Cheating in online games

Cheating in online games is an activity that modifies the game experience to give one player an advantage over others.[1] Depending on the game, different activities constitute cheating and it is either a matter of game policy or consensus opinion as to whether a particular activity is considered to be cheating. Johan Huizinga defines cheating as the action of pretending to obey the rules of the game, while secretly subverting them to gain advantage over an opponent.[2]

Cheating reportedly exists in most multiplayer online games, but it is difficult to measure.[3] The Internet and darknets can provide players with the methodology necessary to cheat in online games.

Contents

Bots and software assistance

Aimbots and triggerbots

An aimbot (sometimes called "auto-aim") is a type of computer game bot used in multiplayer first-person shooter games to provide varying levels of target acquisition assistance to the player. While most common in first person shooter games, they exist in other game types and are often used in combination with a TriggerBot, which shoots automatically when an opponent appears within the field-of-view or aiming reticule of the player.

Aimbotting relies on the fact that each client computer must be typically sent information about all players, whether seen or unseen. Targeting is simply a matter of finding the position difference of where the player is located and where any opponent is located, and pointing the player's weapon at the target. This targeting works regardless of whether the opponent is behind walls or too far away to be seen directly. If the game being played allows bullets to penetrate surfaces with minimal damage, the code can be manipulated to cause the bullets to penetrate an infinite amount of material and damage can be adjusted to guarantee a kill regardless of where the bullet lands. This severely magnifies the unfair advantage the aimbot would provide.

Some servers allow spectating, or seeing the game from the viewpoint of the active players. Recording of gameplay actions is also often possible. If someone was using a targeting aimbot, the bot would be plainly obvious to the spectator as unnatural exact position tracking. Some aimbots and triggerbots are blatant while others attempt to hide from spectators the fact they are being used through a number of methods. One being a delay in the firing, to hide the fact it shoots the instant an opponent is in the cheater's crosshair. Some Triggerbot programs allow the user the ability to toggle on or off depending on whether the mouse is held down or released.

Artificial lag

In the peer-to-peer gaming model, lagging is what happens when the stream of data between one or more players gets slowed or interrupted, causing movement to stutter and make opponents behave erratically. By using a lag switch, a player is able to disrupt upload from the console to the server, while their own console queues up the actions performed. The goal is to gain advantage over another player without reciprocation; opponents slow down or stop moving, allowing the lag switch user to easily out-maneuver them. From the opponents' perspective, the player using the device may appear to be teleporting, invisible or invincible, while the opponents suffer delayed animations and fast-forwarded game play, delivered in bursts.[4] Some gaming communities refer to this method as "tapping".

The term 'lag switch' encompasses many methods of disrupting the network communication between a console and its server. One method is by attaching a physical device, called a hardware lag switch, to a standard Ethernet cable. By flipping the switch on and off, the physical connection between the console and the server is disrupted.[5] Other methods, called a software or wireless lag switch, involve using a computer program. In this method, the cheater runs an application on a computer connected to the same network as the console. The application hogs the network bandwidth, disrupting the communication between the console and its server. An example of such an application is Laggsta.[6]

Look-ahead

Look-ahead cheating is a method of cheating within a peer-to-peer multiplayer gaming architecture where the cheating client gains an unfair advantage by delaying his actions to see what other players do before announcing its own action.[7]

A client can cheat using this method by acting as if it is suffering from high latency; the outgoing packet is forged by attaching a time-stamp that is prior to the actual moment the packet is sent, thereby fooling other clients into thinking that the action was sent at the correct time, but was delayed in arrival. A partial solution is the Lockstep protocol.

Wallhacking

Wallhacking allows a player to see through solid or opaque objects and/or manipulate or remove textures, to know in advance when an opponent is about to come into targeting range from an occluded area. This can be done by making wall textures transparent, or modifying the game maps to insert polygonal holes into otherwise solid walls.

