Simulator game cheating behavior detection method, device and equipment and storage medium
By establishing a bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK in the emulator environment and using virtual devices as a communication bridge, the problem of detecting and combating cheating behaviors such as hacks in emulator games is solved, and a more powerful anti-cheat capability is achieved.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- SHENZHEN WANGYU COMPUTER NETWORK CO LTD
- Filing Date
- 2022-08-03
- Publication Date
- 2026-07-03
AI Technical Summary
Existing technologies are insufficient to effectively combat cheating methods, such as hacks, in the outer Windows environment of emulator games, which seriously jeopardizes game balance.
By establishing a communication bridge between the game's anti-cheat SDK and the Windows anti-cheat SDK in an emulator environment, and using virtual devices as a communication bridge, information exchange and detection of cheating behavior can be achieved.
It enables game developers to detect cheating behaviors such as hacks or cheat codes in the external Windows environment, providing stronger anti-cheat capabilities and effectively combating cheating methods in the external Windows environment.
Smart Images

Figure CN116983658B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of secure communication technology, and in particular to a method, apparatus, device, and storage medium for detecting cheating behavior in simulator games. Background Technology
[0002] With the rapid development of information technology, more and more computer systems can support mobile games through their built-in Windows Subsystem for Android (WSA) emulator, allowing players to play mobile games directly within the WSA emulator.
[0003] As players enjoy a better experience playing mobile games via emulators, the proportion of players using PC emulators to play mobile games is increasing. However, many malicious players use cheating methods such as viruses and plugins (.exe) on PC to tamper with or damage the game in order to win or make huge profits, seriously harming the game balance.
[0004] Generally speaking, mobile game protection solutions run within the mobile game environment of the emulator, while cheating methods such as hacks run on the outer Windows system. This makes it difficult for mobile game protection solutions to directly combat cheating methods such as hacks in the outer Windows environment when the game spans multiple spaces. As a result, combating PC-side hacks in emulator-based games becomes extremely difficult. Summary of the Invention
[0005] This application provides a method, apparatus, device, and storage medium for detecting cheating behavior in emulator-type games. It establishes a bridge communication between a game anti-cheat SDK and a Windows anti-cheat SDK through first and second content shared on a virtual device. This connects the interaction capabilities of the game anti-cheat SDK and the Windows anti-cheat SDK in the emulator environment. This allows the game developer to detect or perceive whether cheating behaviors such as hacks exist in the external Windows environment based on the bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK. Thus, a mobile game protection scheme can be used to combat cheating methods such as hacks in the external Windows environment through this bridge communication.
[0006] This application provides a method for detecting cheating behavior in simulator games, including:
[0007] Receive access requests sent by the game anti-cheat development kit (SDK), wherein the access request carries at least the information to be transmitted;
[0008] The information to be transmitted is stored in a virtual device within the simulator and used as the primary content;
[0009] Notify the Windows Anti-Cheat Development Kit (SDK) of the operating system so that the Windows Anti-Cheat SDK can obtain the first content;
[0010] When the Windows anti-cheat SDK receives a second response based on the first response, the second response is stored in the virtual device in the emulator so that the game anti-cheat SDK can access the emulator and retrieve the second response when it discovers it.
[0011] When the game anti-cheat SDK obtains the second content, it establishes a bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK based on the second content.
[0012] This system detects cheating behavior in emulator-based games through a bridge communication mechanism between the game's anti-cheat SDK and the Windows anti-cheat SDK.
[0013] This application also provides a device for detecting cheating behavior in simulator games, including:
[0014] The acquisition unit is used to receive access requests sent by the game anti-cheat development kit (SDK), wherein the access request carries at least the information to be transmitted;
[0015] The processing unit is used to store the information to be transmitted into a virtual device in the simulator and use it as the first content;
[0016] The sending unit is used to notify the Windows anti-fraud development kit (SDK) of the operating system so that the Windows anti-fraud SDK can obtain the first content;
[0017] The processing unit is also configured to store the second content to a virtual device in the emulator when it receives the second content in response from the Windows anti-cheat SDK based on the first content, so that the game anti-cheat SDK can access the emulator and obtain the second content when it discovers the second content;
[0018] The processing unit is also used to establish a bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK based on the second content when the game anti-cheat SDK obtains the second content.
[0019] The processing unit is also used to detect cheating behavior in emulator-type games based on the bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK.
