ArmA Anti-Cheat Framework

[maddogx 13]

Hi guys,

as yet another of my on-going Armed Assault scripting projects, I am working on a basic anti-cheat framework.

This obviously cannot detect things like wallhacks, but it does detect if people have modified their config values. I have already successfully tested a basic alpha version of the script, and I plan to run a closed beta test on the SWAF server very soon.

Confirmed features:

Quote[/b] ]

- Automatic detection of modified config values, such as increased weapon damage, rate of fire, magazine capacity etc.

- Detection of name-changes during the match.

- Automatic punishment of abusers.

- Dialog-based Voting system for manual punishment of abusers.

Possible future features:

Quote[/b] ]

- Teamkill detection.

- Very limited aimbot detection.

Info:

The detection of config changes can possibly cause a minor slowdown at the beginning of the match, as each client must exchange some data with the server. The closed beta test will show how bad this slowdown is, so I can adjust the checking process accordingly.

Right now we need some suggestions/ideas:

1. How should offenders be punished?

Obviously we can't kick them via script, so we need to think of something else. My current idea is to remove all their weapons and place them on a remote part of the map so they can't do any damage. A friend of mine said I should cause their games to crash with an endless loop, but I think that's a bit drastic. What do you guys think?

2. How should the voting system work?

The current voting system in ArmA is useless because most people don't know how to vote. I plan to change this by making a voting dialog for punishing griefers, and including clearly visible hints when a vote is in progress.

I am still at the start of writing the voting system, and I need some ideas for this:

- What percentage of players should be required for a successful vote? 50%?

- Should non-voters be discounted? For example: if there are 20 players on a server and only 5 of them vote, 3 for and 2 against, should the vote still be successful?

- How long should the voting process last?

- What delay should there be before a player can call another vote. (To avoid cheaters calling random votes to protect themselves)

Please let me know what you think. Need feedback.

[aussie dave 0]

Be good if it made a log.txt with player name and ID with cheat code eg:

<table border="0" align="center" width="95%" cellpadding="0" cellspacing="0"><tr><td>Code Sample </td></tr><tr><td id="CODE">

badman 123456 code3

teamman 098765 code1

code3 = teamkill

code1 = modified config values

code2 = aimbot

so admins can check the logs and add ID's to the ban.txt

[USM-75R.Hspd -XO- 0]

Sounds good...My opinions are...

1. That would be classic, don't set them on an island though, put them in the middle of the ocean, and every time they try to spawn it drops them there. Even the crashing of the game would be sweet, cause they don't need to be playing the game. If you would like something even more drastic pm me via www.usmsquad.com on our forums. My idea is that people who hack especially in games should never touch a keyboard. Let alone play the game.

2. Hopefully this client you are working on would be apply able on servers and automatically apply to the players computers rather than everyone have to download the client in order to play in the server. This would become a problem IMO.

I believe there are worse things than being banned on servers. And since most of these cards claim they cannot be banned. Let them try to swim their way back to shore before the game ends, or better yet do crash their games for them. Once you get this tool working well I will help assure it gets applied to all popular servers. Hopefully you can come up with something to do about wall hacks too, I'll ask around. On USM we have a few script kids so if you think you may need some help just let me know TS IP is ts.usmsquad.com:8767

[dmarkwick 261]

I'm unaware of current cheats & hacks as I only ever play with known people, so I don't have much to say on the reasons & methods just yet. however I do intend to go random server playing eventually so I post my ideas on your current thoughts

1. How should offenders be punished?

Obviously we can't kick them via script, so we need to think of something else. My current idea is to remove all their weapons and place them on a remote part of the map so they can't do any damage. A friend of mine said I should cause their games to crash with an endless loop, but I think that's a bit drastic. What do you guys think?

Great idea, I don't think it's possible to kill yourself (and thus respawn properly) without any weapons. Topmost island above Antigua should do nicely

There's a revive script available here, how about a griefer who's been voted off falls down unconscious? And so it would take a positive action from a team member to bring him back?

Quote[/b] ]

2. How should the voting system work?

The current voting system in ArmA is useless because most people don't know how to vote. I plan to change this by making a voting dialog for punishing griefers, and including clearly visible hints when a vote is in progress.

