وبلاگ بلیان

Exploiting Online Games: Cheating Massively Distributed Systems (Addison-Wesley Software Security Series)

جلد کتاب Exploiting Online Games: Cheating Massively Distributed Systems (Addison-Wesley Software Security Series)

معرفی کتاب «Exploiting Online Games: Cheating Massively Distributed Systems (Addison-Wesley Software Security Series)» نوشتهٔ Greg Hoglund, Gary McGraw، منتشرشده توسط نشر Addison-Wesley Professional در سال 2007. این کتاب در فرمت chm، زبان انگلیسی ارائه شده است.

در دنیایی که اشیای مجازی در بازی‌های آنلاین دارای ارزش پولی واقعی هستند و دارایی‌های نامرئی می‌توانند ثروتی به همراه داشته باشند یا از دست بروند، درک امنیت این جهان‌های دیجیتال به امری حیاتی تبدیل شده است. کتاب «بهره‌برداری از بازی‌های آنلاین: تقلب در سیستم‌های توزیع‌شده عظیم» (Exploiting Online Games: Cheating Massively Distributed Systems) نوشتهٔ گرگ هاگلند (Greg Hoglund) و گری مک‌گرا (Gary McGraw)، که در سال ۲۰۰۷ توسط انتشارات ادیسون-وسلی (Addison-Wesley) منتشر شده، به عنوان اولین منبع جامع در این حوزه، نگاهی بی‌پرده به تکنیک‌های نفوذ و روش‌های دفاعی در برابر آن‌ها دارد.

دربارهٔ کتاب «بهره‌برداری از بازی‌های آنلاین» —

این کتاب فراتر از یک راهنمای ساده برای هک کردن بازی‌هاست؛ بلکه با نگاهی پیشگامانه، بازی‌های برخط چندنفرهٔ عظیم (MMORPG) همچون «جهان وارکرفت» (World of Warcraft) و «دنیای دوم» (Second Life) را به عنوان هشداری برای آیندهٔ نرم‌افزارهای توزیع‌شده در نظر می‌گیرد. نویسندگان با به اشتراک گذاشتن دانش عمیق خود در زمینهٔ امنیت نرم‌افزار، نشان می‌دهند که چگونه سیستم‌هایی با میلیون‌ها کاربر تعاملی، بستری ایده‌آل برای مطالعهٔ آسیب‌پذیری‌ها و تکنیک‌های حمله هستند. کتاب با ارائهٔ مثال‌های کد، دیباگرها و بات‌ها، مفاهیمی مانند هک کردن کلاینت، ساخت ربات خودکار برای بازی، معکوس‌سازی مهندسی و حتی روش‌های تغییر کامل بازی (Total Conversion) را پوشش می‌دهد. همچنین، به جنبه‌های اقتصادی، حریم خصوصی و چالش‌های قانونی این حوزه نیز پرداخته شده است.

دربارهٔ نویسنده

گرگ هاگلند (Greg Hoglund) یکی از چهره‌های شاخص در حوزهٔ امنیت نرم‌افزار، به ویژه در زمینهٔ روت‌کیت‌های ویندوز و بهره‌برداری از آسیب‌پذیری‌ها است. او بنیان‌گذار وب‌سایت تأثیرگذار rootkit.com و مدیرعامل شرکت HBGary است که در زمینهٔ مهندسی معکوس و کشف جرم‌های دیجیتال فعالیت می‌کند. هاگلند خود یک هکر قدیمی بازی‌هاست و اوقات فراغت خود را صرف مهندسی معکوس بازی‌های جدید و ساخت ابزارهای بهره‌برداری برای آن‌ها می‌کند. گری مک‌گرا (Gary McGraw) مدیر ارشد فناوری شرکت سیجیتال (Cigital, Inc.) و یکی از مراجع جهانی در حوزهٔ امنیت نرم‌افزار است. او نویسنده یا هم‌نویسندهٔ شش کتاب پرفروش در این زمینه، از جمله «ساختن نرم‌افزار امن» (Building Secure Software) و «بهره‌برداری از نرم‌افزار» (Exploiting Software) است و بیش از ۹۰ مقالهٔ علمی در این حوزه منتشر کرده است. مک‌گرا همچنین سردبیر مجموعه کتاب‌های امنیت نرم‌افزار انتشارات ادیسون-وسلی است و عضو هیئت مدیرهٔ انجمن کامپیوتر IEEE به شمار می‌رود.

