What is anti-cheating software and how does it work?
Plenty of multiplayer games allow you to play cooperatively or competitively with other players online. While you may not be the best player in a game, you probably enjoy playing and get better over time.
Unfortunately, many gamers ruin the fun you can get by cheating. Game developers have tried to counter this by using anti-cheating software. You may be wondering how this works. Let’s find out more.
What is anti-cheating software and why is it important?
Anti-cheat software (ACS) tries to prevent cheats from being used in a game. Since there are different types of cheats: lag switching, aimbots, wall hacks and scripting to name a few, there are different ACS to neutralize them.
You have ACS on the server side that only runs when you load a game. While playing, the software scans your PC’s running processes and detects anything unusual. These can be files you have downloaded to the system, whether they are active or not, or how your network communicates with others. An example of this is Easy AntiCheat, which launches with every Epic Games game you download.
Then there’s ACS on the kernel side that accesses a deeper level of your PC’s system. ACS on the kernel side has extremely high privileges, even higher than your device drivers and other apps you install on your system. BattlEye represents a kernel-side ACS used in games like Destiny 2 and Ark: Survival Evolved.
The ACS for a game is usually on the developer’s disclosure. You’ve probably come across an ACS file that downloaded to your PC when you installed a game before and wondered why it’s important.
Think how annoying it would be if you’re playing an FPS and a player using an aimbot is able to shoot you directly in the head with no chance to fight back. The additions of AI cheat engines pose an even greater threat to FPS games.
Cheating ruins the fun of multiplayer gaming for everyone else. Since relying on players not to use cheating software would clearly never work, ACS was developed to prevent this. Without it, you would see a lot more cheaters in your favorite games.
How does anti-cheating software work?
As mentioned, different types of anti-cheating software (ACS) tackle different cheats. ACS, whether it has server-side or kernel-side privileges, will work in different ways to address the relevant cheats.
When a cheater switches to delay, they intentionally cut off the internet supply at coordinated intervals to help them. In a game like Madden NFL, lag switching can cause delays when you’re on defense or offense. Or, in a game of Counter-Strike or Call of Duty, you wouldn’t be able to photograph the player’s lag because they’re never actually where they appear to be.
In these cases, a server-side ACS would detect lag switching by logging data packets from all players, analyzing ping and timestamp samples. The ACS would then examine a player looking for suspicious changes in data packets and ping. This method of detecting lag switches was made apparent when Sony patented “detecting lag switch cheating in games”, as reported by MP1st.
For cheats like aimbots and wallhacks, these are usually executable files that “automate” game moves to give the user an unfair advantage, known as scripting. An aimbot registers the location of other gamers and automatically targets that player. For an ACS to prevent this, there will be a built-in ACS server side that monitors each player’s moves.
Kernel-side ACS, as we discussed earlier, gets the highest privileges on your PC and constantly scans for cheats whether you’re playing a game or not. BattlEye and Easy Anti-Cheat are great examples of this type of ACS; the ACS installs on your PC and constantly checks for malicious files that can automate gaming tasks and hinder cheaters.
Once an ACS notices possible cheating behavior from a player, they will flag it on the system and immediately ban or assign the user to review by a member of staff. This employee would then decide whether the player cheated or not.
Unfortunately, hackers are constantly finding ways to bypass ACS. Think of it as a constant battle between ACS and hackers, across generations of consoles and PCs.
Anti-cheat software is usually a trade-off. If there are too many restrictions, ACS can affect performance and latency. Therefore, developers should be careful about how aggressive the anti-cheating software is.
The problems with anti-cheating software
Over time, hacker cheating software has become more sophisticated. Anti-cheat software had to become more sophisticated to combat it.
Cheats have historically found ways to get around anti-cheating software by running kernel-level processes rather than through the game application they want to cheat with. If you are not familiar with the difference between kernel mode and user mode in Windows, you may want to read this.
To prevent users from bypassing the anti-cheating software, developers had to go deeper. They developed anti-cheating software that works at the kernel level; scan the computer for software programs that could potentially trick a user.
This seems to work, but in the same way that gamers hate ACS like Denovo, it brings its own problems. Programs running at the kernel level can break a PC if they go wrong; which could result in gamers having to get their PC repaired simply because they want to enjoy a game.
Another caveat many gamers have is privacy concerns; if the anti-cheating software can read anything at the kernel level, it can theoretically access anything on the PC. No one wants to put up with cheaters, but is it worth risking your privacy?
Anti-cheat software makes gaming fairer
You would be surprised how common cheating is in online gaming. Anti-cheat software makes gaming fairer for you and everyone else by preventing those cheaters from getting away with it.
It’s not perfect and doesn’t always work, but cheating would be rampant if it weren’t for it. Just as there are plenty of cheats, there are also plenty of anti-cheat software programs that help keep gaming fairer.