I am still at the start of writing the voting system, and I need some ideas for this:

- What percentage of players should be required for a successful vote? 50%?

I would think that most people who bother to vote would be those who vote a yes, unless he's a team member and his friends are certain he's not actually cheating/griefing so 50% sounds OK.

The vote instigator cannot vote (but is automatically assumed a "yes") and it takes more than this one vote to be successful.

Quote[/b] ]

- Should non-voters be discounted? For example: if there are 20 players on a server and only 5 of them vote, 3 for and 2 against, should the vote still be successful?

Yes. Non-voters shouldn't have an implied preference

Quote[/b] ]

- How long should the voting process last?

- What delay should there be before a player can call another vote. (To avoid cheaters calling random votes to protect themselves)

Depends on the voting method, but I would think that taking 20 seconds to find cover or otherwise sort yourself out is plenty. I don't really know, would have to see it played out a couple of times I guess.

[celery 8]

Great idea, I don't think it's possible to kill yourself (and thus respawn properly) without any weapons. Topmost island above Antigua should do nicely

You can just hit escape and press respawn.

[dmarkwick 261]

Great idea, I don't think it's possible to kill yourself (and thus respawn properly) without any weapons. Topmost island above Antigua should do nicely

You can just hit escape and press respawn.

Hmm. Then a 5-minute "sin-bin" countdown might work. Or just keep 'em there.

[celery 8]

I'm not sure if teamkill punishment should be in this project at all. What if an enemy hits your chopper and it crashes without being destroyed first? You get minus points for the chopper and everyone inside the chopper. You also get a "teamkill" by getting driven over by someone, at least when you're in a weaker vehicle that gets crushed. ECL uses a TK/spawnkill punishment system in their maps and being locked for an illogical reason is not nice.

[maddogx 13]

Be good if it made a log.txt with player name and ID with cheat code (...)

At the moment it isn't possible to write anything to a log file as far as I'm informed. It would be an excellent feature but we'll have to wait for that.

1. That would be classic' date=' don't set them on an island though, put them in the middle of the ocean, and every time they try to spawn it drops them there. Even the crashing of the game would be sweet, cause they don't need to be playing the game. If you would like something even more drastic pm me via [url']www.usmsquad.com[/url] on our forums. My idea is that people who hack especially in games should never touch a keyboard. Let alone play the game.

I never thought about putting them in the ocean... good idea. By the way, I share your opinion about cheaters... that's why I'm working on this script.

2. Hopefully this client you are working on would be apply able on servers and automatically apply to the players computers rather than everyone have to download the client in order to play in the server. This would become a problem IMO.

There isn't actually a client software in that sense. My anti-cheat system works via a collection of scripts that are easily added to the mission. No extra download required.

(...)

Once you get this tool working well I will help assure it gets applied to all popular servers. Hopefully you can come up with something to do about wall hacks too' date=' I'll ask around. On USM we have a few script kids so if you think you may need some help just let me know TS IP is ts.usmsquad.com:8767[/quote']

Thanks for the offer   . If this script really works out as intended, it would be nice if we could see it popping up in as many MP missions as possible.

(...)

All of what you wrote sounds good to me.

I'm not sure if teamkill punishment should be in this project at all. What if an enemy hits your chopper and it crashes without being destroyed first? You get minus points for the chopper and everyone inside the chopper. You also get a "teamkill" by getting driven over by someone, at least when you're in a weaker vehicle that gets crushed. ECL uses a TK/spawnkill punishment system in their maps and being locked for an illogical reason is not nice.

The teamkill detection method would have to be extremely advanced before I put anything like that in a mission. Like you said, there are many cases in which teamkills may not be intentional - that needs to be taken into account.

That's also the reason why automatic teamkill punishment is in the "possible future features" section.

Thanks to all you guys for the feedback! Keep it coming!

[dmarkwick 261]

there are many cases in which teamkills may not be intentional - that needs to be taken into account.

That's also the reason why automatic teamkill punishment is in the "possible future features" section.

You could implement a 5-second Forgive function that allows players to hold off punishing their killer before any punishment is doled out

[dmarkwick 261]

*idea*

How about a teamkill function where whoever has been teamkilled falls down unconscious for 15 seconds, allowing the killer the opportunity to revive him and thus avoid punishment?

