Gangi: Preventing Memory Tampering Cheats in Online Games

Abstract

The global online video game industry has become a more than one hundred billion dollar market. Cheating is one of the major issues in multiplayer online video games. Cheat prevention is challenging because of the unique threat model of online games. Because the cheaters physically possess their own game computers, they can install cheat tools at the user level and OS and can access the physical DRAM bus to tamper with the game process. This paper aims to efficiently prevent memory tampering cheats by leveraging a trusted execution environment (TEE), Intel Client SGX. It provides strong integrity protection against memory tampering. Unfortunately, its strong protection comes with a severe size limitation of the available enclave memory. Running the entire game process inside the enclave exceeds the memory limit. This paper presents Gangi, a library that efficiently protects the integrity-sensitive game state that exceeds the available enclave memory. Gangi places the game state outside the enclave to reduce memory consumption inside the enclave while ensuring the integrity of the game state by hash-based validation. Our benchmarking results show that a Gangi-protected game outperforms the EPC swapping approach with the entire game state being inside the enclave.