Cheat detection methods

by wolfric on 05/21/2011 22:47, 32 messages, last message: 08/31/2011 07:17, 11220 views, last view: 05/05/2024 02:21

So some stuff in cube 2 will get detected like running too fast or jumping too fast. Other stuff like low gravity, edit mode, aim/trigger bots/ respawn hacks etc are not.

I was wondering if anyone wanted to brainstorm on methods to detect these (even if those methods could potentially make the server a little more heavy weight).

I've seen detections implemented for the edit hack and the respawn hack. Could these ideas be integrated into the main server code?

Some of these detection methods might take up too much processing power especially as your userbase grows. What about having some of these checks not actively checking everyone at once. So if you have pretty heavy methods of checking, you just cycle through a list of players and test a random new player each time.


For the trigger/aim bot, i can think of a few however none you could get around or potentially have a false positive here and there. You could do statistics on where the person is aiming vs how long they have been aiming before they shoot each time. I was toying with the idea of drawing a fake player in front of the player and seeing if they fired on it. Either by having a map specifically set up that you couldn't see behind a certain area or having a model that is just blank (that only the server can send in this case, normal players can't have it).

Gravity/flying: I'm not even sure how much knowledge the server has of the map. If the server does, then it might be easier to detect this sort of thing but otherwise you wouldn't know if they were flying or just in a large pool of water.

Speed hacking: again, same as before, does the server actually have any knowledge of the map? As those ..bumpers? that bump you up into the air could lead to false positives.

   Board Index   

#13: Re: ..

by Sub-Zero on 05/26/2011 00:50, refers to #12

aside from the fact your all making the same stupid mistake and also writing a book (since its last few posts have been larger then billy joe bob\'s incest family)

lets think like smart people and take our heads out of our butts (image in-closed for viewing: http://evolutionforum.info/yabbfiles/Attachments/head_up_your_ass2_002.jpg) (once again i say this because none of you think about how it should work, not like this is going to happen anyways) a 3-way hack shield, 2 server side hack shield\'s, and one server side.

the server checks all clients.

one of the client side\'s checks the client

the other client side one checks other clients.

like i said, stop herp derping

reply to this message

#14: Re: ..

by Razgriz on 05/26/2011 09:27, refers to #13

Perhaps you should do the same, for it's not a good idea to have each client constantly scan one another to search for any discrepancies. Apart from the fact that doing such would take time over the internet, the load would also take its toll on all players connected. It's a no go.

reply to this message

#15: ..

by wolfric on 05/27/2011 14:00

Razgriz... scan players? bandwidth?
Think you're getting the wrong end of the stick here. This isn't like physical battle ships scanning each other in real life.

You only connect to the server. You're not talking to the clients directly.

The server sends you information on all the other players on the map such as where they are where they're aiming etc.

You can use the distributed power of the clients computing to run sort of checks on them to see if their actions seem rather odd (like they just jumped 100 meters into the air in the blink of an eye without touching a jump pad etc)

reply to this message

#16: ..

by wolfric on 05/27/2011 14:02

Sorry for double post, didn't mean to post the first one so soon hadn't finished writing.

Sub-Zero: spot on.

Has anyone played around with any of hopmods cheat detection scripts? Or any others for that fact? Any false positives etc?

reply to this message

#17: ..

by Hanack on 05/31/2011 14:38

wolfric: on nooblounge we have a mostly successfully working speedhack detection. It's based on statistic methods and it's fault tolerant against lagging, jumppads and teleporters. Effective cheat detection should definitively be done on server-side.

reply to this message

#18: ..

by mefisto on 06/12/2011 04:50

Let's define the problem a little better. You can divide cheats into two classes: Easy to detect either by humans or machines, and hard to detect.

Easy to detect:
Float cheets, speedhacks, editmode, most maphacks

Hard to detect:
Wallhacks, aimbots, autoshoots

In my opinion, the hacks that are easy to detect are solved reasonably well already. The auth system combined with the automatic detection systems present in most popular sever mods take care of them acceptably well.

It's the hard to detect hacks that are the real problem. To deal with them on the client side is pretty impractical, because you have to choose one:

1. Client-side protection
2. Open source game

I think that server side protection may be possible for hard to detect. However I don't think it should be open source. It would be very hard for the server to detect these types of cheats, and it would probably be pretty easy to defeat that protection if attackers knew how the mechanism works. So I would say that anything that's done on this should be done behind closed doors.

reply to this message

#19: Re: ..

by Sub-Zero on 06/13/2011 02:46, refers to #18

wrong. aimbot\'s are easy to detect, and so are triggerbots. and if you are a good hacker, you can know how to not be seen with floating hacks, ect. you are so wrong, it makes my head want to burst.

and server\'s cheat detection mods only work oh so well. if you read what i posted above on number 13:

\"the server checks all clients.

one of the client side\'s checks the client

the other client side one checks other clients.\"

please read the current post\'s.

reply to this message

#20: Re: ..

by Razgriz on 06/13/2011 12:53, refers to #19

So your suggestion is recurring global client integrity checks? I could think of a few reasons why that would a problem but i'm not feeling all that comfortable with your attitude when on a forum.

So i'll post a few "tags" that will indicate my thoughts.