As with the aimbot, wallhacking relies on the fact that an FPS server usually sends raw positional information for all players in the game, and leaves it up to the client's 3D renderer to hide opponents behind walls, in plant foliage, or in dark shadows. If the game map rendering could be turned off completely, all players could be seen moving around in what appears to be empty space. Complete map hiding offers no advantage to a cheater as they would be unable to navigate the invisible map pathways and obstacles. However if only certain surfaces are made transparent or removed, this leaves just enough of an outline of the world to allow the cheater still to navigate it easily.

When used in conjunction with an aimbot certain wallhacks allow the player to shoot through solid objects, which is known as "opk" (One Place Killing) in such games as Combat Arms, because the killer can generally stay in one spot. A subset known as WhiteWalls removes the color/texture from objects in the surrounding environment, providing distinct contrast to opposition character models, which remain colored/textured. (See ESP for an evolution of the WallHack.) A subset of wallhacking is also called "chamming" (see Skin Cheats).

ESP

Extrasensory perception (ESP) in video games displays contextual information such as the health, name, equipment, position and/or orientation of other participants as navigation/directional markers, which would normally be hidden from game players. In military parlance, this is known as Battlefield Visualization and part of a larger trend toward Information Dominance. This may be performed by reading the programs memory with an external program, or intercepting and decoding packets as they travel between the client and the server. This is difficult to detect and prove, but is definitely considered cheating.

Fly hack

A fly hack is one that lets the user disable the games' collision boundaries, allowing them to jump incredibly high, and even (in many cases), through walls and buildings, giving a good place to hide, or sniping from places that would otherwise be unreachable without the cheat. This is often called noclip. Modern servers will detect players using this hack and teleport them back to their old location or kick them from the server.

Removal of game elements

Removals allow the cheater to remove a game's inhibitors or annoyances. These include gun recoil, bullet spread, and visual effects. Such removals can significantly increase a user's firing accuracy, but may be noticeable to other players. Removals may also consist of removing flash bang effects, which normally make the user's screen appear a bright white and mute their sound. With that particular removal, the user can continue play without loss of audiovisual input. Smoke, sky, hands, ground, doors, and many other elements are also removed in order to cheat. A newer, more startling removal removes the ability to be kicked by a game, whether it be by a moderator or by vote-kick. This is often used in conjunction with other cheats/hacks to gain a permanent edge over the competition in a game.

Unsporting play

Disconnecting

In games where wins and losses are recorded on a player's account, a player may disconnect when he or she is about to lose, in order to prevent that loss from being recorded. A similar phenomenon occurs when a server operator boots an opponent or players who they do not support. Disconnecting is considered unsporting, as the opponent may not have his or her "win" recorded.

Some games implement a disconnection penalty, usually by recording the disconnect as a loss, or a loss of experience points. Other games, such as UFC 2009 Undisputed, include a "disconnect" statistic in players' profiles, so players may select a match where the opponent will not be prone to disconnect. The later games in the Call Of Duty give extra experience points for staying in a match, and records games in which the player leaves as a loss. Halo: Reach gives a random "lottery" experience-point bonus to players at the end of each match, encouraging them to stay until the end.

Rapid Fire Modifications

In games (mostly first person shooters) weapons featured can be fired in burst fire or single shot. For some gamers, modifying their controller or console to gain the advantage of having a faster shooting weapon than the standard player can be considered as a method of cheating.

These modifications can create an imbalance within the game. In the Call of Duty series, having a semi-automatic pistol or rifle with a rapid fire modification could display the player as having the firing ablilities of a heavy machine gun. This exploit has not yet been prevented in most instances of first-person shooters.

Environmental exploits

Exploiting is the application of an unintended use or bug that gives the player an advantage. Not all gamers view exploits as cheating, some view it as another skill because certain exploits take a significant amount of time to find, or dexterity and timing to use. An example of dexterity exploits include bunny hopping and texture-climbing in Quake, as well as so-called "wave-dashing" in Super Smash Bros. Melee. Exploits are often considered cheating when they have an unbalancing effect, or are used in an intended manner.

