EPT
You rock!![Potential Utility] Anti-Hack Software - Page 5
| Forum Index > SC2 General |
|
neSix
United States1772 Posts
You rock!! | ||
|
ELA
Denmark4608 Posts
Awesome work btw, big props! | ||
|
algorithm0r
Canada486 Posts
This is the same problem that anti-virus software has. No matter what detection upgrades you make it will be out done by hackers in 2 days. The resources of the hackers will always outstrip that of Blizzard. The real secret is to make sure that hacking has no benefit. The first step to that is to convince the community that the ladder and ladder points are useless so don't cry over them. Second, tournament organizers must take their responsibilities to prevent hacking more seriously since Blizzard cannot. | ||
|
ClysmiC
United States2192 Posts
| ||
|
JackDT
724 Posts
On June 10 2012 05:16 GhostFiber wrote: Very possible. But I think a smarter idea would be, make a really amazing maphack. (LeMap) and have it harvest replays from the hackers. That way your information set would be all races, leagues, and thousands of wins and losses. You mean in the maphack software itself? That's a little too Machiavellian. You might as well just harvest the user names and then bust everyone using your program at some point in the future. But I do think there is a great chance to find a 100% test. Like that reddit guy who theorized about the accuracy on the minimap and how maybe the screen clicks didn't align correctly when the maphack was holding your view still. Didn't work out, but a general purpose learning analysis could find a similar smoking gun. Whether there is any hack detection in place, or any way to analyse replays, what the community should be doing right now is keeping an archive of all replays from every online tournament and qualifier. Just dump them somewhere they are small enough. If at some point in the future a technique is discovered which reveals hacking behavior then players can be busted and it doesn't matter if they patch the maphack at the point -- the damage is already done. This is how many were caught by TL in Brood War. | ||
|
Nightwatch
13 Posts
On June 10 2012 13:56 Defeat wrote: Go for it, better anticheat is always a good thing. 100% not true, many tournaments/ladders for games have you download programs that check for cheats or help log games. If this comes out and is decent, it will get picked up by any tournament wanting to improve their image. I'd say it would actually draw people to the tournament. Just because people playing tournaments with such software doesn't mean that there are many that don't. It's kinda like some people not buying BF3 because of origin. From my point of view why would I run a pointless piece of software. No offence but there is no way people can't bypass any clientside protection. For other ideas like replay analysis you don't need clientside software. Thought I can't see this working well unless the hack is utterly obvious. Let alone that 20 or less replays are a far to small number and what happens if I send in a manipulated replay. Yeah, getting my opponent banned is good stuff. | ||
|
DeadBabySeal
United States3 Posts
Go ahead and make your program. Get its use required by all online tournaments. Guess what? Hackers will hook your system calls and return whatever your program expects to see. If your application is written in a managed language like Java or C#, the job will be even easier. Further, if your application is Open Source all bets are completely off (and to be frank, I'm not running a community developed anti-hack program on my computer if I can't see the source. Nope nope nope.). At the end of the day, there are extremely few 100% reliable ways to detect hacks. Limited replay analysis happens to be one of those - if a player is performing actions that are physically impossible (e.g., blinking individual stalkers while his camera is somewhere else) then you can be certain something is wrong. Beyond that, there will never be a 100% foolproof method of hack detection, ever. As long as people retain physical access to the computers running the game, the only thing stopping someone from hacking is lack of expertise and time. If anything, I am actually worried that this will make the maphacker's lives easier. They will be able to continue using hacks, but when questioned they can point to your application and say "See look, I'm not hacking, you can be sure because I'm running the community's anti-hack too1!" | ||
|
Dingodile
4133 Posts
| ||
|
Na_Dann_Ma_GoGo
Germany2959 Posts
Maphack Detection: This would check the position of the opponent's camera for known maphack signs. Fog of war peeking is easy to detect. The "screen lock" feature that some maphacks use would be even easier to detect. If a user is flagged as suspicous then the person running the anti-hack software can be advised to watch the replay when the game is finished. If both parties are running the software then camera positions of each player can be compared to make sure they match. Even if general hack detection is bypassed, this will reveal users using screen lock while fog of war peaking Yeh well that won't work well. How is that even remotely reliable? Testing for user behavior is almost never more than some part of indication. "Fog of War peeking is easy to detect" - and doesn't necessarily mean ANYTHING, you should add that. Because I must imagine most users do look at the fog of war every now and then. Sometimes just to issue move commands, to have a look at structure placement etc. of your opponent's base, send a scouting worker, or what I do for example, to set camera hotkeys. For example in a 2 player map I'll always set one of my camera hotkeys to the other mains location, so that I can tab there quickly. Then what? Will I get flagged as potential maphacker every time I do this? If you don't want this you have to add exceptions like "don't count the first few minutes" and similar stuff, which in return actually makes this program totally pointless to begin with. The only reliable way to prevent maphacks is complete server side calculations where you don't just distribute movement input etc. However that's not really possible in Starcraft 2 due to the very high amount of units for example. You program won't work on a lot of hacks, and when that's the case, why should anyone bother installing it, which in itself could be considered a risk? | ||
