Instead of anti-cheat on the client side, which 'kernel level' anti-cheat still gets beaten, why not look at a wholly server-side statistical analysis of player stats?
Make the anti-cheat follow one of the key tenets of cybersecurity: never trust user input.
Should work reasonably well for first-person shooters.
You're ranked based on the game's inner metrics, calculated on the server, rather than player-visible ones:
- time from observation to target contact with crosshairs (inc. standard deviation, standard error)
- % of time successfully striking specific hit boxes
and so on (depending on the game).
These rankings don't affect your public rankings but do affect who you're match-made with, or games that don't have private server options. Eventually you'll only be match-made with other cheaters, or players so good they give cheaters a genuine run for their money.
For games that do have private server options it could be configurable to:
- flag the player to admins as 'suspicious' for investigation
- Start ignoring hits that would've otherwise been successful for statistical outlier behaviours (where the statistical analysis indicates a significant disparity between observed and known-human-like reaction times and behaviours).
Make the anti-cheat follow one of the key tenets of cybersecurity: never trust user input.
Should work reasonably well for first-person shooters.
You're ranked based on the game's inner metrics, calculated on the server, rather than player-visible ones:
- time from observation to target contact with crosshairs (inc. standard deviation, standard error)
- % of time successfully striking specific hit boxes
and so on (depending on the game).
These rankings don't affect your public rankings but do affect who you're match-made with, or games that don't have private server options. Eventually you'll only be match-made with other cheaters, or players so good they give cheaters a genuine run for their money.
For games that do have private server options it could be configurable to:
- flag the player to admins as 'suspicious' for investigation
- Start ignoring hits that would've otherwise been successful for statistical outlier behaviours (where the statistical analysis indicates a significant disparity between observed and known-human-like reaction times and behaviours).
Even if cheats were used on the server, their