anti-cheat

When you have a multiplayer game where the server is receiving movement (location) information from the client, you want to verify this information as an anti-cheating measure. This can be done like this: maxPlayerSpeed = 300; // = 300 pixels every 1 second if ((1000 / (getTime() - oldTimestamp) * (newPosX - oldPosX)) > maxPlayerSpeed) { disconnect(player); //this is illegal! } This is a simple example, only taking the X coords into consideration. The problem here is that the oldTimestamp is stored as soon as the last location update was received by the server. This means that if there was a

I am looking for networking designs and tricks specific to games. I know about a few problems and I have some partial solutions to some of them but there can be problems I can't see yet. I think there is no definite answer to this but I will accept an answer I really like. I can think of 4 categories of problems. Bad network The messages sent by the clients take some time to reach the server. The server can't just process them FCFS because that is unfair against players with higher latency. A partial solution for this would be timestamps on the messages but you need 2 things for that: Be able

First, I want to indicate that I know that any information sent from the client cannot be trusted as it can be spoofed. I am interested in methods of security through obscurity to deter 99.9% of potential cheaters and ability to detect programs that do get around the security in real time. Some ideas I had for this included verifying file and memory check-sums of both the game it is securing and also any potential cheat apps by allowing the client-side to scan on request from the server (via TCP), both for detecting memory injection cheats and or a cheats memory footprint. Therefore the bypass

Background I've had problems for quite a while now with players cheating in my android game. For a strict single-player game this wouldn't be a big issue, but since my game contains multiplayer battles and global highscore lists, it's causing legit players to stop playing because of the cheaters. How they cheat Cheaters use an app for root users called Gamecih . Gamecih lets users pause an app, change variable values, and then resume the app. So in my case they just pause the game, change "health" to 74 trillions and then kick the crap out of everyone on multiplayer. Here's a video showing how

I'm creating a game in Flash that submits high scores to a server. While I'm planning to take several precautions on the server-side to prevent tampering, the weak link in the chain is Flash itself. Using cheating tools, players can monitor and adjust variables in memory. I realize that most Flash/SWF obfuscators are intended to prevent people from (easily) decompiling an SWF. Will they help at all as an anti-cheating mechanism? As you said obfuscator are just a way to make decompiled code less easier to read, it's not a reliable protection. You have instead to build your own protection to

If you are writing a game you should think about cheaters and how to prevent them from cheating. I don't think only the mmo multiplayer games but also singleplayer or "home-brewed" p2p mp games too. When the game is based on completely a server-client architechture, the job is almost done I think, but there is also wall hacks or something else. I made my own p2p game and some time later cheaters appeared. They were only scriptkiddies who used cheat engine and tried speedhacks and memory hacks. Most speedhacks hooks gettickcount. I sorted out speedhackers by the following simple trick. I just

A common exploit in casual games is to artificially advance the system clock to jump ahead in gameplay. How can such user clock advancement be detected by an app on an iOS device? Must not involve network communication Must not assume app is open (running or suspended) while clock is advanced Must detect clock advancement, detecting clock rollback is not sufficient Ideally, the solution would be robust against reboots, but that is not a requirement. Lio CACurrentMediaTime & mach_absolute_time Take a look at this questions: iOS: How to measure passed time, independent of clock and time zone