Report on the booth of "LAC Corporation" at TGS2023!

Event

Tokyo Game Show 20 23 (TGS2023) was held on the largest scale ever, using the entire Makuhari Messe building for the first time in four years. TGS2023 is an event that attracts attention mainly for game productions, but it is not limited to games! One of the main attractions of the event is the exhibition of technologies used in game development. For this interview, we spoke with a staff member of " Rack Corporation, " a company that mainly provides security support.



A pioneer supporting "anti-cheat" and "security," which are indispensable for today's games

"LAC Corporation" booth
Saiga NAK

Rack Corporation is a company that provides security solution services and system integration services mainly to high-level government agencies and enterprises. Although this introduction may give the impression that the company has nothing to do with games in particular, its technical capabilities and knowledge support the gaming industry through measures against cheating, cracking, and other fraudulent activities.

We asked them about the "anti-cheat penetration test" that was on display at TGS2023, and here is what they had to say.

What is the "anti-cheat penetration test" that examines game cheating from various perspectives?

With the recent evolution of technology, it has become commonplace for game consoles to have network functions, and game software to be connected to a network so that users can play against each other and cooperate with others around the world. The gaming experience has become more enjoyable and intimate over time. However, where there is light, there is shadow. The game developer's daily battle against these problems is a never-ending challenge.

Game developers often take both proactive measures to prevent vulnerabilities in the game's structure, and post-measures to detect and deal with fraud based on game play records and reports from players. The "anti-cheat penetration test" exhibited at LAC Inc. is categorized as a proactive measure of the former.

株式会社ラック公式サイト

Penetration testing is one of the testing methods to verify the vulnerability of a network, server, or system, and generally refers to a test to verify and diagnose the vulnerability of a test target by actually connecting to the network from the outside and attempting a simulated attack. As an example, have you ever heard of cheating or data tampering in games, such as "defeating enemies in an instant," "becoming invincible," or "illegally obtaining items"? These cases occur when parameters in the game are rewritten for some reason. In order to prevent such an unexpected situation from occurring in advance, penetration testing is a process of testing the actual development environment to see if cheating is possible, and then looking for vulnerabilities that have not been seen, and taking countermeasures.

The "Penetration Testing against Cheats" service provided by LAC Corporation not only performs the aforementioned testing, but can also customize the testing requirements to the development environment of the game to be diagnosed and the circumstances of the development team. In addition, the service not only diagnoses vulnerabilities, but also provides comprehensive support services, including proposals for remediation methods.

The "anti-cheat penetration test" supports all platforms and development languages, which is very encouraging from a developer's point of view. The pace of innovation in information technology is rapid, and new technologies are being created every day. The same is true in the game industry. UnrealEngine and Unity, well-known development engines, are expanding their functions and becoming more complex with each update. In many cases, companies have their own game engines and use them for development. However, this service can provide support for any development environment, so any site can use the service with peace of mind.

As part of the vulnerability assessment, a white box assessment is also available. White-box diagnosis is performed by directly checking the source code of a game to see if there are any possible attacks or malicious acts that could be realized. Although the source code must be provided, since the internal structure of the game implementation itself is diagnosed, vulnerabilities that would be overlooked in a pseudo-attack diagnosis alone may be discovered. Some companies may find it difficult to provide source code for some projects, but in such cases, black box diagnosis is also available and should be used proactively.

This is a report on the booth of LAC Corporation!

Cheating has become inseparable from games in recent years. This kind of thing should not be allowed to happen, but as long as there are people with malicious intentions, it will be extremely difficult to eradicate it. When cheating occurs, it is the healthy users and developers who lose out. While the variety of game cheating methods has increased over the years, the difficulty of countermeasures is also an extremely worrisome problem for development teams. In order to prevent such situations from occurring, it is necessary to "make it difficult to cheat" and "make it difficult to incur a large loss even if cheating does occur". However, there is no uniform answer to this question, and it is difficult to determine the best course of action. The "anti-cheat penetration test" service provided by LAC Corp. is sure to help resolve such concerns. For more information on the "Anti-Cheat Penetration Test," please visit the official website of LAC Corp.

© 1995 LAC Co., Ltd.