2
I have not found a better way to describe the title of the topic, if it is not good enough, I ask that moderation edit it for me.
I have some questions related to an effective anti Cheat system for games. Yes, I know that the best anti Cheat comes directly from the game server, however, I have the need to create one that is made directly for the game client.
Question: What would be the best choices I could take to start this project, aiming not to harm (or the least possible) the performance of the game?
I thought of a constant process verification system, and then I got doubts about it, like:
- It is possible to prevent other programs from forcing a thread to close or freeze?
- There is a way to know if a thread is frozen?
- A cache system to prevent the same processes from being checked again would be a good choice? I think, it would be possible for a program that has already been verified and is not detected as a threat according to the dumps saved in the database, go through some change and become a threat?
- It would be possible to create a "Whitelist" from exe’s/dll’s that can access/change the memory of a particular program and block the others not listed?
- Create a dll for the game executable with light checks and a separate executable with the heaviest checks, benefit from something or would be the same thing as everything (light and heavy checks) in the dll along with the game executable?
- Suggestions?
I believe that to help in terms of performance we would need to know a little more about the structure of your project. Take a look at this remap.
– vinibrsl
Thank you for your comment. Regarding the structure of the project, I still have nothing. I’m gathering information and knowledge from everyone who’s willing to help, so I can apply it to my new project. In relation to performance, it was just a small detail that I wanted to highlight, because I always choose more "difficult" paths that in the future end up harming the project. So it was more to get tips from those who have more knowledge than me, because the less I interfere in the performance of the game, the better for my project, as long as I keep the game safe from cheating.
– Getulio
Your 4 point is already done in some games that simply close if certain executables have to run. Corresponds in this case a Blacklist of exe’s
– Isac
What is the architecture of your game? Stand alone on the computer? Multiplayer on LAN? Multiplayer via internet? Already know if it will be action or strategy?
– Jefferson Quesado
It is an MMORPG for Windows 32 bits.
– Getulio
What I see a lot is a captcha solution. I saw a lot of this in Ragnarok online, but I had the impression of seeing it in others as well. This solution is not preventative, but aims to ensure that at a given time has a human interacting.
– Jefferson Quesado
The best performance is to try the client side for validation, not the server side. Of course, this has some consequences, as it only applies to the client you provided, it would not be useful if someone had reverse-engineered the API. But removing server weight is a very grateful task, the server thanks and, being a not very complex validation, the client does not feel much
– Jefferson Quesado
The use of captcha for the game I’m basing my project is expendable... The biggest concern is with programs that prevent security checks and changes in game values like, for example, a graphics accelerator that lets the player get super fast and has advantages in Pvp.
– Getulio