Might have to build in some sort of anti-abuse code to prevent a guy repeatedly killing & reviving.

[maddogx 13]

*idea*

How about a teamkill function where whoever has been teamkilled falls down unconscious for 15 seconds, allowing the killer the opportunity to revive him and thus avoid punishment?

Might have to build in some sort of anti-abuse code to prevent a guy repeatedly killing & reviving.

Would be a bit hard to implement I'm afraid. Detecting teamkills via script is hard enough as it is.

Your idea is interesting, but it would require that the script precalculates the flight path of a bullet to see if it would actually hit the victim. Then it would have to stop the bullet before it hits, because otherwise the victim would be registered as dead anyway.

[dmarkwick 261]

*idea*

How about a teamkill function where whoever has been teamkilled falls down unconscious for 15 seconds, allowing the killer the opportunity to revive him and thus avoid punishment?

Might have to build in some sort of anti-abuse code to prevent a guy repeatedly killing & reviving.

Would be a bit hard to implement I'm afraid. Detecting teamkills via script is hard enough as it is.

Your idea is interesting, but it would require that the script precalculates the flight path of a bullet to see if it would actually hit the victim. Then it would have to stop the bullet before it hits, because otherwise the victim would be registered as dead anyway.

Sorry, I thought you knew that I was talking about this scripting solution. That problem has been solved (apparently, not tried it first hand yet) so all you would need is the permission to use that part of it.

[maddogx 13]

I never actually looked at that revival script because it wasn't of interest to me.

Could be an option for later. Right now I'll focus on the core functions though.

By the way: I'm not a big fan of copying other people's code. I prefer to write it myself .

[dmarkwick 261]

Well of course I wasn't suggesting copying, but incorporating which requires permission. I've never had any problem getting permission from people who write scripts, all they seem to need is proper credits, which is a given in any case

But yeah, do the base stuff first

[mattxr 9]

1. How should offenders be punished?

Give them a 30 second hint saying that there arma is about to be locked and to leave the server becuase they have unothrised modified files. Then after 30 seconds disableuserinput true;

That gives them a chance to say why they have modified files and to get off the server before they get screwed over. lol

2. How should the voting system work?

- What percentage of players should be required for a successful vote? 50%?

// 50% Sounds Good Enough

- Should non-voters be discounted? For example: if there are 20 players on a server and only 5 of them vote, 3 for and 2 against, should the vote still be successful?

// Yes

- How long should the voting process last?

// 30 Seconds Incase some people are flying and what not and dont have time to get here instaly to vote without Tking a heli full of people..

- What delay should there be before a player can call another vote. (To avoid cheaters calling random votes to protect themselves)

//1min

[TheElite 0]

Arma already has its own roe script with a variable assigned to it.

has it been removed or something since 1.00 ?

<table border="0" align="center" width="95%" cellpadding="0" cellspacing="0"><tr><td>Code Sample </td></tr><tr><td id="CODE">?globroerun: exit

globroerun=true

~1

player say "TRv04"

~4

TitleCut ["","BLACK faded", 1]

~1

TitleCut [localize "STR_TRt02","BLACK faded", 0]

~3

rulesofengagement=true

exit

[maddogx 13]

Arma already has its own roe script with a variable assigned to it.

has it been removed or something since 1.00 ?

<table border="0" align="center" width="95%" cellpadding="0" cellspacing="0"><tr><td>Code Sample </td></tr><tr><td id="CODE">?globroerun: exit

globroerun=true

~1

player say "TRv04"

~4

TitleCut ["","BLACK faded", 1]

~1

TitleCut [localize "STR_TRt02","BLACK faded", 0]

~3

rulesofengagement=true

exit

Never heard of that.

Heads up on the anti-cheat framework:

Apart from the punishing part (which should be easy) and the voting (doing that later), the script is now fully functional and will detect anyone on a server who has modified configs. The detection initially happens within the first few seconds of the game and will constantly recheck if the client gets new weapons or gets into a vehicle. Already checked weapons and ammo are remembered, avoiding unnecessary re-checking and thus reducing server workload and bandwidth usage.

