基于进程速度，每x秒循环 [英] Loop every x seconds based on process speed

问题描述

我正在为我的游戏执行一个基本的（只是为了小孩）反欺诈。我在每个运动数据包中包含一个时间戳，并在服务器端对这些数据包之间的时间差进行合理性检查。

I am implementing a basic (just for kiddies) anti-cheat for my game. I've included a timestamp to each of my movement packets and do sanity checks on server side for the time difference between those packets.

我还包括一个数据包基于进程速度每5秒发送一个时间戳。但是似乎这是一个问题，当电脑滞后。

I've also included a packet that sends a timestamp every 5 seconds based on process speed. But it seems like this is a problem when the PC lags.

所以我应该使用来检查过程时间是否更快，由于速度hack

我目前在客户端上的循环速度检查：

My current loop speed check on client:

this_time = clock();
time_counter += (double)(this_time - last_time);
last_time = this_time;

if (time_counter > (double)(5 * CLOCKS_PER_SEC))
{
    time_counter -= (double)(5 * CLOCKS_PER_SEC);

    milliseconds ms = duration_cast<milliseconds>(system_clock::now().time_since_epoch());
    uint64_t curtime = ms.count();

    if (state == WALK) {
        // send the CURTIME to server
    }
}

// other game loop function

如果客户端PC没有滞后，上面的代码可以正常工作，因为RAM或CPU问题。他们可能运行的应用太多。

The code above works fine if the clients PC doesn't lag maybe because of RAM or CPU issues. They might be running too many applications.

服务器端代码：（GoLang）

Server side code for reference: (GoLang)

// pktData[3:] packet containing the CURTIME from client
var speed = pickUint64(pktData, 3)
var speedDiff = speed - lastSpeed
if lastSpeed == 0 {
    speedDiff = 5000
}
lastSpeed = speed

if speedDiff < 5000 /* 5000 millisec or 5 sec */ {
    c.hackDetect("speed hack") // hack detect when speed is faster than the 5 second send loop in client
}

推荐答案

您的系统有一个关键的缺陷，可以很容易规避骗子：依赖于客户端提供的时间戳。

Your system has a critical flaw which makes it easy to circumvent for cheaters: It relies on the timestamp provided by the client. Any data you receive from the client can be manipulated by a cheater, so it must not be trusted.

如果您要检查服务器上的速度被黑客攻击：

If you want to check for speed hacking on the server:

1. 以不规则的间隔记录玩家头像的当前位置。根据服务器时间存储每个日志的时间戳
。

2. 通过计算距离并将其除以时间戳来测量两个这样的日志之间的速度-difference。

1. log the current position of the players avatar at irregular intervals. Store the timestamp of each log according to the server-time.
2. Measure the speed between two such logs-entries by calculating the distance and divide it by the timestamp-difference.

当速度大于播放器的速度限制时，您可能会有一个骗子。但请记住，滞后可能导致突然的峰值，因此可能更好地对多个样本进行平均速度测量，以检测播放器是否为快速入侵。这可能使快速检测不可靠，但这可能是一件好事，因为它使黑客更难以知道他们使用的可靠的任何逃避方法是工作。

When the speed is larger than the speed limit of the player, then you might have a cheater. But keep in mind that lags can lead to sudden spikes, so it might be better to take the average speed measurement of multiple samples to detect if the player is speed-hacking. This might make the speedhack-detection less reliable, but that might actually be a good thing, because it makes it harder for hackers to know how reliable any evasion methods they use are working.

为了避免误报，请记住跟踪不遵守速度限制的玩家的人为方式（例如在被杀死后立即传送到产卵）。当这种事件发生时，当前的速度测量是无意义的，应该被丢弃。

To avoid false-positives, remember to keep track of any artificial ways of moving players around which do not obey the speed limit (like teleporting to spawn after being killed). When such an event occurs, the current speed measurement is meaningless and should be discarded.

这篇关于基于进程速度，每x秒循环的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！