چرا باید «بهره‌برداری از بازی‌های آنلاین» را بخوانید؟

  • درک عمیق از تهدیدات امنیتی: با روش‌های حمله به سیستم‌های توزیع‌شده عظیم آشنا می‌شوید و یاد می‌گیرید که مهاجمان چگونه از آسیب‌پذیری‌ها سوءاستفاده می‌کنند.
  • افق‌گشایی در دنیای امنیت نرم‌افزار: بازی‌های آنلاین به عنوان یک میدان آزمایش برای تکنیک‌های امنیتی فردا معرفی می‌شوند و این کتاب، سنگ بنای آن دانش را تشکیل می‌دهد.
  • استفادهٔ عملی از ابزارها: کتاب با کدهای عملی و نمونه‌های واقعی، به شما نشان می‌دهد که چگونه می‌توان یک بات ساخت یا یک کلاینت بازی را هک کرد.
  • آشنایی با اقتصاد تاریک بازی‌ها: درمی‌یابید که چگونه اقتصادهای مجازی با ارزش میلیاردها دلار ایجاد شده‌اند و چرا انگیزهٔ کلاهبرداری در آن‌ها بسیار قوی است.
  • دیدگاه دفاعی مؤثر: با درک طرز فکر مهاجم، می‌توانید سیستم‌های خود را بهتر طراحی کرده و از آن‌ها در برابر حملات محافظت کنید.

این کتاب برای چه کسانی مناسب است؟

این کتاب برای طیف گسترده‌ای از مخاطبان جذاب و مفید است. گیمرهایی که به دنبال درک عمیق‌تری از امنیت بازی‌های مورد علاقه‌شان هستند، توسعه‌دهندگان بازی که می‌خواهند محصولات خود را در برابر تقلب ایمن کنند، و متخصصان امنیت نرم‌افزار که به دنبال آشنایی با تکنیک‌های حمله و دفاع در سیستم‌های توزیع‌شده هستند، همگی از محتوای این کتاب بهره‌مند خواهند شد. همچنین، برای دانشجویان و محققان حوزهٔ امنیت رایانه که به دنبال مطالعهٔ موردی جذاب و پیشگامانه در این زمینه هستند، این منبعی ارزشمند محسوب می‌شود.

سوالات متداول

آیا این کتاب صرفاً به آموزش روش‌های تقلب می‌پردازد یا جنبهٔ دفاعی هم دارد؟

این کتاب با تمرکز بر تکنیک‌های حمله، در واقع به مدافعان کمک می‌کند تا با طرز فکر مهاجم آشنا شوند و سیستم‌های خود را بهتر ایمن‌سازی کنند. نویسندگان معتقدند که برای دفاع مؤثر، ابتدا باید حمله را درک کرد.

آیا برای درک این کتاب به دانش فنی بالایی نیاز است؟

با وجود اینکه کتاب حاوی کدها و مثال‌های فنی است، برای مخاطبان با سطوح مختلف دانش فنی از جمله گیمرها، توسعه‌دهندگان و متخصصان امنیت طراحی شده است و مفاهیم را به زبانی قابل‌درک توضیح می‌دهد.

آیا نمونه‌های کتاب منحصر به بازی «جهان وارکرفت» است؟

خیر، اگرچه از بازی «جهان وارکرفت» و «دنیای دوم» به عنوان نمونه‌های بارز استفاده شده است، اما اصول و تکنیک‌های مطرح‌شده برای طیف گسترده‌ای از بازی‌های آنلاین و حتی نرم‌افزارهای توزیع‌شده دیگر کاربرد دارد.