CRC, hack, size, lag, amount, intervals, clients, chances, multiple, server

reply to this message

#21: Re: ..

by mefisto on 06/13/2011 13:15, refers to #19

I read post #13. I am surprised that someone who claims to be skilled as a developer would believe that any of these client-side methods will work.

Surely you realize why. The game is open source, so every attacker will know exactly how these "client checks this and server checks this and the other thing checks something else" methods are implemented in the client. They'll just rewrite these checking functions in a hacked client to send the "correct" answers to any of these checks and do whatever they want behind the scenes.

Unless you're suggesting a closed source client that's mandatory for playing on servers... in which case I totally disagree with that. This is an open source game and the client at least needs to stay that way.

I was focused on server-side cheat detection methods, which are the only ones that can work. And when you're considering those, I stand behind my classification of which types of hacks are hard to detect.

reply to this message

#22: Re: ..

by srbs on 06/14/2011 07:00, refers to #21

@ client-side methods
I first thought that too, but after some more thought...

You can always do something like checking the current position of other players with known positions, based on your own movements, or proximity based on waypoints, etc. You can check for outside map locations, but only for extended periods of time (or regularly) since it is possible to spawn outside the map.

I would say the server would need a reporting system based on "votes" from each client as to whether or not a given player is accused of cheating to prevent accidental kicks. But once a player disconnects, all "votes" they gave are removed.

srbs

reply to this message

#23: Re: ..

by Hanack on 06/17/2011 02:20, refers to #18

@mefisto
Don't agree, mefisto. Security by obsurity never worked - and we all know that. Also, it's an illusion that you will ever get a server completely protected against cheats. You can only make it harder.

@srbs
Reporting systems based on votes has potential of abuse itself.

@baby-rabbit
Mostly means mostly. Nothing is perfect. If you wanna test anti-cheats next time, please contact me (IRC) to do this on a test-server instead of the public ones.

reply to this message

#24: Re: ..

by Sub-Zero on 06/17/2011 22:23, refers to #23

in light of what raz has said, i do feel the need to say sorry for being such a cock. however, all stuff that i posted is client/server side, the point is, you can still disable server side stuff, however the server checks are actually server side, and the client checks that check other clients will be semi client, semi server side. this makes it hard to disable, plus if you make it send the packets that say if the person is cheating or not with other packets, it would be difficult to stop those packets and/or change them. and of course the server hack detection that checks clients for hacks has no way of being disabled, the best anyone could do is make false packets to send to the server that lies to it.... but that would be hard if the right things were set into place.

reply to this message

#25: ..

by Mortus on 07/01/2011 09:47

First developer team have to move all vars to server-side because game can be hacked using primitive methods like memory editing i remember that i make god-mode and all weapons hack to cube and sauerbraten....

reply to this message

#26: wrong direction

by AlternateLives on 07/02/2011 02:59

After hearing this go back and forth for a while, I have a suggestion:

why not make the most common cheats a part of the gameplay instead of trying to eradicate them? Low gravity, aimbots, and high jumps may be cheating, but not if they apply to everyone.

sure, there are problems with the idea (allowing current cheats will lead to different types of cheats, gameplay too easy, etc.), as it is not fully fleshed out. I'm just asking that my idea is considered a bit instead of shot down the moment I post it.

reply to this message

#27: ..

by Mortus on 07/02/2011 15:14

making hacks allowed is stupid idea. for example look at wolfenstein et in wolf et there was some servers where hacks was allowed (karoo, nix coders serv, and few others.) and everything depends a bit on skill and in 90 % at cheat and it's config... someone had better aim vectors and bet everyone... i can help as i can to stop cheating in cube and sauerbraten but this idea was so stupid

reply to this message

#28: Re: wrong direction

by Zamwa on 07/02/2011 18:00, refers to #26

I My self love cheating on single player games (AI's never give up and never surrender! XD) but breaking online games will just empty out the severs! I've seen it happen and it's no fun when others quit do to unfair gameplay! It's best to have your own hacked sever only you and your friends can access to cheat,hack,test new gameplay tactics!

Notice no one mentioned sever side cheats! That's cause cheat severs are locked off to the public players! Only us developers and testers can have access to pimped out severs!

A rule of no cheating is a good rule for any online games!

reply to this message

#29: Re: wrong direction

by AlternateLives on 07/02/2011 19:40, refers to #28

Well, some hacks on certain maps could lead to a whole new world of gameplay.

For example, could you imagine a space map that automatically 'hacked' every client's game (temporarily!) To set the gravity to near zero, and with a few other minor tweaks, achieve a game with space-style realistic physics!

I digress, though. Anyway, I was not trying to solve the problem by allowing cheats. I was simply throwing out an idea to stimulate discussion.

reply to this message

#30: ..

by Hanack on 07/03/2011 17:01

@Mortus dont feed the trolls

reply to this message

#31: Re: ..

by Razgriz on 08/30/2011 19:25, refers to #31

then don't modify maps when playing, it's still a serious accusation.

reply to this message

#32: Re: ..

by Sub-Zero on 08/31/2011 07:17, refers to #31

I never accused you, and honestly my dear Scarlett, i don't give a damn.

reply to this message

   Board Index