TUM Logo

B.A.S.T.I.O.N.: Design and Implementation of an Automated Compliance Enforcement Tool

B.A.S.T.I.O.N.: Design and Implementation of an Automated Compliance Enforcement Tool

Supervisor(s): Fabian Franzen
Status: finished
Topic: Others
Author: Leon Birkel
Submission: 2025-01-16
Type of Thesis: Bachelorthesis

Description

Cheating prevention and detection in online scenarios presents a significant challenge due to the physical 

remoteness of users. Traditional methods of enforcing compliance, such as physical inspections or on-site 

audits, often require proximity and presence and are unusable in online environments like Electronic Sports 

competitions or remote exams, necessitating novel approaches. Monitoring tools aim to solve this problem 

by providing integrity-secured and verifiable reports on user activity and system status. Moss is the existing 

standard monitoring tool for Electronic Sports tournaments.

To understand existing vulnerabilities and develop a deeper understanding of mon- itoring tools, we first 

reverse-engineer Moss. This analysis enables us to circumvent Moss’s integrity proofs, rendering its attests 

ineffective. Leveraging these insights, we have designed Behavior Audit and Systematic Tracking for Inspection 

and Operational Needs (BASTION), a hardened monitoring solution with enhanced security measures to address 

Moss’s weaknesses.

As part of the development of BASTION, we are investigating the feasibility of dif- ferent types of trust anchors 

and comparing their security guarantees and weaknesses. By introducing BASTION as an addition to the existing 

monitoring tool ecosystem, we aim to increase the overhead for cheat developers, forcing them to acknowledge 

and bypass its defenses. While BASTION improves upon Moss’s weaknesses and provides a robust defense against 

standard cheating techniques, similar to Moss, it cannot provide total security guarantees due to the inherently 

untrusted environment of the user’s computer in which it operates. Nonetheless, this work contributes valuable 

insights into the challenges of online cheating prevention and offers a practical solution with increased resilience 

against malicious activity.