Skip to content

87andrewh/WeirdAntiCheatIdeas

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

71 Commits
 
 

Repository files navigation

Weird Anti-Cheat Ideas

Objective:

  • Minimize the impact of cheaters in FPS games by 2025

Key Ideas:

  • Some anti-cheat systems are more resilient to the arms race
    • ML detection frameworks can robustly model cheats
    • Occlusion culling systems prevent hard-to-detect wallhacks and are guaranteed to be secure
  • Automatic server side detections must be highly explainable anbd/or integrate with orthogonal methods
  • Proctoring tournaments with a camera for mouse and monitor
  • Tie efforts with anti-harassment work

Detection:

  • Quantifying impact of cheaters
    • Reports / game? Stratify data by player skill, trust, spending?
    • Player retention
    • Quantifying perception across many games
  • Quantifying distribution of types of cheaters and tools to prioritize targets
  • Proctoring major online tournaments
  • "Help, he's definitely spinbotting" button
  • Implement efficient replay system
  • Tweak systems to catch cheaters red-handed
  • Improved labels provided to deep network
    • Labels in time
    • Labels with type of hack and degree of certainty/severity
    • Record abusive text and voice (legality?)
  • Kaggle competition for classifiers. Why crowdsource just the labels?
  • Manually generated aimbot data, or clean labels extracted from client-side anti-cheat
  • Cool features:
    • Trust factor
    • Lack of non-aim skills (movement, decision making, pre aim, discipline)
    • Drastic changes in skill
    • Network access patterns
    • Knowledge of enemy positions, never looking in a direction without enemies
    • Burst DPS
  • Inspiring architectures:
  • Generating artificial aimbot data. Will basic smoothing aimbots be classified as abnormal?
  • Generating aimbot data from constrained self-play

Prevention:

  • Occlusion culling/fog of war
  • Increasing cheater cost of reentry--2FA, trust factor, time requirements
  • Protecting high-profile streamers from playing against suspicious accounts
  • Securing the client
    • Quantify effectivness to determine development focus
    • What can you do against adversaries with physical access?
  • Sandbox highly skilled new accounts, accounts with recently changed passwords or IP
  • Stricter identification requirements for top ~1% ranks
  • Messing with pixel bots by tweaking in-game colors. Noise or replacing red outlines with a lack of blue outlines.
  • Feasibility of hardware security, root of trust, enclaves

Deterence:

  • False-positive quantification, defining and constraining error budget
  • Tiered sanctions, tets, and punishments--increasing with severity and probability of hacking
  • Integrate with VAC
  • Ban alternatives
    • Shadowban, use bots to supplement population
    • Make shadow pool engaging to cheaters with leaderboards and features. Unlikely to stop malicious types.
    • Spyro DRM. Pester cheaters in subtle ways that make them blame the game or the hack.

Behavioral:

  • Compensate players for running into cheaters, without making the system gameable
    • Rollback competitive game changes if a cheater is detected
    • Freeze the ranking updates of a suspicious game for manual approval
    • Thank them for reporting cheaters
  • Incentivize players to help fight cheaters
  • Again, incentivize cheaters to stay in isolated lobbies

Anti-Harassment

  • Harassment likely causes more damage than cheaters
  • Really easy to get organizational support
  • Best damage control and rehabilitation policies?
  • Harassment and hatred aren't specific to gaming, but it's enhanced by it.
  • How to cultivate a community that brings out the goodness in everyone?

Industry Goals:

  • Encourage collaboration, publications, and conferences
    • Individual developers often like to share ideas
    • Large-scale efforts hampered by organizational pursuit of competitive advantage
  • Simple, open-source tools to help small developers protect themselves.
  • Incorporating ideas from many genres? FPS, MMO, RTS, MOBA, table-top.
  • Consulting with former and current cheat creators
  • Specific companies to reach out to (in loose order):
    • Valve
    • Riot
    • Tencent
    • EA / EAP
    • Denuvo, EAC, BattleEye
    • Epic Games
    • PUBGC
    • Blizzard / Activision
    • Jagex
    • Chess.com and poker sites
    • Bungie
    • Ubisoft
    • Bohemia Interactive
    • New World Interactive
    • Other indies
    • ESA, Fair Play Alliance

Economic:

  • Measure economic impact of cheaters on current and past games
  • Consider studies on economics of drug industry
  • Measuring elasticity of cheat demand
  • Possible to undercut cheat providers? Or does supply just create more demand?

Developer Practices:

  • EAC dev recommends to not announce ban waves (small number looks lazy, big number normalizes cheating)
  • Don't get involved with trolls, only interact with polite users
  • Be transparent with community, hold both parties accountable
  • Act like a duck--always calm above water
  • Stay safe
    • Don't be a target. Would someone be incentivized to harm you or your friends?
    • Use good personal security practices. Passwords, 2FA.
    • Separate hardware network and VM for dangerous work.

Community Interaction

  • Success is primarily about player experience and perception
  • Survey community for perceptions and suggestions
    • Controlled in-game form, Google form, forum analytics?
    • Gather additional data on player trust, skill, playtime, etc.

Project Management:

  • How to prioritize anti-cheat strategies?
    • Impact (short/long term)
    • Cost (to develop and distribute)
    • Strategies of competitors
    • Community feedback
  • Ideal anti-cheat team composition. Size, skills?
  • Collaborating with infosec/security team?
  • Getting organizational resources, using analytics to determine areas of focus
  • How to integrate and delegate tasks to third parties like EAC?
  • Testing framework. Playtest with pros? Roll out in one map/mode? Random rollout with RCT?

Career:

  • How to ramp up quickly and sustainably
  • How to decide between offers?
    • Potential to learn and network
    • Potential to make an impact (freedom, development resources, open-sourcing, company vision)
  • Turn down a good offer for a chance of a better offer? Uncertainty of appraisal, expected utility
  • Conisder contracting:

Thoughts on Hack vs. Hack

  • Could be a mode with competitive integrity, save for problems with balance.
  • Hard to get into because it requires investment in VPN and VM/separate machine.
  • Rewards decision making over mechanical aim in fights.
  • Rewards strategy and teamplay over positional game sense and information control.
  • Rewards usage, tuning, and creation of tools.
  • Hopefully reduce casual cheating a little bit. Ineffective at deterring people who hack to win.

Misc:

  • Examine MOBA market's response to Riot's anti-cheat
  • Trust factor, possibly integrate with Valve's.
    • Does trust factor stratification increase cheat contagion?
  • Custom game modes with wallhacks and easy aim, maybe speed. Modes with asymmetric player power.
  • Legally taking down cheat providers. Studies on effectiveness? Economics.
  • Laying traps for cheat developers, bait, or directed evolution.
  • Outsourcing not only detection, but grunt development work to the community.

News

Favorite talks

About

A collection of anti-cheat ideas

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published