server-side bot detection in massive multiplayer Online Games

Wonder how big the profiles should be inorder for this method to fail? Would be fun to test and see if this was the issue

EDIT: Shouldnt this be super easy fo find out? Setup 4 different trail accounts, with each having a different route (10, 20, 40, 80 waypoints) So if this is how they do it, they should be banned in the order of the one with the fewest waypoints first, and you should even be able to see a time trend?

 

First thing - as many have said before if it were that easy we would all be banned or hey if you're the tinfoil hat type maybe they kill a certain percentage of known bots because they know that many of those people will buy a new cd key. Money money money! haha Now, I don't claim to be an expert by any stretch but here are my three cents.

I haven't done much with profiles recently but if memory serves there is an exact waypoint given in the profile and then precision. The lower the precision the further away the bot will consider itself to have reached the waypoint. Therefore it's not an exact point but a reasonably small region. Now if you're going from point A to point B then yes I suppose every bot would stop in the same place but all it takes is a node or a reason to deviate (a dude to fight) and you'll no longer hit the exact point. In gatherbuddy2 there is a height modifier as well. If you change this then all of the sudden your path and every waypoint you go through will be different. Now tinfoil hat could say well then only check X,Y but in my experience in programming you make things as simple as possible. The more complicated the logic the more information you need to make it work. If they ever do or have done waypoint checking then they'll likely do exact points. No chance of false negatives.

I've done gathering profiles in the past in two ways.
1. Tons of waypoints. I do this so that the bot rarely makes a 90 degree turn. It turns slowly more as a player would. Now in this case there would still be waypoints that you would always go through I suppose but generally speaking it takes an hour per run of the profile. Once it's done one it moves on to another which would also take it an hour. I modify the height modifier for every session even if it's just by a tiny bit. No session would ever be the exact same points.
2. Not near as many waypoints. Randomize them. This is more for less populated areas. The bot will go one way and then go a completely other. It looks visually like a bot. As far as the waypoints are concerned you are coming at them from a different direction. With a low enough precision on the waypoints you would actually end up turning at a different point. Very little repetition.

Conclusion:
This would catch the botters who use default everything. Botters who use default everything I would imagine have an increased chance of getting caught. That is why everyone always recommends your own profiles and using your head. This is yet another thread for fear mongering rather than recommending solutions as I just have. Solutions are why bots have been around for so long. For almost every detection technique there is a way around it.

 

Hey Chunky - I believe in what your saying here if it was all that easy everyone would end up banned, everyone using GB2 and using public profiles in default. However from reading the article even using your private profiles and use it more then once then you still will run the risk of it being recorded and eventually being banned.

Do they ban people hoping they will buy another cd key, why not i would if i knew they were botters more money is more money thats business. Just like there are no warnings yet on the site for new users buying Honorbuddy more money is more money?

I have never made my own profiles, i work in IT but not programming or databases etc..but i would have thought that they have been running something for a while now just holding back on the information they collate until the point comes were they can say we "think" that this person is botting ban them. If you see alot of people are getting those bans turned over to 72 hrs and this is where i think that they simply dont have the absolute proof on this person so deviation is bigger then what they would expect?

Im not speaking about what the bot looks like visually im simply stating that over time the collection of data on that account on that profile would add up so unless your using the a completely different profile every time you run it? Could you add more to this maybe, like do you have profiles run through several areas and then manually change the height etc..and only run this profile once forever?

Im not sure about fear mongering mate its simply a discussion on what we are thinking, after all it is a forum and this is where things should be discussed in a civil way. I agree with that a default setting would defo get you banned quicker as this would simply stand out against what ever informaiton that Bliz has collected and then simply use as a template? I still think that over time information being collected would be substantial enough to dish out a ban?

Also "This is yet another thread for fear mongering rather than recommending solutions as I just have. Solutions are why bots have been around for so long. For almost every detection technique there is a way around it" Your the first to have actually recommended technical things such as you have in any of the threads i have read in the ban section and agree that there will be a solution to what is happening simply at the moment it is a case of when they catch you and laying low at the moment is the best course of action for those of us that dont do this for a living? I have been around since GLider and i have only had 1 ban and this was from Glider days and have never used anything except for public profiles but have used common sense when i have botted.

Would be great to see other solutions from some of the senior members who make there own profiles like you have added in here

Cheers,

Old Fart

 

The problem is our idea of waypoints. The entire pathfinding system would need to be adjusted for a proper 'fix'.

