%20Systems&rft.jtitle=arXiv.org&rft.au=Dorner,%20Christoph&rft.date=2024-08-01&rft.eissn=2331-8422&rft_id=info:doi/10.48550/arxiv.2408.00500&rft_dat=%3Cproquest_arxiv%3E3087443173%3C/proquest_arxiv%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3087443173&rft_id=info:pmid/&rfr_iscdi=true