{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,25]],"date-time":"2025-12-25T07:26:05Z","timestamp":1766647565828,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":56,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,10,16]],"date-time":"2023-10-16T00:00:00Z","timestamp":1697414400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100009226","name":"National Security Agency","doi-asserted-by":"publisher","award":["H98230-22-1-0333"],"award-info":[{"award-number":["H98230-22-1-0333"]}],"id":[{"id":"10.13039\/100009226","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000183","name":"Army Research Office","doi-asserted-by":"publisher","award":["W911NF2110081"],"award-info":[{"award-number":["W911NF2110081"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,10,16]]},"DOI":"10.1145\/3607199.3607211","type":"proceedings-article","created":{"date-parts":[[2023,10,3]],"date-time":"2023-10-03T22:30:51Z","timestamp":1696372251000},"page":"17-31","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Extracting Threat Intelligence From Cheat Binaries For Anti-Cheating"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-0242-0904","authenticated-orcid":false,"given":"Md Sakib","family":"Anwar","sequence":"first","affiliation":[{"name":"The Ohio State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3581-1500","authenticated-orcid":false,"given":"Chaoshun","family":"Zuo","sequence":"additional","affiliation":[{"name":"The Ohio State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8018-0341","authenticated-orcid":false,"given":"Carter","family":"Yagemann","sequence":"additional","affiliation":[{"name":"The Ohio State University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6527-5994","authenticated-orcid":false,"given":"Zhiqiang","family":"Lin","sequence":"additional","affiliation":[{"name":"The Ohio State University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"[n. d.]. The business impact of video game cheaters and pirates. https:\/\/venturebeat.com\/2021\/06\/01\/the-business-impact-of-video-game-cheaters-and-pirates-and-how-to-fight-back-vb-live\/. (Accessed on 09\/25\/2021)."},{"key":"e_1_3_2_1_2_1","unstructured":"[n. d.]. Il2CppDumper. ([n. d.]). https:\/\/github.com\/Perfare\/Il2CppDumper."},{"key":"e_1_3_2_1_3_1","unstructured":"[n. d.]. Newzoo: Game market will hit $200B in 2024 | VentureBeat. https:\/\/venturebeat.com\/2021\/07\/04\/newzoo-game-market-will-hit-200b-in-2024\/. (Accessed on 09\/25\/2021)."},{"key":"e_1_3_2_1_4_1","unstructured":"[n. d.]. Parallel Space Virtual Space: No Root for GameGuardian. https:\/\/www.thedroidmod.com\/2019\/07\/gameguardian-parallel-space.html. (Accessed on 01\/25\/2021)."},{"key":"e_1_3_2_1_5_1","unstructured":"[n. d.]. San Andreas Unity Edition. ([n. d.]). https:\/\/github.com\/GTA-ASM\/SanAndreasUnity."},{"key":"e_1_3_2_1_6_1","unstructured":"[n. d.]. Securing Unity Games with DexGuard and iXGuard. https:\/\/www.guardsquare.com\/blog\/securing-unity-games-dexguard-and-ixguard-how-it-works. (Accessed on 09\/25\/2021)."},{"key":"e_1_3_2_1_7_1","unstructured":"[n. d.]. Security-Enhanced Linux in Android. https:\/\/source.android.com\/security\/selinux. (Accessed on 09\/25\/2021)."},{"key":"e_1_3_2_1_8_1","unstructured":"[n. d.]. UnKnoWnCheaTs. https:\/\/www.unknowncheats.me\/forum\/index.php. (Accessed on 10\/01\/2022)."},{"key":"e_1_3_2_1_9_1","unstructured":"2021. Game Guardian. https:\/\/gameguardian.net\/"},{"key":"e_1_3_2_1_10_1","volume-title":"GAME ENGINES: A 0-DAY\u2019S TALE. In NoSuchCon\u201923.","author":"Donato Ferrante Luigi","year":"2023","unstructured":"Luigi Auriemma1 and Donato Ferrante. 2023. GAME ENGINES: A 0-DAY\u2019S TALE. In NoSuchCon\u201923. Paris, France. https:\/\/dl.packetstormsecurity.net\/papers\/general\/ReVuln_Game_Engines_0days_tale.pdf"},{"volume-title":"Analyzing Memory Accesses in x86 Executables","author":"Balakrishnan Gogul","key":"e_1_3_2_1_11_1","unstructured":"Gogul Balakrishnan and Thomas Reps. 2004. Analyzing Memory Accesses in x86 Executables. In Compiler Construction, Evelyn Duesterwald (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 5\u201323."