Loop every x seconds based on process speed

Question

I am implementing a basic (just for kiddies) anti-cheat for my game. I've included a timestamp to each of my movement packets and do sanity checks on server side for the time difference between those packets.

I've also included a packet that sends a timestamp every 5 seconds based on process speed. But it seems like this is a problem when the PC lags.

So what should I use to check if the process time is faster due to "speed hack"?

My current loop speed check on client:

this_time = clock();
time_counter += (double)(this_time - last_time);
last_time = this_time;

if (time_counter > (double)(5 * CLOCKS_PER_SEC))
{
    time_counter -= (double)(5 * CLOCKS_PER_SEC);

    milliseconds ms = duration_cast<milliseconds>(system_clock::now().time_since_epoch());
    uint64_t curtime = ms.count();

    if (state == WALK) {
        // send the CURTIME to server
    }
}

// other game loop function

The code above works fine if the clients PC doesn't lag maybe because of RAM or CPU issues. They might be running too many applications.

Server side code for reference: (GoLang)

// pktData[3:] packet containing the CURTIME from client
var speed = pickUint64(pktData, 3)
var speedDiff = speed - lastSpeed
if lastSpeed == 0 {
    speedDiff = 5000
}
lastSpeed = speed

if speedDiff < 5000 /* 5000 millisec or 5 sec */ {
    c.hackDetect("speed hack") // hack detect when speed is faster than the 5 second send loop in client
}

Answer 1

Your system has a critical flaw which makes it easy to circumvent for cheaters: It relies on the timestamp provided by the client. Any data you receive from the client can be manipulated by a cheater, so it must not be trusted.

If you want to check for speed hacking on the server:

1. log the current position of the players avatar at irregular intervals. Store the timestamp of each log according to the server-time.
2. Measure the speed between two such logs-entries by calculating the distance and divide it by the timestamp-difference.

When the speed is larger than the speed limit of the player, then you might have a cheater. But keep in mind that lags can lead to sudden spikes, so it might be better to take the average speed measurement of multiple samples to detect if the player is speed-hacking. This might make the speedhack-detection less reliable, but that might actually be a good thing, because it makes it harder for hackers to know how reliable any evasion methods they use are working.

To avoid false-positives, remember to keep track of any artificial ways of moving players around which do not obey the speed limit (like teleporting to spawn after being killed). When such an event occurs, the current speed measurement is meaningless and should be discarded.