Skin cheats

Chameleon skins, cham-hacks or chams, replace player model textures with brightly colored skins, often bright red/yellow or blue/green, that change color depending on whether the model is visible. For instance, an exposed part of an opponent would be shown in a different color, giving a cham-hack user an advantage over non-hack users, especially in games in which camouflage techniques (provided by in-game mechanics, objects or player models) are negated.

While cham-hacks are accomplished using a wallhack subset, historically, user settings (in Quakeworld, for example) or exploits in many older games allowed replacing skins arbitrarily with varying degrees of success—from pseudo-camouflage in dark areas of a map (prior to specular and other advanced lighting techniques) when using a "shadow skin"; to completely disappearing while the skin change propagated to other players; to forcing a plain-white skin on all opponents.

A more obvious skin cheat involves a person wearing a skin that makes him invisible to all players. However, this is a cheat that is easily discovered, especially if the game provides a killcam after each death.

Farming and stat-padding

In games where achievements and player abilities are unlocked by defeating a number of enemies or challenges of a particular class, players may arrange to win or lose against one another in order to obtain the achievements without having to play the game linearly. This is also known as stat-padding, swapping, or boosting, and most players do not consider it to be cheating unless it is used to win the game (or make it easier to win).

The term farming also refers to the practice of garnering achievements or virtual property for the purpose of real-money-trading.[8] With rare exception, this has no direct effect on the gaming experience of other players; instead, it is a violation of most EULAs and could devalue the virtual property being farmed.

A special type of farming that occurs in multiplayer games where multiple players join a game that is based around taking objectives, like capture the flag or domination, but instead of working to take the objective, they focus mainly on scoring kills. This is known as kill farming and is generally frowned upon. This was especially common in Call of Duty: Modern Warfare 2, where players would become angry and bitter when others would try and advance the game (e.g. planting a bomb at a target location that, if allowed to detonate, would end the game) and would discourage their team from protecting the bomb so the enemy could defuse it. This is because these players would attempt to farm kills to gain the tactical nuke ability, which would also end the game. Although this isn't considered boosting, critics of the tactical nuke cited this as a reason to exclude it from further Call of Duty games because it ruined the gameplay of objective-based games.

Character sharing

Sharing is when multiple people play using a single character—mainly in MMORPGs -- to gain an advantage by having higher online times and/or being able to apply more manpower toward game activities such as leveling or gaining experience. In some MMOs this is not seen as cheating although others such as Nexon's Maplestory, Blizzard Entertainment's World of Warcraft or Jagex's RuneScape specifically forbid it.

Twinking

Twinking is the act of giving gear intended for higher level characters to lower level characters that would be incapable of obtaining the gear on their own. Twinked characters have a huge advantage over untwinked characters, as well as the rest of the game world. This is usually used by players who wish to create a new character, to help them level more rapidly or gain an unfair advantage in PVP. Most MMORPGs tolerate it, provided that the twinked character is not used in player versus player combat with other characters of the same level, where it would have an unfair advantage over non-twinked characters. Often limits on twinking are placed into the game, usually through strict level or stat requirements to equip the item. Circumventing these level requirements would then be further cheating.[9]

Ghosting

Most games allow other participants to observe the game as it is played from a variety of perspectives; depending on the game, perspectives allow an observer a map overview or attach a "camera" to the movement of a specific player. In doing so, the observer can communicate with an accomplice using a secondary communication methodology (in-game private message, third party communication, or even off-line) to inform friendly players of traps or the position of opponents. An observer can be an active player, using a separate computer, connection and account.

Some systems prevent inactive players from observing the game if they are on the same IP address as an active player, on the grounds that they are probably in close physical proximity; when all players from a single IP address are no longer active participants, they are all allowed to observe. However, this restriction can be easily evaded if there are multiple IP addresses available at one location (a common feature of broadband subscriptions), or if the observer installs remote desktop software on their computer, thus enabling their computer screen to be viewed by select other players in real time.