Sure, randomizing the waypoint that we go to (and thus changing the path) might be a hacky fix, but our reliance on waypoints to begin with is the reason that we have such an issue to begin with.

It would be far more effective to give the bot a list of potential nodes and have it calculate a path using a random seed. This is essentially how a player would farm -- knowing where the nodes are and still flying close enough to all of them, but never taking the same path twice. Bonus points if it can calculate a 'rounded' path.

 

presumably someone has already done a test with a clean mac/ip/account bot doing a very, very long pattern which takes a very long time to complete the loop. if such can run successfully, then maybe just a matter of getting enough accounts to run it once, and understand that going to have to burn some time in-game making new patterns daily/whatever.

if clean accounts which literally haven't repeated a waypoint are banned, then other detection countermeasures such as node-count limitations, etc. have to be experiemented with.

also seems clear that getting clean macid/ip's when running lots of accounts is becoming mandatory, far too many single-IP bans of most/all accounts being reported.

 

Im looking into making GIGANTIC profiles that would finish 1 cycle after 3 hours of botting , LOLOL, but the profile itself is taking AGES to write/test, I want it flawless like all my other public/private profiles. Mainly it has to stay away from all villages or any spots with ppl hangen round so it can be used in conjunction with paranioa plugin and logmeout. Id like to go as far as writing a 5 hour profile but its goona take agessss. If these bans persist or if a new pathing precision like auto angler isnt implemented into GB2, Im gonna have to write a whole bunch for public and private

 

As a fellow Aussie let me know if you need any help with testing anything, i would be happy to test with my only farming account.

Cheers,

Old Fart

 

Based on the information in the article, this won't work either. Here's why...

1) Each player regardless of public or private profiles has their waypoint locations recorded and stored
-Pg 20- "In the first processing step of our approach, we reconstruct the route that the character took in the game world simply by connecting the coordinate dots that arrive at the server."

2) This system then creates a mapping of your unique personal/character waypoint history over time, doesn't matter if its 1 minute or 1 year, the waypoints stored are at some point processed and analyzed.
-Pg 20- "Then, we process the dots via the Douglas-Peucker line simplification algorithm...The simplification helps the waypoint extraction algorithm concentrate on areas where the dots accumulate because the character passed that point several times. The result is a route represented as an ordered sequence of dots as displayed in Figure 1a

3) Once your unique waypoint analysis establishes a pattern, the client then tracks the LCP (longest common prefix), or the longest set of waypoints which are repeated in order. i.e. how many waypoints did match in sequence prior to deviation from the path. Look at the graphs. Humans are <2 while bots are abviously >10+.

-So you make your 3hr profile, you run it once...ok no problem.
-You run it twice, we've got a match.
-You run it ten times, we've got a pattern and your unique waypoints have been recorded, analyzed, and your LCP is now being established as higher than a normal person...the bot alarm goes off once your LCP reaches a client set threshold, you get ported into a hut and your actions videotaped...lolz...for proof that your using 3rd party programs. of course, you didn't see that cause you weren't monitoring your bot.
They have all the proof they need at that point...just a matter of time before the next game sale comes and your banned.

Point is it doesn't matter if its a unique private profile or public profile, your coords are recorded server side, and they generate your unique waypoint path that they then use to establish a pattern of LCP, to detect botting.

 

The answer, the way to circumvent their LCP detection, is in the document itself...

Pg 24 - "As long as bots don?t replace their waypoint-oriented navigation with a different paradigm, we predict we can stay competitive in this arms race between bot programmers and game providers by continuously extending our method."

The "FIX"...

Option 1/Existing Profiles - Gatherbuddy needs to be redesigned to pick a random waypoint out of the waypoints, then fly directly there. Once there, pick another random waypoint, and fly there. This will result in a less efficient pathing, but you will not trip the LCP (Longest Common Prefix) detection which this article describes. What you'll effectively have is a bot that will stay within the circle or what ever shape your profiles x/y coordinate dictate.

Option 2/No Profiles - Gatherbuddy needs to simply ask what zone you want to farm in, and use the mesh to keep you within that zone while 'bouncing' in random directions from its edges. This way you never form a detectable path, since your not moving along a waypoint, and you'll never trip the LCP detection since they have no reliable 'path' do develop from your coords, and your not traveling along known coords.

No common waypoints to record, no way for this system as it exists to establish a common path, no actual path which to compare against established 'public path' waypoints, means no way to trip the LCP detection.

Problem solved...now developers lets see what we can do!