Any config modification that significantly affects weapons is currently detected. This includes changes to hit strength, blast strength, blast radius, rate of fire etc.

Tomorrow I will add a basic punishing system and then test the script on a dedicated server to see just how much bandwidth this thing costs. I might need a few beta testers - perhaps some peeps who are willing and able to create a small mod that changes some of their weapon configs. Just to make sure it really works as intended .

[General Barron 0]

Interesting concept, I definately like the idea. Perhaps check out my OFP MP voting/admin console for some ideas regarding voting:

download

forum thread

It also has a very simple but effective system of punishing players, where the player is simply placed 10000m in the air by the server, and keeps being replaced there every few seconds, ensuring they stay there even if they have their own scripting console.

Some general ideas/suggestions:

Would it be possible for a cheater to edit the map and change/disable the scripts? Or does the game do a check to see if the player's mission.pbo is exactly the same as the server's?

Either way, it would be a good idea to store the scripts entirely in a .pbo which is only kept on the server (you can make calls to scripts in a pbo without it being in the 'requiredAddons' section of a mission). Mission makers would have to put a single line in their init.sqs, which is something like:

? local server : [] exec "\cheatDetection\init.sqs"

All the anti-cheat scripts would then obviously be run from the server only, preventing tampering by clients with a debug console.

This would be good because:

(a) cheaters wouldn't be able to know what the script does unless they get a hold of the appropriate .pbo (which should be carefully distributed), and

(b) you would be able to update the anti-cheat scripts by updating the one .pbo, without having to touch the maps (the one line in the init.sqs is all that is ever needed, from v1 onward, all other scripting is stored in the addon).

As a little hint on implementation, the init code in the createUnit command is run on all clients. Using that fact, you can have the server execute whatever code you like on any client.

[mattxr 9]

Its impoosible for a cheater to chnage the scripts from with in the mission then join a server becuase the server will make them download that version again.

[maddogx 13]

General Barron, I love your idea! If it works that is. I will test this later.

[Dwarden 1124]

actually if he is in air and so high his position may be relayed to all users below or all airplanes etc. ...

i prefer teleportation to some sea or empty "piece of land" far away from line of sight w/o any equip ...

or even simpler ... kick him off the server ...

bandwith/CPU/RAM resources are needed for fair players not some TK/cheat junk

[mattxr 9]

Like i said when the script finds someone with modifed files it should relay a hint to the rest of the players on the server saying he has cheats and if there is an admin present the admin can kick but if not the player will be punished and proberly leave.

[maddogx 13]

The anti cheat script already displays a message to all players - it even tells you what he has modified, such as:

Quote[/b] ]

CHEAT WARNING!

MadDogX is using modified CfgWeapons:

M4SPR->hit

M4SPR->indirectHitRange

Kicking a player off a server is not yet possible though, at least not the conventional way. It would be possible to crash his game with an endless loop though , as has been discussed earlier.

[Dwarden 1124]

The anti cheat script already displays a message to all players - it even tells you what he has modified, such as:

Quote[/b] ]

CHEAT WARNING!

MadDogX is using modified CfgWeapons:

M4SPR->hit

M4SPR->indirectHitRange

Kicking a player off a server is not yet possible though, at least not the conventional way. It would be possible to crash his game with an endless loop though , as has been discussed earlier.

no crashing as this will lead to abuse and what IF error/bug happens ...

kicking isn't possible ? what about just invoke successfull votekick against volating player?

[maddogx 13]

The anti cheat script already displays a message to all players - it even tells you what he has modified, such as:

Quote[/b] ]

CHEAT WARNING!

MadDogX is using modified CfgWeapons:

M4SPR->hit

M4SPR->indirectHitRange

Kicking a player off a server is not yet possible though, at least not the conventional way. It would be possible to crash his game with an endless loop though , as has been discussed earlier.

no crashing as this will lead to abuse and what IF error/bug happens ...

kicking isn't possible ? what about just invoke successfull votekick against volating player?

The anti-cheat framework is written entirely in .SQF script and included into the mission itself. I may be wrong, but I know of no command in ArmA that can "invoke" a successful kick vote.

If there really is a way to do that, it would be extremely cool.