Game Over, Man! Reversing Video Games to Create an Unbeatable AI Player
The story of how one Bishop Fox researcher’s obsession spawned a ruthless and unbeatable AI player. SmashBot was presented at DEF CON 24 on Aug. 7, 2016.
Everyone is aware that robots will eventually take over the world, but no one probably imagined that artificial intelligence would seek out destruction in the form of a beloved video game.
Yet, it did. And so, the robot revolution began not with a whimper, but with a Falcon punch.
Meet SmashBot: An AI player coming not only for your lunch money, but world domination as well.
What – Err, Who – is SmashBot?
SmashBot is the AI I wrote that plays the 15-year-old video game, “Super Smash Brothers: Melee.” It’s been something of a hobby of mine for the past year and has its origins from a dare. After a particularly long night of video games, I asked a friend of mine how adept he imagined a computer player could be at Melee if the AI were really strong.
“The game requires too much high-level thinking for a computer,” he replied. “I doubt it can be done.”
Naturally, I took this as a challenge and set off in secret almost immediately to create SmashBot. The road to manifestation was long and perilous, however, since I was charting new territory in the Smash world. Other games like “StarCraft” have community-made AIs, but since Melee’s internal data structures remained largely a black box, there were no mechanisms for moving data out of a running game. Plus, there was no means of programmatically pressing buttons into the Dolphin Emulator.
In short, there was plenty of trailblazing to be done.
Eventually, I made SmashBot not only work, but work well enough to beat high-level competitive players. I then quietly demonstrated SmashBot at several local tournaments, and slowly, it began to shine. One Forbes staff writer captured his unsuccessful struggle against SmashBot in both words and video.
Becoming SmashBot: How I Did It
As a professional penetration tester, I’m pretty comfortable with a disassembler, but I found a small — but nonetheless awesome — group of hackers also interested in tearing Melee apart to figure out how it exactly ticks who were interested in acting as a sounding board for my plans and trading greater ideas. Meanwhile, the reverse engineering effort was a manual process of inspecting the game’s internal memory to find where certain pieces of information were stored, such as a character’s position, their damage, and so on – you know, all the data that SmashBot needs to build an accurate mental picture of what’s happening on the screen without ever looking at it.
SmashBot reads this data and quickly (in a 16-millisecond period) decides what buttons to press on its virtual controller until the cycle begins again. For this process, it uses a four-tiered hierarchy of objectives that serve as a useful abstraction into AI problem-solving:
- Goals
- Strategies
- Tactics
- Chains
At the Goals level, SmashBot identifies what it should be attempting to accomplish given the game’s current state. Typically, this is something like “Kill Opponent,” but could also be “Select Character” if it’s in the menu screen. At the Strategy level, SmashBot defines its style and chooses how it will accomplish its primary goal. Often the strategy chosen is “Bait” where SmashBot weaves in and out of its opponent’s range, goading him or her into making a mistake.
At each level, SmashBot don’t concern itself with how the lower objectives work, it only assumes that those steps are figured out and passes the buck along the right path. This pattern trickles further down until we finally reach the button presses. The design lends itself well to extensibility and it maximizes code reuse.
It’s important to note that SmashBot does not cheat. Instead, SmashBot simply works at a much faster speed than people and is more reliable in its actions. And because of this capability, SmashBot can do things that humans can’t. SmashBot uses a virtual controller, and that’s the way it interacts with the game. No smoke and mirrors here.
Next: You
SmashBot is an active open-source project, and there are certainly a few kinks to work out and more than a few features in need of adding. But SmashBot works and, unless your name is Hungrybox, it will probably wipe the floor with your hopes and dreams.
Keep posted to the official GitHub for updates as they are pushed out.
Video of the accompanying DEF CON 24 presentation:
Have you matched wits against SmashBot? Let us know on Twitter or write to us at [email protected]. You can find Dan (otherwise known as AltF4) on Twitter and YouTube. And you can follow SmashBot on Twitter, too.
Subscribe to Bishop Fox's Security Blog
Be first to learn about latest tools, advisories, and findings.
Thank You! You have been subscribed.