"Imagine trying to play defense in football without ever studying offense. You would not know when a run was coming, how to defend pass patterns, nor when to blitz. In computer systems, as in football, a defender must be able to think like an attacker. I say it in my class every semester, you don't want to be the last person to attack your own system--you should be the first."The world is quickly going online. While I caution against online voting, it is clear that online gaming is taking the Internet by storm. In our new age where virtual items carry real dollar value, and fortunes are won and lost over items that do not really exist, the new threats to the intrepid gamer are all too real. To protect against these hazards, you must understand them, and this groundbreaking book is the only comprehensive source of information on how to exploit computer games. Every White Hat should read it. It's their only hope of staying only one step behind the bad guys."--Aviel D. Rubin, Ph.D.Professor, Computer ScienceTechnical Director, Information Security InstituteJohns Hopkins University"Everyone's talking about virtual worlds. But no one's talking about virtual-world security. Greg Hoglund and Gary McGraw are the perfect pair to show just how vulnerable these online games can be."--Cade MetzSenior EditorPC Magazine"If we're going to improve our security practices, frank discussions like the ones in this book are the only way forward. Or as the authors of this book might say, when you're facing off against Heinous Demons of Insecurity, you need experienced companions, not to mention a Vorpal Sword of Security Knowledge."--Edward W. Felten, Ph.D.Professor of Computer Science and Public AffairsDirector, Center for Information Technology PolicyPrinceton University"Historically, games have been used by warfighters to develop new capabilities and to hone existing skills--especially in the Air Force. The authors turn this simple concept on itself, making games themselves the subject and target of the 'hacking game,' and along the way creating a masterly publication that is as meaningful to the gamer as it is to the serious security system professional."Massively distributed systems will define the software field of play for at least the next quarter century. Understanding how they work is important, but understanding how they can be manipulated is essential for the security professional. This book provides the cornerstone for that knowledge."--Daniel McGarveyChief, Information Protection DirectorateUnited States Air Force"Like a lot of kids, Gary and I came to computing (and later to computer security) through games. At first, we were fascinated with playing games on our Apple ][s, but then became bored with the few games we could afford. We tried copying each other's games, but ran up against copy-protection schemes. So we set out to understand those schemes and how they could be defeated. Pretty quickly, we realized that it was a lot more fun to disassemble and work around the protections in a game than it was to play it."With the thriving economies of today's online games, people not only have the classic hacker's motivation to understand and bypass the security of games, but also the criminal motivation of cold, hard cash. That's a combination that's hard to stop. The first step, taken by this book, is revealing the techniques that are being used today."--Greg Morrisett, Ph.D.Allen B. Cutting Professor of Computer ScienceSchool of Engineering and Applied SciencesHarvard University"If you're playing online games today and you don't understand security, you're at a real disadvantage. If you're designing the massive distributed systems of tomorrow and you don't learn from games, you're just plain sunk."--Brian Chess, Ph.D.Founder/Chief Scientist, Fortify SoftwareCoauthor of Secure Programming with Static Analysis"This book offers up a fascinating tour of the battle for software security on a whole new front: attacking an online game. Newcomers will find it incredibly eye opening and even veterans of the field will enjoy some of the same old programming mistakes given brilliant new light in a way that only massively-multiplayer-supermega-blow-em-up games can deliver. w00t!"--Pravir ChandraPrincipal Consultant, CigitalCoauthor of Network Security with OpenSSLIf you are a gamer, a game developer, a software security professional, or an interested bystander, this book exposes the inner workings of online-game security for all to see.From the authors of the best-selling Exploiting Software, Exploiting Online Games takes a frank look at controversial security issues surrounding MMORPGs, such as World of WarcraftTM and Second Life®. This no-holds-barred book comes fully loaded with code examples, debuggers, bots, and hacks. This book covers Why online games are a harbinger of software security issues to comeHow millions of gamers have created billion-dollar virtual economiesHow game companies invade personal privacyWhy some gamers cheatTechniques for breaking online game securityHow to build a bot to play a game for youMethods for total conversion and advanced mods Written by the world's foremost software security experts, this book takes a close look at security problems associated with advanced, massively distributed software. With hundreds of thousands of interacting users, today's online games are a bellwether of modern software. The kinds of attack and defense techniques described in Exploiting Online Games are tomorrow's security techniques on display today. "Imagine trying to play defense in football without ever studying offense. You would not know when a run was coming, how to defend pass patterns, nor when to blitz. In computer systems, as in football, a defender must be able to think like an attacker. I say it in my class every semester, you don't want to be the last person to attack your own system--you should be the first. "The world is quickly going online. While I caution against online voting, it is clear that online gaming is taking the Internet by storm. In our new age where virtual items carry real dollar value, and fortunes are won and lost over items that do not really exist, the new threats to the intrepid gamer are all too real. To protect against these hazards, you must understand them, and this groundbreaking book is the only comprehensive source of information on how to exploit computer games. Every White Hat should read it. It's their only hope of staying only one step behind the bad guys." --Aviel D. Rubin, Ph.D. Professor, Computer Science Technical Director, Information Security Institute Johns Hopkins University "Everyone's talking about virtual worlds. But no one's talking about virtual-world security. Greg Hoglund and Gary McGraw are the perfect pair to show just how vulnerable these online games can be." --Cade Metz Senior Editor PC Magazine "If we're going to improve our security practices, frank discussions like the ones in this book are the only way forward. Or as the authors of this book might say, when you're facing off against Heinous Demons of Insecurity, you need experienced companions, not to mention a Vorpal Sword of Security Knowledge." --Edward W. Felten, Ph.D. Professor of Computer Science and Public Affairs Director, Center for Information Technology Policy Princeton University "Historically, games have been used by warfighters to develop new capabilities and to hone existing skills--especially in the Air Force. The authors turn this simple concept on itself, making games themselves the subject and target of the 'hacking game,' and along the way creating a masterly publication that is as meaningful to the gamer as it is to the serious security system professional. "Massively distributed systems will define the software field of play for at least the next quarter century. Understanding how they work is important, but understanding how they can be manipulated is essential for the security professional. This book provides the cornerstone for that knowledge." --Daniel McGarvey Chief, Information Protection Directorate United States Air Force "Like a lot of kids, Gary and I came to computing (and later to computer security) through games. At first, we were fascinated with playing games on our Apple ][s, but then became bored with the few games we could afford. We tried copying each other's games, but ran up against copy-protection schemes. So we set out to understand those schemes and how they could be defeated. Pretty quickly, we realized that it was a lot more fun to disassemble and work around the protections in a game than it was to play it. "With the thriving economies of today's online games, people not only have the classic hacker's motivation to understand and bypass the security of games, but also the criminal motivation of cold, hard cash. That's a combination that's hard to stop. The first step, taken by this book, is revealing the techniques that are being used today." --Greg Morrisett, Ph.D. Allen B. Cutting Professor of Computer Science School of Engineering and Applied Sciences Harvard University "If you're playing online games today and you don't understand security, you're at a real disadvantage. If you're designing the massive distributed systems of tomorrow and you don't learn from games, you're just plain sunk." --Brian Chess, Ph.D. Founder/Chief Scientist, Fortify Software Coauthor of Secure Programming with Static Analysis "This book offers up a fascinating tour of the battle for software security on a whole new front: attacking an online game. Newcomers will find it incredibly eye opening and even veterans of the field will enjoy some of the same old programming mistakes given brilliant new light in a way that only massively-multiplayer-supermega-blow-em-up games can deliver. w00t!" --Pravir Chandra Principal Consultant, Cigital Coauthor of Network Security with OpenSSL If you are a gamer, a game developer, a software security professional, or an interested bystander, this book exposes the inner workings of online-game security for all to see. From the authors of the best-selling Exploiting Software , Exploiting Online Games takes a frank look at controversial security issues surrounding MMORPGs, such as World of Warcraft and Second Life . This no-holds-barred book comes fully loaded with code examples, debuggers, bots, and hacks. This book covers Written by the world's foremost software security experts, this book takes a close look at security problems associated with advanced, massively distributed software. With hundreds of thousands of interacting users, today's online games are a bellwether of modern software. The kinds of attack and defense techniques described in Exploiting Online Games are tomorrow's security techniques on display today.

