Statistical Grief and Cheat Detection

Server Ops,
I've been doing a bunch of research into data mining. I believe that with some effort a statistical behavior model can be developed that separates griefing and cheating players from the productive player base.

Some initial ideas I have are:

• Detecting abnormally high resource collection rates
• Detecting abnormal place/destroy rates
• Detecting abnormal time before first break
• Detecting abnormal block placement patterns (hidden chests, etc)
• Detecting abnormal time before first diamond pick
• Detecting abnormal player clustering behavior no the map
• Detecting abnormal server hopping behavior
• Detecting abnormal teleport behavior
• Detecting abnormal movement behavior within the proximity of an op
• Many more...

Once an abnormal player is detected that player could have world modification rights stripped until reinstated by an op or be temp/permabanned. Additionally, any changes made up to the point of detection could be automatically reversed.

But there is a catch. For data mining to work a massive corpus of data must be collected into a centralized database. Collecting this data would require installing a plugin that uploads a continuous trace of every block, movement, item, and chat event on your server to a central database for analysis. User names would be anonymized.

Would you be willing to provide the needed data from your server in exchange for access to a statistical degriefing system?

 

No. MCbans is intrusive enough for me, I'm not interested in sending stats to you when I can just use NoCheat, Vanish, LogBlock and a few other plugins + a grief client to moderate my server myself. I am both a admin and a griefer, and I see no need for this plugin, there's already ore trackers and NoCheat which stop most hacks.

I deal with xrayers simply by /vanish-ing, turning on xray on my client, tping to the person under suspicion, and either watching them via xray or searching block records with LogBlock (or using freecam if I need to stay away from them for some reason). Not perfect, but it has a extremely high accuracy rate, as I can detect hackers very easily.

Teleporting, flying, etc are monitored/blocked by NoCheat, and I set it up to send all NoCheat messages to staff members, so that they can manually warn players, and kick/ban them as needed.

 

Orebfuscator and you won't ever have to worry about someone Xray hacking again.

 

As much as this seems intrusive, it might be a good idea to get some statistics on players that we can compare against

My guess would be it would only WARN the staff of a server if someone is out side of the norm and how many standard deviations out side of the average

@battlekid why does this bother you so much, its not like it is sending out user names and ip addresses (even if it did, there isn't to do about that anyways)

@deltahat when a server sends the data you way want to have it not even send the user name or even a hashing of it as you really don't need it if the server keeps it on its end. Then have the master server send the averages and standard deviations out to all of the servers letting them figure out whether or not someone is outside of the norms.

 

That is until somebody uses your world seed to generate a SSP copy of your world and then Xray hack that for the coordinates.

@mindless728 the raw data collected would only be used to build a model. It would be up to server owners to determine what (if any) enforcement is correct for deviations from that model. Also, user names would only ever be hashed. There would be no way to turn the hash back into a user name.

 

i wouldn't imagine that you would even need the hashes of the player name as it should be the server running the plugin that keeps track of the information locally, I'm not being paranoid (hell i would be fine with sending the player names as i don't care all that much) I just don't see the use of the master server having that information

the other problem i just thought about is servers that try to increase these numbers by sending you fake statistics in order to make this system harder to be used, granted the more legit servers you have the less the impact these servers will have, just could be an issue

 

And That is what ChunkScrambler is for.

Frankly though, if someone goes through that much work to run two games side by side with the same seed, then they can have the diamonds then...

 

A few people on HF wrote xray code that generates the world and strips out the ores, then superimposes them on the current SMP world to provide a simple method to bypass Orebfuscator and the like. So yeah, you need to scramble chunk order to combat it, but both hiding the ore and scrambling the chunks aren't top priority on my list.

 

yeah, i don't see it as that hard for a client mod to patch into the generator and generate the chunks with the seeds then when in xray mode showing those ores instead of the server's

 

I think this is a really good idea, and could be really cool to see in the future

 

sign me up....

 

Sure, collect all the data you want from my server. nothing top secret about any mining habits we need to keep hidden from anyone..LOL

(and a bit off topic of the question but related to the thread)
'Intrusive' is perhaps the wrong term to use above. Since its voluntarily giving that info out. but really other than login/password info for users..what REALLY does a MC server have that's being 'violated' by giving that info out?

I mean what could they do with it in a harmful way? collect data about your users mining habits and spammail target them for the lowest price on pickaxes off a russian site?

as far as collecting chat, its a openly agreed upon connect to my server. all my users already know anything they send to my server, be it chat, links, etc is open to be done with as anyone wants. dont say things in a free to connect server, that anyone can connect to, if your worried about who might see it

 

There's a lot to worry about.

For one, usernames can be used for data mining, but they can also be used for darker purposes, like account cracking.

IPs might not seem like a big deal, but it's considered private information, and nobody wants someone sending their IPs off to a third party.

Chat has multiple issues. Private chat (/msg or the like) can contain secret or private information.

Logs in general contain things you wouldn't want in them, like your server's IP, and sometimes login information for web interfaces or the like.

Anyways, I just don't think posting chat logs is ever a good idea, no matter who you give them to. The only people that should see full logs is trusted server staff members.

 

@battlekid I understand your hesitation, but the system I propose would never collect user IPs, server IPs, or user names.

The server log is not sent to a centralized location for processing. A separate log (generated by a plugin) is sent and only pre-hashed player names are included. The inclusion of chat messages would be entirely up to the server owner.

