Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
vdrift server
02-15-2007, 05:20 AM,
#16
 
In that post you cover several good ideas for detecting cheating in championships, this reflects alot my line of thinking but clearly you've thought it out a little further than I have... Smile


edit: reading back over the checkdata portion of the post you linked, it seems like this would work. One issue I see is that we already have a replay system that records user inputs and plays it back to produce the same result. It isn't perfect, and occasionally it seems like the car strays off its originally recorded path, only to "jump" back into its path when the next frame of replay data is read. This is only noticable sometimes, but would probably be flagged as a deviation by the algorithm you described and could lead to false positives in cheater detection.

It's probably caused by low sample rate on the replay data, and though this can be raised it may be infeasible to collect real-time input data from the user and send it across the network real-time as well. It might be better to record it locally in high detail, and then upload it at the end of the race.

Another possible method would be to collect input data at a lower sample rate, and mark cheaters that have a high standard of deviation between the positions they send during the game and the positions determined through the replay check procedure. So perhaps allow up to 2% deviation but not more. Either way, it's likely some cheaters may still exist in the margin, or legitimate users will be frustrated by being marked as cheaters.

An even further idea to augment all this would be to allow players to establish a reputation somehow, whereupon we could assume that they will not cheat. There could be a minor mandatory fee for official tournaments, which would certainly weed out most of the riff-raff - or at least drive them more towards unofficial servers. Also, there could be a simple reputation score for users based on how many races they've participated in. Rewards could be given to those with good reputation. Perhaps known good players would get to start in the first half of the positions in a race while unknowns must start at the back of the pack.
Reply
02-15-2007, 01:43 PM,
#17
 
this deviation could be tested using both solutions at the same time in the multiplayer engine, that is, a client send both controller inputs and positions/rotation/speed
mathematically we can compare the computed values with the given ones
graphically we can display both car on the server, with different colors

we can try with several parameters, a modified car on the client side and so, we'll see what happens Wink

beside, that would be great comparison of both solutions
Reply
02-15-2007, 02:23 PM,
#18
 
Well, first of all, you gotta decide how important cheat detection is for you. For starters, i think there won't be many cheaters (vdrift user base is not very big now, right?), so discussing this is probably overkill.

In any case, you just can not use only input data for multiplaying. You're gonna lose a hell of a lot of packets, and i doubt your server can cope with computing other 5 other cars physics, at 5x realtime, in order to keep up with wall time.

And of course, you can't rely solely on unreliable (aka UDP) input data. Remember what happened to Driver replays when you simply changed screen resolution? After half a minute, the car would start going havoc, ending up on its roof, steering and braking like it was still on 4 wheels! :lol: . 1nsane suffered from the same problem, sometimes after only 1 minute of replay. I'm sure there's this kinf od chaos effect in more games. That's why nowadays, most sims (lfs, isi sims, nknamie, nkpro, ...) use recorded results (positions, etc.) instead of input data.

And that was just replays, now imagine if you lose data because of packets not arriving... :?


Also, simply changing the architecture may influence the computations. For example, Intel internally uses 80-or-so bits (can't recall the exact number) for some floats, even if the IEEE standard defines only 64 (or whatever) must be used. Let alone having DirectX lowering CPU precision on the fly when it wants to increase framerates. So even with full input data recorded, it's already very difficult to get the same outcome.
That's why i mention the server must have a config for each type of client. The main differences are usually between different OSs (windows vs linux vs macos); the minor differences might be possible to be fixed with clever coding. I don't know for sure.



Also, a 2% deviation in 20min race can easily mean the difference between first and third. Cheating by dupping the engine torque is stupid, since everyone can notice it. Cheating by increasing your car torque by 2% is what can help you.

Also be careful with what you measure in order to know the "deviation". Time when passing a checkpoint? Speed? Position? The distance difference between hitting a barrier and just missing it can be smaller just a coupl millimeters, but the resulting difference in position after a second might be 20 meters, your car may now be facing bacwards, with a speed of -40mph, and going on 2 wheels :o



Anyway... like i said, is it necessary to care this much about cheating already?
I suggest to know all these issues, so that your code doesn't need to be rewriten too much in the future (1), but continue coding whatever you're doing now, like a proper multiplayer code, proper suspension physics, etc.


