Anti-Cheat Development

Place all meeting requests / announcements here...
Post Reply
User avatar
AidanMcArthur
Private
Private
Posts: 4
Joined: Thu Mar 04, 2010 5:28 am

Anti-Cheat Development

Post by AidanMcArthur »

Hey, I've decided to embark on a challenge to create a very small anti-cheat for this game. I'm creating it for more or less my own learning purposes, but hey it could help this game out too. Right now I'm still at the planning stage of this project, so I'm open to ideas and feature suggestions. So far I can fairly easily add the following protection techniques:
  • Checking if function is called outside of the specified code segment.
  • CRC checking of commonly edited variables.
  • Sanity checking for impossible events, such as a very fast speed caused by speed hacking.
  • Dll injection prevention.
  • Anti debugging.
  • Masked Windows imports, to prevent them being hooked.
  • Game's process hidden to prevent debugging, dumping, process attaching, etc.
  • Anti OpenGL hooking.
  • String encryption.
  • Data operation obfuscation
As you may have noticed these methods can (and will) all be achieved in user mode (R3), and wish to keep it that way, unless I get help creating a kernel driver.

Thoughts, suggestions?
User avatar
Bambino
Private First Class
Private First Class
Posts: 1210
Joined: Mon Apr 21, 2008 10:27 pm
Location: Alberta, Canada

Re: Anti-Cheat Development

Post by Bambino »

Make it possible to detect subtle cheats such as skinny tank, radar shot line prediction and flag colour cheats. A full list of cheats that are possible are found here.

I briefly skimmed over your post..are you saying you're going to code it into the existing source code and compile a "cheat detection client? If you do that would be terrific!
"Anyone who has never made a mistake has never tried anything new." -- Albert Einstein
GU League | Ducati League | OpenLeague
User avatar
AidanMcArthur
Private
Private
Posts: 4
Joined: Thu Mar 04, 2010 5:28 am

Re: Anti-Cheat Development

Post by AidanMcArthur »

Bambino wrote:Make it possible to detect subtle cheats such as skinny tank, radar shot line prediction and flag colour cheats. A full list of cheats that are possible are found here.
To be honest this would be difficult, but I will study the game's API's and see if it's possible :)
Bambino wrote: I briefly skimmed over your post..are you saying you're going to code it into the existing source code and compile a "cheat detection client? If you do that would be terrific!
Well I was thinking about making a standalone module (.dll). Most anti-cheat's are some form of standalone module because it's easier to update and maintain. Additionally, it would be quite feasible to create a launcher for the game. This way, I could update the anti-cheat with a patch and require the game to download the patch to run.
User avatar
joevano
General
General
Posts: 1863
Joined: Sat Jun 18, 2005 1:08 pm
Location: South Bend, Indiana, USA

Re: Anti-Cheat Development

Post by joevano »

Now for the $20,000 question... how are you going to do this with an open client with all the code visible. It is easy to do this for the honest player, but with fully open code and a dishonest player it is impossible (as far as we have been able to get thus far)...

PS dlls are windows only, and we run on most common PC based platforms.
PSS To release it your source code would need to be available
There is nothing worse than aggressive stupidity. -- Johann Wolfgang von Goethe
"How many legs does a dog have if you call his tail a leg? Four. Calling a tail a leg doesn't make it a leg." -- Abraham Lincoln
User avatar
JeffM
Staff Sergeant
Staff Sergeant
Posts: 5196
Joined: Fri Dec 13, 2002 4:11 am

Re: Anti-Cheat Development

Post by JeffM »

Also if you plan on sending back any "checksum" data to the server, that will fail, as they can just fake out that transmission.

You are looking at the problem at too low of a level, you just can't ever trust a client, so don't.

The majority of the big cheats can be prevented by simply having the server not allow a client to do supply the input that would cause them. If the server detected when shots hit tanks, then the server would kill them. If a hacked out client didn't accept that kill, who cares. Everyone else saw the kill and the game would proceed normally for them. Similar things can be done for most of the gameplay aspects of bzflag. This would put the game on par with modern games that use an authoritative server ( like quake and the like).

What you are doing is looking at the issue as if this was a closed source commercial application that ran on a single platform, and was built by a central authority (WOW). We are nether of those things. Many clients are built from source code, and contain patches. Clients are used under many different OSs and build systems. This would make generating any kind of CRC list for all the various binary versions effectively impossible. Most of the things you are preventing have no meaning on a project that has source code.

Also as Joevano pointed out, ALL of the things we ship have to be open source, this means that whatever module you use to "check" bzflag would also have to be modifiable, and therefor moot in real world use. You will also find that most cheats to bzflag do not use any of your specified methods, most are a single line ( or even character ) change to the source code to change some logic. This is due to the fact that the client handles most of the game logic right now.

Now that all said, if you are doing this for research reasons to learn how commercial tools such as punkbuster work, then hey more power to you. If you do release any code for this research project, please remember that if you modify any of our LGPL code that you have to make those mods available. You do not have to make the sources of any dynamic libraries you make available ( due to the fact that we use LGPL, not GPL).

But in the end, things like you describe would not be very useful to the project it'sef as binary modification and packet sniffing are not the common attack vectors.
ImageJeffM
User avatar
AidanMcArthur
Private
Private
Posts: 4
Joined: Thu Mar 04, 2010 5:28 am

Re: Anti-Cheat Development

Post by AidanMcArthur »

Thanks for the input. To be honest, I really just want to learn how to create a working anti-cheat that might be usable in a commercial game. The anti-cheat probably wouldn't stop a dedicated hacker, as it's open source, but it's really more of a fun project idea I had. It is impossible to prevent hackers in an open source game like this.

That being said, I could develop the anti-cheat to work without seeing the game's source code; I could make the entire anti-cheat closed source. This would work by hooking the game in such a way that a cheat does. I think I will try this because then I can really see if the anti-cheat could work in the real world.

Also, this project will be for Windows only because
#1, Almost every cheat is for Windows
#2, Most games are created for Windows only, and this being a simulation project for the real world, works for me
User avatar
JeffM
Staff Sergeant
Staff Sergeant
Posts: 5196
Joined: Fri Dec 13, 2002 4:11 am

Re: Anti-Cheat Development

Post by JeffM »

As a research project it may be better for you to look at something like one of the quake games (open arena would be a fully open source system to try), as that's where most of the cheats you will be looking for are (made for when the application was closed). In bzflag most cheats are just patches applied to the source code, so it may be harder for your system to detect it. Our cheats don't really have an OS preference since it is possible to build for all of them.
ImageJeffM
User avatar
AidanMcArthur
Private
Private
Posts: 4
Joined: Thu Mar 04, 2010 5:28 am

Re: Anti-Cheat Development

Post by AidanMcArthur »

Yeah, this is the wrong game to build an ac for, but I still love the idea of BZFlag and I will probably make other kinds of plug ins for it sometime.
Post Reply