Modifying first person shooter games to perform real time network monitoring and control tasks

This paper describes how a first person shooter (FPS) game engine can be leveraged for monitoring and control of enterprise IP data networks. Network administration can then occur in the following manner: network events (such as port scans or packets hitting a darknet) are translated in real time to various changes in the 3D game world state. Network administrators, logged in as 'players', can then collaboratively detect anomalous network events using the visual and aural cues given by the game. Using the native interaction metaphors from within the game (such as shooting, using or healing) they can then instantiate network administration policy changes (such as network layer firewall rules) directly back onto the running network without the need for interactions with complicated command line interfaces. We explore the possibilities offered by modern 3D game engines to implement this scheme as a server-side 'mod'. Finally, we detail the modifications made to the open source game engine 'Cube' to allow both the visualisation of large amounts of live network data within a virtual environment and support interacting with this data to create network administration events.

[1]  Pascal Gros,et al.  Automatic construction of dynamic 3D metaphoric worlds: an application to network management , 2000, Electronic Imaging.

[2]  Grenville J. Armitage,et al.  Defining and Evaluating Greynets (Sparse Darknets) , 2005, The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l.

[3]  Jeffrey D. Case,et al.  Simple Network Management Protocol (SNMP) , 1989, RFC.

[4]  Niels Provos,et al.  Data reduction for the scalable automated analysis of distributed darknet traffic , 2005, IMC '05.

[5]  Michael Johansson,et al.  A computer game virtual environment for collaboration , 2001, GROUP '01.

[6]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.

[7]  Tobias Oetiker,et al.  MRTG: The Multi Router Traffic Grapher , 1998, LISA.

[8]  Paul England,et al.  The Darknet and the Future of Content Distribution , 2003 .

[9]  F. Kishino,et al.  Cooperative work environment using virtual workspace , 1992, CSCW '92.

[10]  John C. Grundy,et al.  Information visualisation utilising 3D computer game engines case study: a source code comprehension tool , 2005, CHINZ '05.

[11]  Wayne G. Lutters,et al.  I know my network: collaboration and expertise in intrusion detection , 2004, CSCW.

[12]  Danny McPherson,et al.  Tracking Global Threats with the Internet Motion Sensor , 2004 .

[13]  Bill Cheswick,et al.  Mapping and Visualizing the Internet , 2000, USENIX Annual Technical Conference, General Track.

[14]  Stephen Lau,et al.  The Spinning Cube of Potential Doom , 2004, CACM.

[15]  Grenville J. Armitage,et al.  Greynets: a definition and evaluation of sparsely populated darknets , 2005, MineNet '05.

[16]  R. Watson How the FreeBSD Project , 2006 .

[17]  Grenville Armitage,et al.  Intuitive real-time network monitoring using visually orthogonal 3D metaphors , 2004 .

[18]  Daniel Pargman,et al.  Design and use of MUDs for serious purposes (workshop session)(abstract only) , 1996, CSCW '96.

[19]  Dennis L. Chao,et al.  Doom as an interface for process management , 2001, CHI.