Secret alliances

Similar to ghosting in some respects, if two or more players to engage secret, co-operative play while all are active (especially in MMORPGs) it is considered cheating in many games, in particular when players engage in secondary communication. Using remote desktop software to observe the screens of secret "allies" while one is playing could confer considerable tactical and/or strategic advantages for all players in the "alliance", and would be considered cheating. In some RTS games, this is made difficult by replacing all player names with "unknown." This makes it to where you can't know who you are private messaging. Starcraft 2 and Warcraft 3 are examples of this anti-secret alliance setting.In games like Super Smash Bros. Brawl, sometimes when not using team battle 2 or more characters would try to attack one character and have one character win. Most of the time these people would be the same character with the same or different costume.

Stacking

Stacking involves altering game settings or team lineups to give one or more teams an unfair advantage over others. One example includes arranging a team composed of skilled or known players against a team with members of lesser skill. Although this may be a valid and accepted practice in real-life sports, in online games stacking upsets less-skilled players who feel that they aren't being given a fair chance. Less ethical rigging involves weighting the game by providing a player or team with an advantage by outfitting them with better (or more familiar) weapons or equipment, or creating a play field that caters to a certain player, team or playing style.

User settings

Typically, a player can change settings within a game to suit his or her preference or play style; these alterations are considered cheating only in certain circumstances. For example, changing the keyboard layout to make it easier to use is an accepted practice and not considered cheating; however, changing player models or textures, increasing the field view,and modifying the brightness are considered cheating.

Scripting

Scripting is the use of a program or game feature to automate certain actions or behaviors. The use of scripts may or may not be considered cheating, depending on the behavior involved, and whether said behavior is replicable without the use of such script. A script may give the user unusually fast firing rate, unobtainable otherwise, or may perform seemingly trivial tasks such as reloading. Scripts can also tamper with other players' command systems, such as in Crysis games, where a certain script edit known as a "Longpoke" can force all players on a certain server to use the suicide command.

Implementation of cheats

In the client–server model, the server is responsible for information security and enforcing game rules. (See "Efficiency versus security" below for drawbacks.) In the peer-to-peer gaming model, clients run equal code but are still subject to most of the same type of cheats found in the client–server multiplayer model; however, the peer-to-peer multiplayer model has depreciated in favor of the client–server model with the wider adoption of high-speed networks.[10]

"Never trust the client" is a maxim among game developers that summarizes the model of client–server game design. It means that no information sent from a client should be accepted by a server if it breaks the game rules or the basic mechanics of the game, and that no information should be sent to a client unless it is "need-to-know." For example, a server with no rule enforcement or data integrity checking will synchronize all of the clients with all of the information about all of the other clients. The server will be very fast, but any wallhack program will reveal where all the players in the game are, what team they are on, and what state they're in — health, weapon, ammo etc. At the same time, altered and erroneous data from a client will allow a player to break the game rules, manipulate the server, and even manipulate other clients.

Game code modification

Many cheats are implemented by modifying game software, despite EULAs which forbid modification. While game software distributed in binary-only versions makes it harder to modify code, reverse engineering is possible. Also game data files can be edited separately from the main program and thereby circumvent protections implemented in software.

Wallhacks and maphacks often function by modifying the software. Other cheats analyze or change the game state in memory, such as some aimbots and programs that give infinite ammo or health (often called trainers). Additionally, software with legitimate use outside of gaming can fulfill the role of a cheat when used inside a game. Examples include program accelerators and an auto clicker.

System software modification

Rather than modifying the game code (which the game itself or a 3rd-party protection system may detect), some cheats modify underlying system components. An example of this is graphics driver modifications that ignore depth checking and draw all objects on the screen—a primitive wallhack. System or driver modification is harder to detect, as there are a large number of system drivers that differ from user to user.