[1) For example, if you need random numbers in your physics computations, forget about using random random seeds (for ex. based on time), instead use predefined random seeds (based on any arbitrary number) that you can set the same one in all the clients, or when replaying, or when checking for cheats in the server. And so on...]
Reply
02-16-2007, 12:24 PM,
#19
 
back to the PHP masterserver :lol:
I'm borred so I think I'll write it :wink:
do you know a proper lib to send HTTP request and get web pages ? :?
Reply
02-16-2007, 09:24 PM,
#20
 
hmmm...libcurl maybe?
Reply
02-19-2007, 09:57 AM,
#21
 
stenyak Wrote:In any case, you just can not use only input data for multiplaying [...] now imagine if you lose data because of packets not arriving... :?
I think so too, but they don't seem to realise. Since the hardest solution is already implemented (that's how it works right now, http://vdrift.net/Forum/viewtopic.php?t=449), it should be fairly easy to add the other and to test the difference on the fly with different parameters

I'm taking care of the PHP masterserver and I'll plug it to my pseudo-network engine, however I have a big exam on march 15 so it may take a while
Reply
02-19-2007, 01:43 PM,
#22
 
Nigo, go ahead, and take your time. As I've probably mentioned before the big networking cleanup is at least a version away from us now, so we've got plenty of time.
Reply
02-22-2007, 01:58 PM,
#23
 
done. I implemented the masterserver as stenyak said, plus I made the same for the clients

to sum up, the masterserver knows
_when a server go online
_when a server stop
_when a client connects (the server send the infos)
_when a client disconnects (idem)

plus there is a timeout. The server has to say hello every some time (here 100s). If it doesn't, it's assumed dead after some time (here 120s) and is kicked out

the masterserver http://nigoni60.perso.cegetel.net/vDrift/vDriftMS.php
the masterserver's code (PHP 4.3) http://nigoni60.perso.cegetel.net/vDrift...MS.php.txt
it's not atomic yet, I'll try to fix that

the additional code on the server side
Code:
MasterServer::Param msp;
msp.serverName = "My Beautiful Server";
msp.serverHost = "127.0.0.1"; // IP or host
msp.serverPassword = "nj6j3b0ko4";
msp.masterServerURL = "http://nigoni60.perso.cegetel.net/vDrift/vDriftMS.php";
TestDedicatedServer server(port, nbMaxClients, &msp);
// to use no masterserver :
// TestDedicatedServer server(port, nbMaxClients);

on the client side
Code:
MasterServerClient msc("http://nigoni60.perso.cegetel.net/vDrift/vDriftMS.php");
vector <...> servers = msc.refresh();

just going through servers :
Code:
2 servers online:
- My Beautiful Server (2 clients / 32, host 127.0.0.1:1300):
   - Alice
   - Bob
- Another Ugly Server (1 clients / 16, host 127.0.0.1:1301):
   - Eve

ok now you have time to figure out how to plug it on vDrift while I concentrate on my exams Wink
Reply
02-23-2007, 03:19 PM,
#24
 
Nigo, the code looks good. I won't have much time to test it until after I get this release done. However it looks like you did a good job of input checking every time the servers contact the master server. One other thing that you might want to check, is the originating IP address of the servers, to make sure that it's consistent, and someone's not sending disconnect signals or something like that for known servers from another IP. Of course, IPs can be spoofed...but it's not a bad idea to check anyway. Another idea, perhaps instead of just returning when some check fails, could we log what happened into another text file on the master server, so we can see what's been going on later? Thanks for your help, I like how this is shaping up Smile
Reply
02-25-2007, 09:39 AM,
#25
 
I'll add that of course
but in terms of security, I find more worrying that anyone who figure out the good parameters, by reading the sources of vDrift, can simulate a fake-server. Of course it would be useless... but...
I can't figure out a solution for that, apart from building a list of "registered" servers :roll:
Reply
02-25-2007, 01:03 PM,
#26
 
Requiring server admins to let us know before they set up a server is not a bad idea. That encourages them to communicate with us. Otherwise they can run an independent server, and they can advertise its address to players themselves (like at a LAN party).

It matters little that people can read the code, in my mind. Even if they can't, they will examine the network packets and figure out how it works that way. We've got to find a way to make it secure anyway. I think this is definitely possible.
Reply
02-25-2007, 02:28 PM,
#27
 
I don't understand, what's the problem? Someone creating a second server list? Someone creating servers that don't work? Why would anyone do that?
Reply
02-26-2007, 04:55 AM,
#28
 
stenyak Wrote:Why would anyone do that?
don't know
but neither do I know why I often receive email from people who want to enlarge my pe**s for $500 :lol:
it'll work as long as no one care, which is very likely to happen. I'm just pointing out it can be polluted very easily if we let anyone register his server
Reply
02-26-2007, 07:16 AM,
#29
 
Well, spam is there because bandwidth is cheap and one in 10000 people will believe the mail; but creating a fake server for a simulation.. i can't see any reason, appart from trying to kill competition, which there isn't nowadays.

Anyway, if i were to try to prevent it, i'd start with preventing automation by using some captcha (kittencaptcha or whatever).
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)