Jump to content
  • Advertisement
Sign in to follow this  
rackham

bot protection

This topic is 3362 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hello everyone! I wanted to know, is there any way to prevent bots playing games through web browsers. Ive seen the bejewled bots and others, playing match 3 type game with ease, but can this be prevented in any way? Thanks

Share this post


Link to post
Share on other sites
Advertisement
No easy and reliable programmatic solution exists. In particular in a browser game, your abilitites are limited, but reverse engineering is a thousand times easier than in a "binary" game.

The safest way to prevent botting is to make botting non-rewarding or at least less rewarding, which is much harder than it sounds. For example, you could rate-limit successes in some way, such as that only 3 wins (arbitrary number) per day count for your ranking. Of course this will also punish people who win more often legitimately.
Also, you could make it so more than 10 wins per hour (arbitrary number) trigger a security alarm which causes a moderator to review the logs in respect to your user ID and your wins. If it turns out you've been playing 28 hours straight without losing one game, they'll ban you.

None of these measures are 100% safe and are likely to catch a legitimate player who is just doing exceptionally well every now and then. Bashing someone innocent is probably as bad or even worse for your business as not punishing a cheater, so this is a two-edged sword.

Server-side timestamping may help if the bot writer is stupid. No human will make the optimal move in less than 0.1 seconds every single time. However, bot writers are not necessarily stupid and may insert random delays which will make this kind of check fail. The bots might be written to NOT make the best possible move every now and then, too.

Random events or human interaction may help, but are by no means safe. There exist bots that work all day unattended, but will play a sound (or some other notification) when someone (probably a moderator) is talking to you, so you can reply and thus "prove" that you're not a bot.

One notable example of a game implementing random events to cut down on botting in a rather successful manner was Runescape.

Share this post


Link to post
Share on other sites
As I recall, the random events in Runescape were unsuccessful at stopping bots for long.
I remember seeing dozens of obvious bots completing random events without a hitch.

In the end, they decided to eliminate trading. So it's essentially a single-player game with a chatroom now, but at least there aren't many bots.

Share this post


Link to post
Share on other sites
Quote:
Original post by phresnel
In this respect: Turing test.

Lol, that's what i was thinking. If these bot makers can make a bot so good that a human can't tell it apart from a real player then these bots must be intelligent! Now it's only a matter of time before they form Skynet [grin]

@Storyyeller: Yeah, i saw a lot of bots in Runescape when i used to play it. I would see a group of about 10 players chopping down trees and they would just keep chopping down the same trees and waiting for them to re-grow. Of course, they could have just been incredibly bored and stupid humans.
While it is quite obvious to a human, it may be impossible for another computer to detect a bot in all cases.

Share this post


Link to post
Share on other sites
Quote:
Original post by XTAL256
Quote:
Original post by phresnel
In this respect: Turing test.

Lol, that's what i was thinking. If these bot makers can make a bot so good that a human can't tell it apart from a real player then these bots must be intelligent! Now it's only a matter of time before they form Skynet [grin]


Hehe. But note that a captcha is already a mild form of turing test.

Share this post


Link to post
Share on other sites
Quote:
As I recall, the random events in Runescape were unsuccessful at stopping bots for long.
I remember seeing dozens of obvious bots completing random events without a hitch.
In the end no, intermittently for a while yes. The obvious problem is that bot writers will soon implement workarounds for the easier "click on one spot on request" challenges.

The maze event did much better, even more so as the walls were stippled semi-transparent which would make it harder for simple bots to "see" them (the bots that grabbed a screencopy). Unluckily, this also made them harder to see for humans, and total failure for someone with even slightly limited vision.
However, the problem is that while you are bashing innocent users, the more advanced bots later didn't grab screencopies, but instead emulated the whole client, which was easy enough, as a Java decompiler would give you the more or less readable source code (there were some heavy obfuscation attempts later on, don't know how successful these were). Now, a bot that emulates the whole client obviously knows the topology of the maze and thus doesn't need to guess for long...

Quote:
Quote:
In this respect: Turing test.

Lol, that's what i was thinking. If these bot makers can make a bot so good that a human can't tell it apart from a real player then these bots must be intelligent!
Yeah well, the problem is that they never do the turing test. A human does the turing test, which he will obviously pass.
A dozen bots will run on the same machine unattended for hours, and when human interaction is needed (e.g. someone sends a tell), the respective bot prompts for interaction.
So, after the Turing test was passed, all you can tell for sure is that the person has for example been harvesting in the same area for 6 hours, which isn't conclusive evidence for a ban. Many legitimate players do the same thing.

Share this post


Link to post
Share on other sites
Quote:
Original post by samoth
...but instead emulated the whole client, which was easy enough, as a Java decompiler would give you the more or less readable source code (there were some heavy obfuscation attempts later on, don't know how successful these were). Now, a bot that emulates the whole client obviously knows the topology of the maze and thus doesn't need to guess for long.

The real question is why anyone would even bother? For fun? Just 'cos they're bored? You can't make money from it unless they sell their services to pathetic gamers who are willing to pay money to have a quest completed for them or something (although that does happen in WOW).

Share this post


Link to post
Share on other sites
Depending on the situations, bots arent always a "bad thing." For example, if your game is pay to play, you get money from those botters. If your game is an MMO bots can lower the price of items (due to high quantities) which allows new players to catch up to older players. The only downside to bots that I can think of is the fact they can sell game related things like items, loot, or currency for real world money (i.e: IGE).

Back on topic: The best/only way to decrease (because you wont ever stop) the amount of bots is to add things like captcha's or lowering the value of repetitiveness (3 wins for 100%, +3 wins for 90%, etc.)

Share this post


Link to post
Share on other sites
Quote:
Original post by XTAL256
The real question is why anyone would even bother? For fun? Just 'cos they're bored? You can't make money from it unless they sell their services to pathetic gamers who are willing to pay money to have a quest completed for them or something (although that does happen in WOW).


Apparently, there really are a lot of sad people out there, even to the extent that it is a big buisness.

Quote:
Original post by phear-
Depending on the situations, bots arent always a "bad thing." For example, if your game is pay to play, you get money from those botters. If your game is an MMO bots can lower the price of items (due to high quantities) which allows new players to catch up to older players. The only downside to bots that I can think of is the fact they can sell game related things like items, loot, or currency for real world money (i.e: IGE).


Here are the downsides of bots that I can think of at the moment

Real World Item Trading, the bane of every MMORPG. (Well except for the ones that are based around legal RWIT but that's another story)

Hordes of low level clones everywhere is visually unattractive, as well as damaging to the community. It can cause real players to get fed up and leave if they think that humans are in the minority.

It distorts the economy. Real players who try to engage in the same activities have to compete for resources and accept fire sale prices for their products. Far from making it easier for beginners to catch up, it often makes it much harder.

Having unusual concentrations of people in a single spot burdens the servers.

It distorts skill levels and makes highscores and rankings meaningless.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!