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3007788.3007792"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043628.2043633"},{"key":"e_1_3_2_1_14_1","unstructured":"Reinhard Blaukovitsch. 2020. YOU MIGHT BE SURPRISED BY WHAT YOUR MOBILE GAMERS LOOK LIKE. https:\/\/blog.irdeto.com\/video-gaming\/you-might-be-surprised-by-what-your-mobile-gamers-look-like\/"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.28"},{"key":"e_1_3_2_1_16_1","unstructured":"N. Cano. 2019. Cheat Engine. https:\/\/www.cheatengine.org\/"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1155\/2009\/797159"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/CEC.2004.1330849"},{"key":"e_1_3_2_1_19_1","unstructured":"Anthony Cozzie Frank Stratton Hui Xue and Samuel\u00a0T King. 2008. Digging for Data Structures.. In OSDI Vol.\u00a08. 255\u2013266."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653730"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-24861-0_12"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897850"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2786805.2786810"},{"key":"e_1_3_2_1_24_1","unstructured":"[24] GameGuard 2012. http:\/\/gameguard.nprotect.com\/en\/index.html. Retrieved 5\/4\/2018."},{"key":"e_1_3_2_1_25_1","unstructured":"GameKiller. 2021. GameKiller. http:\/\/game-killer.com\/"},{"key":"e_1_3_2_1_26_1","volume-title":"Report: Cheating Is Becoming A Big Problem In Online Gaming. https:\/\/www.forbes.com\/sites\/nelsongranados\/2018\/04\/30\/report-cheating-is-becoming-a-big-problem-in-online-gaming\/?sh=702cc8597663","author":"Granados Nelson","year":"2018","unstructured":"Nelson Granados. 2018. Report: Cheating Is Becoming A Big Problem In Online Gaming. https:\/\/www.forbes.com\/sites\/nelsongranados\/2018\/04\/30\/report-cheating-is-becoming-a-big-problem-in-online-gaming\/?sh=702cc8597663"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-009-0126-4"},{"key":"e_1_3_2_1_28_1","unstructured":"Andreas Haeberlen Paarijaat Aditya Rodrigo Rodrigues and Peter Druschel. 2010. Accountable Virtual Machines.. In OSDI. 119\u2013134."},{"key":"e_1_3_2_1_29_1","volume-title":"Game of detections: how are security vulnerabilities discovered in the wild?Empirical Software Engineering 21, 5","author":"Hafiz Munawar","year":"2016","unstructured":"Munawar Hafiz and Ming Fang. 2016. Game of detections: how are security vulnerabilities discovered in the wild?Empirical Software Engineering 21, 5 (2016), 1920\u20131959."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/LCOMM.2017.2766636"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3098954.3098995"},{"key":"e_1_3_2_1_32_1","volume-title":"Automated deobfuscation of Android native binary code. arXiv preprint arXiv:1907.06828","author":"Kan Zeliang","year":"2019","unstructured":"Zeliang Kan, Haoyu Wang, Lei Wu, Yao Guo, and Daniel\u00a0Xiapu Luo. 2019. Automated deobfuscation of Android native binary code. arXiv preprint arXiv:1907.06828 (2019)."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.camwa.2012.01.034"},{"volume-title":"Data flow analysis: theory and practice","author":"Khedker Uday","key":"e_1_3_2_1_34_1","unstructured":"Uday Khedker, Amitabha Sanyal, and Bageshri Sathe. 2017. Data flow analysis: theory and practice. CRC Press."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1108\/02640470410520122"},{"key":"e_1_3_2_1_36_1","unstructured":"Samuli\u00a0Johannes Lehtonen 2020. Comparative Study of Anti-cheat Methods in Video Games. (2020)."},{"key":"e_1_3_2_1_37_1","unstructured":"Zhiqiang Lin Junghwan Rhee Xiangyu Zhang Dongyan Xu and Xuxian Jiang. 2011. SigGraph: Brute Force Scanning of Kernel Data Structure Instances Using Graph-based Signatures.. In Ndss."},{"key":"e_1_3_2_1_38_1","volume-title":"Roslyn: The.NET Compiler Platform (\u201dRoslyn\u201c) provides open-source C# and Visual Basic compilers with rich code analysis APIs.https:\/\/github.com\/dotnet\/roslyn Accessed: 2023-07-03.","author":"Contributors Microsoft","year":"2023","unstructured":"Microsoft and Contributors. 2023. Roslyn: The.NET Compiler Platform (\u201dRoslyn\u201c) provides open-source C# and Visual Basic compilers with rich code analysis APIs.https:\/\/github.com\/dotnet\/roslyn Accessed: 2023-07-03."},{"key":"e_1_3_2_1_39_1","unstructured":"James Newsome and Dawn\u00a0Xiaodong Song. 2005. Dynamic Taint Analysis for Automatic Detection Analysis and SignatureGeneration of Exploits on Commodity Software.. In NDSS Vol.\u00a05. Citeseer 3\u20134."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417890"},{"key":"e_1_3_2_1_41_1","unstructured":"[41] Punkbuster 2018. http:\/\/www.evenbalance.com\/. Retrieved 5\/4\/2018."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855876.1855877"},{"key":"e_1_3_2_1_43_1","volume-title":"Experiences in malware binary deobfuscation. Virus Bulletin","author":"Sa\u0131di Hassen","year":"2010","unstructured":"Hassen Sa\u0131di, Phillip Porras, and Vinod Yegneswaran. 2010. Experiences in malware binary deobfuscation. Virus Bulletin (2010)."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.17"},{"key":"e_1_3_2_1_45_1","first-page":"501","article-title":"Penetration Testing and Mitigation of Vulnerabilities Windows","volume":"18","author":"Stiawan Deris","year":"2016","unstructured":"Deris Stiawan, Mohammad Yazid\u00a0Bin Idris, Abdul\u00a0Hanan Abdullah, Mohammed AlQurashi, and Rahmat Budiarto. 2016. Penetration Testing and Mitigation of Vulnerabilities Windows Server.Int. J. Netw. Secur. 18, 3 (2016), 501\u2013513.","journal-title":"Server.Int. J. Netw. Secur."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3001688"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/1501750.1501770"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11212-1_14"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/1306813.1306839"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1984.5010248"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2425296.2425300"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.47"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/1103599.1103606"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/1103599.1103606"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315261"},{"key":"e_1_3_2_1_56_1","volume-title":"Playing Without Paying: Detecting Vulnerable Payment Verification in Native Binaries of Mobile Games. In 31th USENIX Security Symposium (USENIX Security 22)","author":"Zuo Chaoshun","year":"2022","unstructured":"Chaoshun Zuo and Zhiqiang Lin. 2022. Playing Without Paying: Detecting Vulnerable Payment Verification in Native Binaries of Mobile Games. In 31th USENIX Security Symposium (USENIX Security 22)."}],"event":{"name":"RAID 2023: The 26th International Symposium on Research in Attacks, Intrusions and Defenses","acronym":"RAID 2023","location":"Hong Kong China"},"container-title":["Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3607199.3607211","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3607199.3607211","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3607199.3607211","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:37:34Z","timestamp":1750178254000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3607199.3607211"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,16]]},"references-count":56,"alternative-id":["10.1145\/3607199.3607211","10.1145\/3607199"],"URL":"https:\/\/doi.org\/10.1145\/3607199.3607211","relation":{},"subject":[],"published":{"date-parts":[[2023,10,16]]},"assertion":[{"value":"2023-10-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}