If you are a gamer, a game developer, a software security professional, or an interested bystander, this book exposes the inner workings of online-game security for all to see.

From the authors of the best-selling Exploiting Software, Exploiting Online Games takes a frank look at controversial security issues surrounding MMORPGs, such as World of Warcraft and Second Life. This no-holds-barred book comes fully loaded with code examples, debuggers, bots, and hacks.

This book covers
-Why online games are a harbinger of software security issues to come
-How millions of gamers have created billion-dollar virtual economies
-How game companies invade personal privacy
-Why some gamers cheat
-Techniques for breaking online game security
-How to build a bot to play a game for you
-Methods for total conversion and advanced mods

Written by the world's foremost software security experts, this book takes a close look at security problems associated with advanced, massively distributed software. With hundreds of thousands of interacting users, today's online games are a bellwether of modern software. The kinds of attack and defense techniques described in Exploiting Online Games are tomorrow's security techniques on display today.

"If you are a gamer, a game developer, a software security professional, or an interested bystander, this book exposes the inner workings of online-game security for all to see." "From the authors of the best-selling Exploiting Software, Exploiting Online Games takes a frank look at controversial security issues surrounding MMORPGs, such as World of Warcraft and Second Life. This no-holds-barred book comes fully loaded with code examples, debuggers, bots, and hacks."--Jacket Why games Game hacking 101 Money Enter the lawyers Infested with bugs Hacking game clients Building a bots Reversing Advanced game hacking fu Software security uber alles Index.
دانلود کتاب Exploiting Online Games: Cheating Massively Distributed Systems (Addison-Wesley Software Security Series)