|
Doodsmack
United States7224 Posts
| ||
|
TibblesEvilCat
United Kingdom766 Posts
| ||
|
Doodsmack
United States7224 Posts
On June 10 2012 17:44 DeadBabySeal wrote: Ideas like this always have one massive flaw. Creating a client-side anti-cheat program for a game like Starcraft 2 is, quite literally, impossible. As long as I maintain administrative access to my machine, there's nothing your anti-hack application can do to stop me from cheating. Go ahead and make your program. Get its use required by all online tournaments. Guess what? Hackers will hook your system calls and return whatever your program expects to see. If your application is written in a managed language like Java or C#, the job will be even easier. Further, if your application is Open Source all bets are completely off (and to be frank, I'm not running a community developed anti-hack program on my computer if I can't see the source. Nope nope nope.). At the end of the day, there are extremely few 100% reliable ways to detect hacks. Limited replay analysis happens to be one of those - if a player is performing actions that are physically impossible (e.g., blinking individual stalkers while his camera is somewhere else) then you can be certain something is wrong. Beyond that, there will never be a 100% foolproof method of hack detection, ever. As long as people retain physical access to the computers running the game, the only thing stopping someone from hacking is lack of expertise and time. If anything, I am actually worried that this will make the maphacker's lives easier. They will be able to continue using hacks, but when questioned they can point to your application and say "See look, I'm not hacking, you can be sure because I'm running the community's anti-hack too1!" Would love for a mod to do an ip check on your account given how suspicious it is lol. | ||
|
Phanekim
United States777 Posts
On June 10 2012 17:44 DeadBabySeal wrote: Ideas like this always have one massive flaw. Creating a client-side anti-cheat program for a game like Starcraft 2 is, quite literally, impossible. As long as I maintain administrative access to my machine, there's nothing your anti-hack application can do to stop me from cheating. Go ahead and make your program. Get its use required by all online tournaments. Guess what? Hackers will hook your system calls and return whatever your program expects to see. If your application is written in a managed language like Java or C#, the job will be even easier. Further, if your application is Open Source all bets are completely off (and to be frank, I'm not running a community developed anti-hack program on my computer if I can't see the source. Nope nope nope.). At the end of the day, there are extremely few 100% reliable ways to detect hacks. Limited replay analysis happens to be one of those - if a player is performing actions that are physically impossible (e.g., blinking individual stalkers while his camera is somewhere else) then you can be certain something is wrong. Beyond that, there will never be a 100% foolproof method of hack detection, ever. As long as people retain physical access to the computers running the game, the only thing stopping someone from hacking is lack of expertise and time. If anything, I am actually worried that this will make the maphacker's lives easier. They will be able to continue using hacks, but when questioned they can point to your application and say "See look, I'm not hacking, you can be sure because I'm running the community's anti-hack too1!" pretty much this. being someone who's been in the community forever, even warden is limited. | ||
|
DJFaqU
466 Posts
| ||
|
roxaroni
United States1 Post
| ||
|
AiurOG
United States98 Posts
| ||
|
Johnnysc2
United States4 Posts
Link | ||
ZeromuS
Canada13389 Posts
On June 14 2012 12:38 Johnnysc2 wrote: Some guy on reddit says he's making anti-hack software and actually provided some alpha-level blink detection stuff. Link Well now we have an after the fact blink hack detector. Would need to test it against known non hackers (ie. Local play) of a very very good player to make sure it won't false positive. | ||
|
leculver
United States5 Posts
On June 14 2012 12:38 Johnnysc2 wrote: Some guy on reddit says he's making anti-hack software and actually provided some alpha-level blink detection stuff. Link Yo, some guy here. =P I can't make a thread since I just created a TL account (long time lurker). I'll be releasing full source as well (though if you are impatient you can just use reflector, it's really basic stuff). This is all pretty bleeding edge right now though. | ||
|
leculver
United States5 Posts
Well now we have an after the fact blink hack detector. Would need to test it against known non hackers (ie. Local play) of a very very good player to make sure it won't false positive. There WILL be some false-positives. The false positives are in the form of "we saw a few blinks that match the pattern, but it was less than 40% of all blinks", for example. There's a dead giveaway if the hack does all the work in one tick. Here's an example from http://idleengineer.com/blink.txt: BLINK HACK DETECTED. Total: 25 suspect: 23. 92% suspect blinks. Suspect blinks at these times: [snip] 00:16:03.562 00:16:03.562 As you can see, the hack is dumb enough to do things faster than any human can: Deselect, blink, attack-move, select, (twice!). All within the same game tick. My program doesn't currently check for this, but it will tomorrow. Here's the blog post I detail what I'm doing to detect blink hacks: http://www.idleengineer.com/2012/06/13/to-catch-a-cheater-part-2-blink/ OP, feel free to steal this technique if you weren't doing so already. I plan on releasing full source soon-ish, though it's a very simple state-machine to detect the blink hack. I also plan on working to detect a LOT more than just blink hacks. This is just the first thing we put together as a proof of concept. | ||
| ||