[0020] In one possible design, in another implementation of the embodiments of this application,
[0021] Specifically, the acquisition unit can be used to: receive access requests sent by the game anti-cheat development kit (SDK) via a communication protocol;
[0022] Specifically, the sending unit can be used to: notify the Windows anti-fraud SDK so that the Windows anti-fraud SDK can obtain the first content through the communication protocol;
[0023] Specifically, the processing unit can be used to: when it receives the second content in response to the Windows anti-cheat SDK based on the first content through the communication protocol, store the second content in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content through the communication protocol.
[0024] In one possible design, in another implementation of the embodiments of this application,
[0025] The acquisition unit can be specifically used to: receive access requests sent by the game anti-cheat SDK through a general string encryption transmission protocol, wherein the information to be transmitted carried in the access request is encrypted information to be transmitted through the general string encryption transmission protocol, and the general string encryption transmission protocol is a response protocol.
[0026] Specifically, the processing unit can be used to: store the encrypted information to be transmitted into a virtual device in the simulator, and use it as the first encrypted content;
[0027] Specifically, the sending unit can be used to: notify the Windows anti-fraud SDK so that the Windows anti-fraud SDK can obtain the first encrypted content through the encryption transmission protocol of the common string;
[0028] Specifically, the processing unit can be used to: when it receives a second encrypted content from the Windows anti-cheat SDK based on the first encrypted content via a common string encryption transmission protocol, store the second encrypted content in a virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second encrypted content, it can obtain the second encrypted content via the common string encryption transmission protocol.
[0029] In one possible design, in another implementation of the embodiments of this application,
[0030] Specifically, the acquisition unit can be used to: receive access requests sent by the game anti-cheat development kit (SDK) via the Netlink socket communication mechanism;
[0031] Specifically, the sending unit can be used to: notify the Windows anti-fraud SDK so that the Windows anti-fraud SDK can obtain the first content through the Netlink communication mechanism;
[0032] Specifically, the processing unit can be used to: when it receives the second content replied by the Windows anti-cheat SDK based on the first content through the Netlink communication mechanism, store the second content in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content through the Netlink communication mechanism.
[0033] In one possible design, in another implementation of the embodiments of this application, the acquisition unit may specifically be used for:
[0034] Determine the default IP address corresponding to the emulator based on the emulator type;
[0035] Based on the default IP address, establish a port number socket communication connection between the emulator and the game anti-cheat SDK, and establish a socket communication connection between the emulator and the Windows anti-cheat SDK.
[0036] Receive access requests sent by the game anti-cheat development kit (SDK) via socket communication;
[0037] Specifically, the sending unit can be used to: notify the Windows anti-fraud SDK so that the Windows anti-fraud SDK can obtain the first content through socket communication;
[0038] Specifically, the processing unit can be used to: when receiving a second response from the Windows anti-cheat SDK based on the first content via socket communication, store the second content in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can retrieve the second content via socket communication.
[0039] In one possible design, in another implementation of the embodiments of this application, the acquisition unit may specifically be used for:
[0040] Parse the emulator's routing table information to obtain the target IP address corresponding to the emulator;
[0041] Based on the target IP address, establish a port number socket communication connection between the emulator and the game anti-cheat SDK, and establish a socket communication connection between the emulator and the Windows anti-cheat SDK.
[0042] Receive access requests sent by the game's anti-cheat SDK via socket communication;
[0043] Specifically, the sending unit can be used to: notify the Windows anti-fraud SDK so that the Windows anti-fraud SDK can obtain the first content through socket communication;
[0044] Specifically, the processing unit can be used to: when receiving a second response from the Windows anti-cheat SDK based on the first content via socket communication, store the second content in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can retrieve the second content via socket communication.
[0045] In one possible design, in another implementation of the embodiments of this application, the processing unit may specifically be used for:
[0046] The file handle of the virtual device is sent to the game anti-cheat SDK, so that the game anti-cheat SDK assembles the encrypted information to be transmitted into the first encrypted content through the encryption transmission protocol of the general string, and writes the first encrypted content into the virtual device based on the file handle.
[0047] In one possible design, in another implementation of the embodiments of this application, the sending unit may specifically be used for:
[0048] The emulator periodically accesses the virtual device. When it discovers the first encrypted content in the virtual device, it notifies the Windows anti-cheat SDK so that the Windows anti-cheat SDK can read the first encrypted content from the virtual device using a generic string encryption transmission protocol.