 

After re-reading the article in its entirety again, and this thread as well, its doubly apparent to me that no public or private farming profile (GB2 or Grindbot), AND no leveling profile such as Kick's can be ran without detection.

The client-system requires a path to compare/check your incoming coords against to establish a LCP (longest common prefix). With farmers, that path is developed by your own movements. If you randomize your waypoints by 30yrds, you'll still form a general path, your coordinates are still sent to the server, and after 10-20 cycles, even if you only do one(1) giant three-hour cycle per day, the client now has 10-20 coord/laps to overlay, and run their pathing algorithm on. Now they compare incoming coords against this established path, and start tracking the LCP. As it increases, the probability that your not human increases, once LCP increases past the threshold, the system sends a report and a GM starts an investigation.

With levelers, its not like farmers where a unique character path has to be established, they have an existing path developed from running/tracking/analyzing Kick's and other public profiles. They simply track your incoming coords and compare against the established path to track your LCP. I realize everyone gets the same quests, were all asked to find X# Items and kill X# mobs, but not everyone follows the exact same coords like a profile does. Possibly increase the threshhold for LCP for <lvl90 players to compensate for questing mechanics, but you still have the same results; Human players with low LCP in relation to Kicks profiles, and players with higher LCP in relation to Kicks, or other common lvling profiles. LCP threshold reached, automatically reported to GM for investigation.

Why don't all get banhammered?

Only Blizzard knows...but after reading this article, no reasonable person could argue that they DONT have the technology to detect botters, without scanning your RAM and risking privacy violations. Every one of our farming characters has been recorded, analyzed, and is on death row, waiting solely on the discretion of Blizz to drop the axe.

Everyone has observed the 'WoW on Sale' events that occur when the bans increase...nuf said.

 

This is already possible with gatherbuddy but again visually it looks very much like a bot because of the angles at which you turn. By changing the height as I recommended you would no longer hit the same points. I think this would be the easiest to automate from a development perspective. Also as I said in my post by changing the points you are changing the waypoints at which you're turning assuming that the profile has been created with a low enough precision on each point. Now another thing to remember is the sheer volume of data we're talking about with 8 million players. They would not be able to keep this information indefinitely.

 

i don't believe that Autoangler has been effected by this at this time, at least not by my experience. i have paid accounts so i am little fish compared to others that use HonorBuddy. i generally always use one account to bot while i actually play the other. on rare occasions i do bot both but that is very infrequent. the majority of my botting these days has been with Autoangler because it can be extremely lucrative with little effort and very very few issues. when i do fish i go to the "daily" mass pool area and sit there for 5-6 hours at a time. comes up with ~2k fish of the given type for the day. the reason this feels less risky to me is because there is little to no combat.. almost zero movement and in most cases more gold than herb or ore gathering ever has for me. when i do herb/mine i have 5 copies of an extremely long (every zone in Pandaria) profile that i have self modified to the waypoints are not exactly the same and in some cases drastically different. when i run these profiles each one takes 3-4 hours to complete one full circuit, gives me tons of herbs/ore. use that profile 2-5 times that week and then i leave that profile alone for a week per additional profile i have created. over the next week i use one of the other 4 i have... etc. you get the point. i have been doing this for the last 3 years give or take ( take a public massive profile that will take a long time to complete, edit it to make it unique to other profiles, then make 5-10 unique versions by changing waypoints manually and or reversing the waypoints entirely). in most cases it takes me over a month to come back to the same profile, which by that point i go in and re edit the waypoints again to make it unique to the version that i used the previous time.
on the other note. i do not actually sell gold that i have earned through these methods. i use it for legit purposes. the shadiest thing i do with it is trade gold for time card codes(through legit people, guildies mostly)
these are a few of the reasons i think i have been among the lucky enough to not get banned while not changing my normal botting habits.

And that is my 2c for the night. wish all the luck in the World of Warcraft in your botting adventures.

 

Since Q1, Blizz lost 1.3 million subscribers ..
Perhaps it's time to loosen the noose a bit on botters.

I'm not a gatherer. In fact, I use the bot only to be able to play one account and to level up on another at the same time, enhancing my (relatives-only) guild a bit without being dependent on "others" I need to keep an eye on if they're in my guild.

And I do know of many, many players doing the same. Not affecting "the economy" at all.
Frankly, I'm not such a big fan of gold sellers/buyers myself.

Blizz would lose me forever, and many players do feel the same, if they would start closing accounts for using questing bots only.

 

Nice article!!


Any dev here? Im waiting new methods to use GB again