 

And usernames arent totally accessible by just browsing around a server? or going on most servers websites, or pretty much anyplace that deals with MC. if you can point me to someway that submitting who plays on my server is more risky than someone just logging in and looking..Ill agree.

and IP's are not considered private information, people assume they are..but nothing makes it 'private', why its referred to as your 'public IP' . its publicly available at anytime that you connect to anything (assuming your not using a proxy). some people consider it private to them. but it doesn't make the concept on a whole private. I consider the color of socks I wear private information, doesn't mean people cant just look when I go outside then I can complain they are invading my privacy.

for chat, again, if you consider it private, thats your choice. but saying it private, and it being private are totally different.
Do not assume that since you did command /msg before typing, that makes a legal binding contract on its security and privacy. to send 'secret or private information' as you put it, via a chat in game is foolish. anyone doing so should know better. as your packets are traveling through the server to be relayed. its not a direct IP to IP connection the server is the middle man.
think of it as "I have a very private message to tell bob, I will find this random guy on the street, tell it to him and have him tell bob". its in no way private, your just ASSUMING said guy doesnt do anything with it. replace guy on street with server in rack..and you see how its not private, and to trust it to be so is the users fault, not the admins.

for the logs, I'll be happy to send you my entire log at anytime. there is nothing in it that isnt publicly available..my IP? its on our main page. my plugins? on our page, who plays on our server? again.. on our page.

again your making mountains out of molehills. you pointing out what you 'dont want to be seen' isnt the same as 'whats allowed to be seen'. Sure only trusted server admins should be the ones looking at the logs. but in reality anyone at anytime could be looking at it if its so wished. and the privacy of such is assumed, not a granted right.

Its not that I'm a "its my server, Ill do as I wish with it"...quite the opposite.
its my server, so I have a duty to warn everyone that they are sending data to it without any agreement on whats done with that data, and it can all be seen. being upfront with them, not giving them a false sense of security because someone said "dont worry I said its safe...so just trust me on that".
why I have on my site, before joining letting people know...ANYTHING you send to the server, isn't private, isn't secret, isn't covered by any NDA. so don't type things you wouldn't want people to know.
Im letting people know upfront "yea all thats stored in a file..I dont read it everyday, but its there..just letting you know"

Im really not trying to sound like a rant. Just pointing out the 'secrecy' that many MC users assume is there, is in reality not secret. its data freely sent to god knows whos server, some of which are just random people that figured out how to start the server jar file.. that wouldn't give one lick about someones 'privacy' anyway.
To imply and enforce secrecy on your server is respectable and well meaning. and I have a level of respect for you if you uphold it. but the majority of server admins (that Ive seen browsing servers, mostly the young kids that have a random server) wouldn't care who or what gets any of the info.
So people should assume the worst, and not send anything they would worry about to start with

 

Haha, I speak from personal experience when I talk about usernames, as I've cracked over 1300 of them, and many from lists leached from server log and map files. I consider myself greyhat, and thus I play on both sides of the game, so I don't like to provide people with lists of users .

Chat-wise, I personally don't think anyone but staff need to see what my users say, and I've never had a problem with this policy.

Messages... The only people seeing full log files are those who need it, thus my rule of staff-only. I've both seen and posted info in private chat that I wouldn't want people to see, such as passwords, private info, discussion on users, and other things. Now, I try to keep important info that I say to a minimum, but not everyone does.

IPs.. Well, there's a lot of things. I don't want people seeing commands typed, who promoted people, who has what IP (there ARE things you can do with a IP, no matter what you might think), etc. Sure, the info would only go to one person, but what happens if their security is compromised? What if logs leak? All of this info isn't extremely dangerous or anything, but are we all supposed to blindly trust that you won't leak it or use it for personal uses? I know I'm going a little off track here and acting a bit parinoid, but it's for good reason.

Tl;Dr: I don't feel comfortable with giving people access to my log files for the reasons stated above.

And yes, I've had plenty of people attempt to hack my server, DDoS me, etc, but this is different. It's not just me, it's hundreds, thousands, heck, for bigger servers, tens or even hundreds of thousands of names and IPs.

 

Im not saying you cant do things with usernames and IP. we all know you can.
I'm saying the argument 'i dont like the idea because its a risk' is a bit silly...as its information anyone can get without this plugin anyway. if anything, at least we know whos getting the data. on 99% of servers you have no idea if hes mailing off the IP's of his users to 500 people for random reasons.

hell you want playernames...go here
http://www.mcskinsearch.com/
tons and tons of them..just open to anyone that can point and read...its not really any 'privacy' to the names.

You taking the security of your server seriously is good. but I think we are the exception to the rule. probably 90% of the 'fly by night' servers is someone that managed to fumble a dowload of the vanilla server and start it. who knows what spyware/trojan/backdoor they have on their machine that could just mail the log file off to whoever wanted it anyway.

Was just stating that too many MC users just 'assume' whatever they do is private..when in reality is only private WHEN the admin wants it to be, at his discretion, with nothing stopping him from changing his mind on keeping it private.. not the other way around.
So for myself, and my users...the vast majority of us wouldn't mind it being collected.

 

Just get this simple plugin I made and the ore location is changed for the same seed.
http://forums.bukkit.org/threads/se...scator-to-prevent-x-ray-hacks-1-0-1-r1.48327/

Orebfuscator + ChunkScrambler = fully blocks X-ray.

(that is for ore mining, still doesnt work well enough for ravines, tunnels and people's houses...)