[0049] In one possible design, in another implementation of the embodiments of this application, the acquisition unit may specifically be used for:
[0050] The game's runtime environment is detected. When the game's runtime environment is an emulator environment, the emulator receives access requests sent by the game's anti-cheat SDK.
[0051] This application also provides a computer device, including: a memory, a processor, and a bus system;
[0052] The memory is used to store programs;
[0053] The processor implements the methods described above when executing a program in memory;
[0054] Bus systems are used to connect memory and processor to enable communication between them.
[0055] Another aspect of this application provides a computer-readable storage medium storing instructions that, when executed on a computer, cause the computer to perform the methods described above.
[0056] As can be seen from the above technical solutions, the embodiments of this application have the following beneficial effects:
[0057] By receiving an access request carrying information to be transmitted from the game anti-cheat SDK, the system stores the information to be transmitted in a virtual device in the emulator as the first content, and notifies the Windows anti-cheat SDK so that the Windows anti-cheat SDK can obtain the first content. When the system receives a second content reply from the Windows anti-cheat SDK based on the first content, it stores the second content in the virtual device in the emulator so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content. When the game anti-cheat SDK obtains the second content, it can establish a bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK based on the second content. Then, it can detect cheating behavior in emulator-type games based on the bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK. The above method allows virtual devices to act as a bridge between the game's anti-cheat SDK and the Windows anti-cheat SDK. By accessing and obtaining shared first and second content on the virtual device, a bridge communication is established between the game's anti-cheat SDK and the Windows anti-cheat SDK. This connects the interaction capabilities of the game's anti-cheat SDK and the Windows anti-cheat SDK in the emulator environment. Subsequently, based on the bridge communication between the game's anti-cheat SDK and the Windows anti-cheat SDK, the game developer can detect or perceive whether there are cheating behaviors such as hacks in the external Windows environment. Thus, mobile game protection solutions can use this bridge communication to combat cheating methods such as hacks in the external Windows environment. Attached Figure Description
[0058] Figure 1 This is a schematic diagram of the architecture of the game data control system in an embodiment of this application;
[0059] Figure 2 This is a flowchart of one embodiment of the method for detecting cheating behavior in simulator-type games in this application;
[0060] Figure 3 This is a flowchart of another embodiment of the method for detecting cheating behavior in simulator games in this application;
[0061] Figure 4 This is a flowchart of another embodiment of the method for detecting cheating behavior in simulator games in this application;
[0062] Figure 5 This is a flowchart of another embodiment of the method for detecting cheating behavior in simulator games in this application;
[0063] Figure 6This is a flowchart of another embodiment of the method for detecting cheating behavior in simulator games in this application;
[0064] Figure 7 This is a flowchart of another embodiment of the method for detecting cheating behavior in simulator games in this application;
[0065] Figure 8 This is a flowchart of another embodiment of the method for detecting cheating behavior in simulator games in this application;
[0066] Figure 9 This is a flowchart of another embodiment of the method for detecting cheating behavior in simulator games in this application;
[0067] Figure 10 This is a flowchart of another embodiment of the method for detecting cheating behavior in simulator games in this application;
[0068] Figure 11 This is a schematic diagram illustrating the principle of a method for detecting cheating behavior in simulator-type games in this application.
[0069] Figure 12 This is a schematic diagram of an simulator game interface for the simulator game cheating detection method in this application embodiment;
[0070] Figure 13 This is a schematic diagram of one embodiment of the cheating detection device for simulator-type games in this application.
[0071] Figure 14 This is a schematic diagram of one embodiment of the computer device described in this application. Detailed Implementation
[0072] This application provides a method, apparatus, device, and storage medium for detecting cheating behavior in emulator-type games. It establishes a bridge communication between a game anti-cheat SDK and a Windows anti-cheat SDK through first and second content shared on a virtual device. This connects the interaction capabilities of the game anti-cheat SDK and the Windows anti-cheat SDK in the emulator environment. This allows the game developer to detect or perceive whether cheating behaviors such as hacks exist in the external Windows environment based on the bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK. Thus, a mobile game protection scheme can be used to combat cheating methods such as hacks in the external Windows environment through this bridge communication.
