问题
I have an applet that I'm running online and I want to make sure people can't use the java Robot class to operate the applet. I know that yahoo does this on several of their game platforms and I was wondering if anyone knew how they accomplished it.
回答1:
Watch mouse movement, and make sure you're not seeing "jumps" from one place to another, but movement over time instead. Sun/Oracle's J2SE tutorials show how to follow mouse movement events: http://download.oracle.com/javase/tutorial/uiswing/events/mousemotionlistener.html
Keep in mind that this would potentially fail to detect the difference between a robot and a person on something like a touch screen, or tablet input device.
One more thing to watch for is whether the user is clicking the same pixel, or just in the same vicinity. Humans are fairly imprecise, robots generally aren't unless programmed to be.
I would also put in a gesture logger for good measure that compiles this information, and keeps track of the actual movements of your users. If you suspect someone of cheating, you can then look at what their actual mouse movements looked like, and compare that with a known person. That will give you a better idea of what you need to look for than any of us can come up with off the tops of our heads.
回答2:
keep track of the distribution of mouse positions over time. Humans move the mouse differently than a robot that knows exactly where to position it every single time it is clicked. Of course, a smarter robot can counter this defense.
来源:https://stackoverflow.com/questions/7910510/differentiate-between-robot-mouseclick-and-human-mouse-click