Packet interception, tampering & manipulation

The security of game software can be circumvented by intercepting and/or manipulating data in real-time while in transit from the client to the server or vice versa. Interception can be passive (see Ghosting and ESP) or result in active manipulation (see wallhacks); either methodology can be performed on the client machine itself or via an external communication proxy; some aimbots incorporate this methodology. Newer games encrypt network data at the expense of client computing resources that could be directed to make a faster, more immersive gaming experience.

Anti-cheating methods and limitations

There are many facets of cheating in online games which make the creation of a system to stop cheating very difficult; however, game developers and third party software developers have created or are developing[11][12] technologies that attempt to prevent cheating. Anti-cheat software is commonly used in popular games such as Team Fortress 2, Quake, or World of Warcraft. A few examples of anti-cheat software are DMW Anticheat, GameGuard, PunkBuster, VAC, ProtectEnviron, ShoxGuard, CleanDoD, XRay, xTrap, HackShield or Warden.

Exploits of bugs are usually resolved/removed via a patch to the game; however, not all companies force the patches/updates on users, leaving the actual resolution to individual users.

Client datafile checksums

One common method used to prevent cheating is for a checksum (such as an MD5 sum) to be calculated against each game datafile on the client computer, and for these checksums to be reported to the server before the client can join the game. When a cheater has modified a datafile to give them an advantage over others, the changes will affect the calculated checksum and may result in the client being automatically denied from joining the server if an unknown checksum is detected.

Someone who is attempting to cheat and who has downloaded a cheating package from the Internet may possibly be automatically banned by game servers, if certain well-known hacked datafile checksums are detected by the server during the connection attempt.

Once a datafile has been checked, it is held in a "file open" state, so that other software on the multitasking system can not rename or copy over a file after the check has been done, and the current game session is in progress. When the game session ends, the files are closed until the next check-in.

Non-standard datafile storage

Some games work to prevent hacking by storing game data in a custom-built private database format that strips file names and directory structures, but does not otherwise encrypt the file data. This is commonly visible as two files, one containing file data for all objects, textures, sounds, maps, etc. that is typically several gigabytes in size. A second file only a few megabytes in size contains the file and directory structure for the game to access data within the larger file.

Hackers sometimes examine these data structures to write unpackers that convert the database into a normal editable file and directory structure. The game engine may or may not use this extracted structure if it is present in the game installation directory.

Also because the actual game data in this huge file is typically not encoded or compressed, it is possible to look for common data file headers such as for JPEG, MPEG, or WAV and extract these individual files using a ripper, though this is done without knowing the database format or being able to write changes back to the game data structures.

Availability versus usability

Generally, the better the server is at enforcing the rules, the less of a problem cheating will be in the game.

It may not require much code, but when game servers were restricted by limited available resources such as storage, memory, internal bandwidth, and computational capacity due to the technologies available and the cost of the hardware, coupled with internet connections that were slow, it was believed to be necessary to compromise on security for optimization to minimize the impact on the end-user.

Today however, with the increased speed and power of multi-core computers, lower priced hardware, and the increased availability of broadband internet, this has become less of an issue.

Efficiency versus security

Server-side game code makes a trade-off between calculating and sending results for display on a just-in-time basis or trusting the client to calculate and display the results in appropriate sequence as a player progresses. It can do this by sending the parts of the world state needed for immediate display, which can result in client lag under bandwidth constraints, or sending the player the entire world state, which results in faster display for the player under the same bandwidth constraints, but exposes that data to interception or manipulation—a trade-off between security and efficiency.

Ramifications

Some companies and leagues ban[13] suspected cheaters by blacklisting specific installation or serial keys, or user accounts, meaning that the player is effectively prevented from playing the game online. In such cases, the banned player may be able to avoid the ban by purchasing an additional copy of the game which will include a new unbanned serial key.

While game publishers are known to ban players employing cheats, the actual number of players banned is usually not revealed. Exceptions to this include Blizzard Entertainment and Nexon, known for banning cheaters in batches, and publicising the number of banned accounts in order to discourage others from cheating.

See also

References

External links