INFORMATION THREATS AND METHODS OF ENSURING SECURITY IN MODERN ONLINE GAMES
DOI:
https://doi.org/10.28925/2663-4023.2025.30.928Keywords:
information security; online games; network threats; Windows vulnerabilities; DDoS attacks; phishing; data protection; Python monitoring toolsAbstract
The article examines the issues of information security in modern online games, which in the context of digitalization have become not only a tool for entertainment, but also an important part of social interaction and communications. The emphasis is on a comprehensive analysis of the main cyber threats that users and developers of gaming services face. In particular, widespread attacks on accounts, phishing schemes, the use of bots and malicious software, as well as the implementation of massive DDoS attacks aimed at disrupting the availability of game servers, were studied in detail. Particular attention is paid to social engineering methods of influence that combine technical and psychological aspects of influencing players. An important component of the study was the construction of a model of information security threats that systematizes the types of attacks, the conditions for their occurrence, the level of damage, objects of violation (confidentiality, integrity, availability) and typical network ports used to implement threats. The proposed classification allows us to identify the most dangerous areas of influence on gaming systems and forms the basis for further development of protective mechanisms. It is shown that a significant part of attacks becomes possible due to vulnerabilities of the Windows operating system, which is the most common among gamers. Among the critical problems, driver exploits, vulnerabilities of network services (SMB, RDP, RPC), file system shortcomings, threats from untimely system updates and the use of zero-day exploits are highlighted. The work separately emphasizes the importance of studying Windows OS vulnerabilities in the context of ensuring the security of network games. Visualization of key attack vectors in the form of infographics clearly demonstrates the multi-level nature of risks and indicates the need to develop comprehensive protection methods. Additionally, the results of the analysis of the latest scientific publications and industry reports are presented, which confirm the growth in the number of attacks on players and developers and emphasize the inadequacy of traditional security tools. The practical contribution of the study was the concept of creating a tool in the Python language for detecting network attacks in real time. The use of libraries for traffic analysis (Scapy, Socket, PyShark) and algorithms for detecting anomalies in the behavior of network packets is proposed. This opens up prospects for creating effective protective solutions adapted to the specifics of online games, and also lays the foundation for further integration of intelligent systems based on machine learning. The conclusions emphasize that information security in online games is a multi-component problem that covers both technical and social aspects. The need for a comprehensive approach is identified, including the modernization of security protocols, regular updates of operating systems, the implementation of anti-cheat technologies, intrusion detection systems, and the formation of a culture of safe behavior among players. Prospects for further research are seen in expanding the functionality of the developed software tool, the application of artificial intelligence methods for predicting attacks, and the standardization of approaches to assessing the security of gaming ecosystems. Thus, the research results have both scientific and practical significance: they systematize existing threats, identify key weaknesses in the security of modern gaming environments, and offer applied solutions that will help increase the level of user security and trust in digital entertainment platforms.
Downloads
References
Kaspersky. (2024, July 23). 30 percent more young gamers targeted by cybercriminals in H1 2024 vs. H2 2023. https://www.kaspersky.com/about/press-releases/30-percent-more-young-gamers-targeted-by-cybercriminals-in-h1-2024-vs-h2-2023
Advancements in cheating detection algorithms in FPS games. (2025). In Proceedings of SPIE 13562, Applications of Machine Learning. https://doi.org/10.1117/12.3061748
Damasevicius, R., Venckauskas, A., Grigaliunas, S., Toldinas, J., Morkevicius, N., Aleliunas, T., & Smuikys, P. (2020). LITNET-2020: An annotated real-world network flow dataset for network intrusion detection. Electronics, 9(5), 800. https://doi.org/10.3390/electronics9050800
Corero. (n.d.). How DDoS attacks disrupt gaming. https://www.corero.com/how-ddos-attacks-disrupt-gaming
Newman, L. H. (2021, April 8). Inside the multimillion-dollar gray market for video game cheats. WIRED. https://www.wired.com/story/inside-the-multimillion-dollar-grey-market-for-video-game-cheats/
Kanode, C. M., & Haddad, H. M. (2009). Software engineering challenges in game development. In Sixth International Conference on Information Technology: New Generations (pp. 260–265). IEEE. https://doi.org/10.1109/ITNG.2009.194
Kasongo, S. M., & Sun, Y. (2020). Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset. Journal of Big Data, 7(1), 105. https://doi.org/10.1186/s40537-020-00373-4
Moreira, A. V. M., Filho, V. V., & Ramalho, G. (2014). Understanding mobile game success: A study of features related to acquisition, retention and monetization. In Proceedings of SBGames 2014.
Murphy-Hill, E., Zimmermann, T., & Nagappan, N. (2014). Cowboys, ankle sprains, and keepers of quality: How is video game development different from software development? In Proceedings of the 36th International Conference on Software Engineering (pp. 1–11). ACM. https://doi.org/10.1145/2568225.2568227
Osanaiye, O., Cai, H., Choo, K.-K. R., Dehghantanha, A., Xu, Z., & Dlodlo, M. (2016). Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP Journal on Wireless Communications and Networking, 2016(1), 130. https://doi.org/10.1186/s13638-016-0623-9
Klostermeyer, P., Amft, S., Höltervennhof, S., Krause, A., Busch, N., & Fahl, S. (2024). Skipping the security side quests: A qualitative study on security practices and challenges in game development. https://saschafahl.de/static/paper/gamedevs2024.pdf
Shushura, O. M., Asieieva, L. A., Nedashkivskiy, O. L., Havrylko, Y. V., Moroz, Y. O., Smailova, S. S., & Sarsembayev, M. (2022). Simulation of information security risks of availability of project documents based on fuzzy logic. Informatyka, Automatyka, Pomiary w Gospodarce i Ochronie Środowiska, 12(3), 64–68. https://doi.org/10.35784/iapgos.3033
Zavada, A. A., Samchyshyn, O. V., & Okhrimchuk, V. V. (2012). Analysis of modern attack detection and intrusion prevention systems. Information Systems. Collection of Scientific Papers of ZhVINAU, 6(12), 97–106.
Lukyanenko, T. Yu., Ponochovnyi, P. M., & Legominova, S. V. (2022). Methodology for detecting network intrusions and signs of computer attacks based on an empirical approach. Modern Information Protection, 2(50), 15–21.
Tolyupa, S., Plyushch, O. G., & Parkhomenko, I. I. (2020). Building attack detection systems in information networks based on neural network structures. Cybersecurity: Education, Science, Technology, 2(10), 169–181.
Chichkarev, E., Zinchenko, O., Bondarchuk, A., & Aseeva, L. (2023). Feature selection method for intrusion detection system using ensemble approach and fuzzy logic. Cybersecurity: Education, Science, Technology, 1(21), 234–251.
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Орест Полотай, Тарас Брич, Артур Ткаченко, Максим Дітковський, Максим Гуменюк
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
