A method for monitoring game cheating behavior based on dns traffic characteristics

A technology of traffic characteristics and behaviors, applied in digital transmission systems, data exchange networks, electrical components, etc., to achieve the effects of wide application, improved accuracy, and improved monitoring capabilities

Active Publication Date: 2021-07-27
福建天晴在线互动科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The above-mentioned existing game plug-in behavior monitoring scheme may be bypassed by the plug-in using process hiding technology, memory polymorphism and other methods

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for monitoring game cheating behavior based on dns traffic characteristics
  • A method for monitoring game cheating behavior based on dns traffic characteristics

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] The present invention will be further described below in conjunction with the accompanying drawings.

[0041] see figure 1 with figure 2 As shown, a game plug-in behavior monitoring method based on DNS traffic characteristics of the present invention, the present invention is based on Microsoft's WFP network filter driver framework, by installing a network filter at the bottom of the system to capture the plug-in network request behavior. The method includes the following steps: step S1, the client of the Windows system application layer creates a network filter driver at the driver layer;

[0042] Step S2, establish a domain name blacklist; said step S2 is further specifically: in the process of creating the network filter driver, write the domain name resolved by the plug-in request into the file of the network filter driver, load and start the network filter by the Windows system application program Driver; after the network filter driver is enabled successfully, th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a game plug-in behavior monitoring method based on DNS traffic characteristics. The method includes the following steps: step S1, the client of the Windows system application layer creates a network filter driver at the driver layer; step S2, establishes a domain name blacklist ; Step S3, the network filter driver captures all UDP packets at the packet layer, and compares the domain name parameters that the UDP packets request to resolve with the domain name blacklist, if the domain name parameters are included in any one of the domain name blacklists; domain name string, then it is determined that the game player has a cheating behavior, and the domain name blacklist stores the domain name string that the plug-in will request to resolve; the present invention can efficiently monitor the usage behavior of the plug-in with known DNS traffic characteristics.

Description

technical field [0001] The invention relates to the field of computer system communication technology, software security, and game cheating detection, in particular to a method for monitoring game cheating behavior based on DNS traffic characteristics. Background technique [0002] Existing cheating behavior monitoring modules usually use a detection method based on process memory scanning, such as scanning the memory space of a process to determine whether a cheating feature code is included, etc. There is currently no public kernel-level monitoring method for game cheating behavior based on DNS traffic characteristics . [0003] The above-mentioned existing game plug-in behavior monitoring scheme may be bypassed by methods such as process hiding technology and memory polymorphism of the plug-in. The solution described in this patent can monitor the use of such plug-ins. In addition, this patent is accurate and efficient in the monitoring of plug-in usage scenarios with D...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L29/06H04L29/12
CPCH04L43/0876H04L69/22H04L61/4511
Inventor 刘德建任佳伟陈宏展
Owner 福建天晴在线互动科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap