Not Fair!!1!: Bypassing Anti-Cheat With Direct Memory Access

Join MilSec at the New Berlin Ale House on March 20, 6-8 pm. This month's presentation is by Connor Kastner. Connor will present "Not Fair!!1!: Bypassing Anti-Cheat With Direct Memory Access".

The presentation will start around 6:10 pm in the Party room. Park on the west side and head into the Ale House, the host will direct you on where to go. Afterward, we will head out into the bar area for some drinks and networking. Drinks will be provided.

--------------------

Not Fair!!1!: Bypassing Anti-Cheat With Direct Memory Access

Signatures? Heuristics? Side-channel monitoring? Syscall scans? How the hell is it even possible to cheat in a video game anymore? The infamous cat-and-mouse game between cheaters and developers is never ending. We’ll be talking about the history of anti-cheats and how the newer method of Direct Memory Access (DMA) has been gaining traction in recent years.

We’ll explore the mechanics of DMA and its implications for game exploitation. DMA allows certain hardware components to access system memory independently of the CPU, leveraging the ability to read and write to game memory in real-time without triggering a conventional anti-cheat. Furthermore, we’ll explore the technical challenges that DMA presents to anti-cheat engineers, including the need for advanced detection techniques in the ever-evolving world of security.

About Connor Kastner
Connor Kastner started his cybersecurity journey at a young age, modding consoles, using lag switches against friends in video games, and being a general annoyance with computers overall.
In his current day as a SOC Analyst at ATC, he has a keen eye for detail and a proactive approach to threat detection. He plays a vital role in safeguarding critical infrastructure against emerging threats. When he’s not working, he’s probably at a concert or trying a new restaurant.