False positives with SMAC, and a question

[briankwlin]

Hey @Silenci0 ,

I'm running SMAC v0.8.7.1 on a 64-tick ~30-40 player server with the aimbot, autotrigger, eyetest, and spinhack modules in a purely logging form (aka, no kicks or bans). I've found that the spinhack module produces an incredibly high number of false positives, particularly when people have binds to toggle their sensitivity incredibly high. Just thought you'd like to know if you didn't know already. Would you happen to know if any other modules have the possibility of triggering false positives as well?

Also, a question: if we were to enable SMAC in a banning mode, would a ban occur on a single "suspicion"? In the logs we noticed that SMAC can trigger multiple suspicions or instances per module - is there some threshold that has to be met before SMAC is 100% sure someone is cheating and bans them accordingly? Or does it ban purely off a single instance/suspicion?

Lastly, for the autotrigger module, is there a way to select which cheats trigger bans? We would like for certain autotrigger cheats (auto-fire) to be an automatic ban, while bhop scripts (BunnyHop) is in a logging form.

Thanks for your time.

[Silenci0]

Hello @brian1999lin

I cannot guarantee that the SMAC modules are 100% free of false positives, so I cannot say there isn't a possibility of false positives with these modules, especially as various games receive updates that could, potentially, change something about the game that causes issues for detections in general. As far as the spinhack module, it does produce some false positives in terms of detection, but I do know it was made purely for detection purposes (it will not ban players detected) and was meant to be used in tandem with other modules, such as the aimbot module. It will most likely detect high sensitivity and scripts/binds that will cause a player to spin.

As far as the bans question, some modules will ban players upon detection, but some will ban based on a threshold (such as the aimbot module) where after a certain amount of detections, it will ban a player, if banning is enabled. Other modules will simply ban for detection. In most cases, it is best to use the logging mode only until you feel confident that the detections are legitimate before turning on the autoban features. For more details, see the wiki here: https://github.com/Silenci0/SMAC/wiki

In terms of the autotrigger module, it does not allow you to select which cheats trigger an autoban, so you cannot only ban for autofire and not bunny hopping at this time. I think this can be a consideration for a future update since some servers allow bunny hopping, though at this time I would suggest either leaving this plugin in log mode only or removing the module.

Silence

[briankwlin]

@Silenci0 Thanks a ton for the quick reply and thorough answers. As an aside, would you happen to know if SourceTV is working well with CS:GO? I want to turn on banning with SMAC AutoDemo but have read that it isn't working properly.

Cheers!

[Silenci0]

@brian1999lin Unfortunately, I am unsure if SourceTV works with CS:GO or not.

[caxanga334]

SourceTV ( GOTV ) works well in CS:GO.

[lunatixxx]

False positives tend to happens sometimes on the eyetest module this is why it is better to ban after verifying, but in the end it really depends of the game. But so far SMAC is much better than VAC at detecting cheaters there is no doubt about that.

Two examples of false positives on Left 4 Dead 2, these alerts appeared just after the player has switched team from infected to survivors when the second round just started. I don't use the compatibility mode as i don't have any plugin who could cause problems.

12/23/2019 - 22:03:16: [smac_eyetest.smx | 0.8.7.2] Player 1 (ID: STEAM_1:1:000000 | IP: 0000000) is suspected of cheating with their eye angles. Eye Angles: 301 113 0 Map: c8m5_rooftop | Origin: 5581 8445 5536 | Angles: 0 236 0 | Weapon: weapon_pistol | Team: 2 | Latency: 65ms

01/02/2020 - 06:53:52: [smac_eyetest.smx | 0.8.7.2] Player 2 (ID: STEAM_1:1:000000| IP: 0000000) is suspected of cheating with their eye angles. Eye Angles: 355 17 0 Map: c10m2_drainage | Origin: -10966 -9099 -591 | Angles: 0 13 0 | Weapon: weapon_pistol | Team: 2 | Latency: 122ms

Maybe creating a timer to delay to a few seconds the detection at begining of this round will fix the problem ?

[Silenci0]

@lunatixxx As far as the L4D2 false positives, I'm not so sure a timer will actually fix the problem. What it looks like to me, at a glance, is that the act of switching teams is causing this false positive somehow. Perhaps something about the infected eye angles versus the survivor's eye angle might be different and the switch between the two is causing this to occur.

In either case, I think this should be a separate issue from this one since it seems very specific to L4D2 and would be better suited for its own thread. I will create a new issue shortly for this and close this one. If the OP has anything further regarding this issue, feel free to post here again or create a new issue if its a different question or different bug that was found with SMAC. Thanks!

[Silenci0]

It should be, though I believe the old team fixed it. While I was testing the alt-tab bug for TF2 and CS:GO sometime last year, I also tested the Conga Taunt and I did not run into any issues or false positives with it on my test server.

I am assuming that since the Conga taunt works, the others should as well. However, if it or other taunts cause false positives, please let me know and open a new issue. Thanks!