Memory based Anti-cheat protection and validation.

[A_S]

Type of improvement:

 

Memory based Anti-cheat protection and validation.

 

 

Explanation of proposals:

 

Conventional anti-cheat programs and measurements were mostly based on file comparisions methods (crt=2 i.e) in order to validate the legitimacy of the install in multiplayer.

 

I do NOT intend to post an "how to cheat" instruction here, but in order to solve a problem one has to recognize the problem first, therfore i am forced to elaborate!

That being said, we are talking about Memory Hacking Tools and apps which are available on the net in many different variations and forms.

 

What does such a tool do and how it is used to "cheat"?:

 

Simple, such a program can access your memory once your game as host or client is loaded and can find specific values and change them without the other side (multiplayer host or client) ever having a chance to "know it", and conventional file comparision methods will not detect this either.

 

What can be manipulated?

 

1) First of all the flight-model defintion files loaded into the memory ... such as "set aircraft weight to 0kg", "thrust" etc etc

 

2)Or simply the game-settings can be overwritten - in example within IL-2:

 

- Engine Overheat

- Torque and Gyro Effects

- Flutter Effects

- Stalls and Spins

- Realistic Gunnery

- Cockpit Always On

- etc etc etc

 

...list is longer

 

You may have already realized the potential threat given here. I hope you do, because as i said, things will only be addressed, if things are recognized FIRST! ONLY THEN pilots and producers will understand the danger of this and try to fix it.

 

How can it be fixed?

 

Simple...

 

One can integrate Algorithms into the code, which validate Game-Settings, Flight Model defintions, actually everything what could be "misused" on a memory level instead of in file level.

This is not easy to do as flight sims generate a TONS of data in the memory and it is very hard to locate what value is responsible for what ingame in the first place, but even for that problematic there are already many "memory convert and search" tools available making cheaters life much much easier. Once found, those values can be always manipulated with just a 3rd party on the desktop running memory hack tool.

 

For me (to be honest) it was not suprising AT ALL to see a 19 year old teenager, who started flying IL-2 six month ago, defeating everyone in one of the last famous competition leagues (including old respected aces like the =FB=, SLI, 154th etc..) and winning the tournament. But this post of mine here does not serve the purpose of cheater accusations and it is not allowed by the forum rules either. The topic is memory based protection from manipulations (such as in future versions of BMS ie.)

 

The problem is, that very often people understand or at least "smell", that there is something not right, but the problem is to PROOVE it without telemetry data available in the tracks (missing) also posted here: http://forum.il2sturmovik.com/topic/1695-telemetry-data-tracks/ .. and the fear to be ridiculed if one raises suspicion publically. All that is left is being forced to be riddled and watch "dumb-struck" (given one has the ability to recognize faults anyways).

 

Benefits:

 

Benefits are clear:

 

- Better anti-cheat protection !

 

- Gurantee fair play on all levels !

 

- More trust into the product and the producer itself !

 

- More trust within competitions and tournaments !

 

- Higher chances to find sponsors for competitions as this seemed to be a problem in the past !

 

- Better reputation for the sim producer as such (responsibility shown regards) !

 

- Populartiy increase

 

- maybe much more benefits...feel free to share.

 

 

Respectfully

 

A.S

Edited November 3, 2013 by A-S

[A_S]

PS: Never forget, that the very nature of combat flight is competition and thus victory (by all means for few) - human nature.

Edited November 3, 2013 by A-S

[usr]

Client-side validation can only go so far: if you can modify the data, then you can also modify a client-side validator. What you'd really want is a server-side check of the flight data (position, heading, speed) that is the result of the client-side simulation process: given the state at one point in time, can the simulation model with the unmodified, server-side copy of the parameter values support a valid "path" to the the state at a later point in time? Unfortunately, simulations like this tend to be somwhat sensitive to the precise timing of intermediate simulation steps etc, so a certain level of an error margin would have to be tolerated.

 

Also, to be precise, a double-checking system like this would require a rather wide stream of internal values (controller movement and variable state parameters like engine temperature or fuel level) to be sent to the server which normally would not be needed for a multiplayer game. And while additional server CPU load could be limited by only occasionally checking random samples, the client would still have to constantly send all this additional data because just like in unannounced doping tests at the olympics, a potential cheater must not know when he is tested, otherwise an advanced client hack might be programmed to only cheat when nobody is watching. A reasonable compromise between cheat protection and client network bandswidth might be to have the clients not send the additional data immediately, but only store it locally for a few minutes to allow the server to retrospectively request parts of that data when it decides to double-check a past sample of this player's flight data. This should be good enough, because there is no need for instant detection and depending on the amount of performance manipulation and the length of the double-checked interval it would be very difficult or even impossible to come up with a faked retrospective controller/engine-state stream that could explain the logged movement.

 

Implementing this would be quite complicated (and still not be enough to completely leave aside client side checking, because this could only target performance hacks, not visibility hacks), but since i know nothing about the state of the anticheat battle in RoF a small part of me can happily hope that the clever folks at 777 have already set up a similar system for RoF

Edited November 3, 2013 by usr

[A_S]

Its not complicated, trust me

Flight Model data is loaded into the memory and validated (in both directions) there.

It has been done already somewhere else.

[A_S]

PS: Having a sensitive filestructe and NO protection at all is the worst thing there is for a combat-flightsim, because what that means - LITERALLY - is that every match, every tournament, every league and every "glory" or stats will remain MEANIGLESS ILLUSIONS at the end, and even the excuse "it´s just a game" will not be calming anymore infact.