[0073] The terms “first,” “second,” “third,” “fourth,” etc. (if present) in the specification, claims, and drawings of this application are used to distinguish similar objects and are not necessarily used to describe a particular order or sequence. It should be understood that such data can be interchanged where appropriate so that the embodiments of this application described herein can be implemented, for example, in orders other than those illustrated or described herein. Furthermore, the terms “comprising” and “corresponding to,” and any variations thereof, are intended to cover a non-exclusive inclusion; for example, a process, method, system, product, or apparatus that comprises a series of steps or units is not necessarily limited to those steps or units explicitly listed, but may include other steps or units not explicitly listed or inherent to such processes, methods, products, or apparatus.
[0074] To facilitate understanding, some terms or concepts involved in the embodiments of this application will be explained first.
[0075] 1. Bridge tunnel communication
[0076] Bridge communication refers to communication between operating systems based on communication bridges.
[0077] It is understood that in the specific implementation of this application, data such as information to be transmitted are involved. When the above embodiments of this application are applied to specific products or technologies, user permission or consent is required, and the collection, use and processing of related data must comply with the relevant laws, regulations and standards of the relevant countries and regions.
[0078] Understandably, the cheating detection method for emulator games disclosed in this application involves cloud technology, which will be further introduced below. Cloud technology refers to a hosting technology that unifies hardware, software, network, and other resources within a wide area network (WAN) or local area network (LAN) to achieve data computation, storage, processing, and sharing. Cloud technology is a general term for network technology, information technology, integration technology, management platform technology, and application technology applied based on the cloud computing business model. It can form resource pools, be used on demand, and is flexible and convenient. Cloud computing technology will become an important support. The backend services of technical network systems require a large amount of computing and storage resources, such as video websites, image websites, and many portal websites. With the rapid development and application of the Internet industry, every item may have its own identification mark in the future, all of which need to be transmitted to the backend system for logical processing. Data of different levels will be processed separately, and various industry data will all require strong system support, which can only be achieved through cloud computing.
[0079] Cloud computing is a computing model that distributes computing tasks across a resource pool composed of a large number of computers, enabling various application systems to access computing power, storage space, and information services as needed. The network providing these resources is called the "cloud." From the user's perspective, the resources in the "cloud" are infinitely scalable, readily available, on-demand, expandable, and pay-as-you-go.
[0080] As a provider of fundamental cloud computing capabilities, a cloud resource pool (referred to as a cloud platform, generally called an IaaS (Infrastructure as a Service) platform) is established. Various types of virtual resources are deployed in the resource pool for external customers to choose from. The cloud resource pool mainly includes: computing devices (virtualized machines containing operating systems), storage devices, and network devices.
[0081] Based on logical function, a PaaS (Platform as a Service) layer can be deployed on top of the IaaS (Infrastructure as a Service) layer, and a SaaS (Software as a Service) layer can be deployed on top of the PaaS layer. Alternatively, SaaS can be directly deployed on top of IaaS. PaaS is a platform for running software, such as databases and web containers. SaaS refers to various types of transaction software, such as web portals and bulk SMS senders. Generally speaking, SaaS and PaaS are upper layers compared to IaaS.
[0082] Secondly, cloud security refers to the collective term for security software, hardware, users, organizations, and security cloud platforms based on cloud computing business models. Cloud security integrates emerging technologies and concepts such as parallel processing, grid computing, and unknown virus behavior detection. Through a large network of clients, it monitors abnormal software behavior on the network, obtains the latest information on Trojans and malware on the Internet, sends it to the server for automatic analysis and processing, and then distributes solutions for viruses and Trojans to each client.
[0083] Secondly, cloud storage is a new concept that extends and develops from the concept of cloud computing. A distributed cloud storage system (hereinafter referred to as a storage system) refers to a storage system that uses cluster applications, grid technology and distributed storage file systems to bring together a large number of storage devices of various types (storage devices are also called storage nodes) in the network to work together and jointly provide data storage and transaction access functions to the outside world.
[0084] Currently, the storage method in storage systems is as follows: Logical volumes are created, and during creation, physical storage space is allocated to each logical volume. This physical storage space may consist of a single storage device or the disks of several storage devices. Clients store data on a logical volume, which means storing the data on the file system. The file system divides the data into many parts, each part being an object. Each object contains not only the data but also additional information such as a data identifier (ID, ID entity). The file system writes each object to the physical storage space of that logical volume and records the storage location information of each object. Therefore, when a client requests access to data, the file system can allow the client to access the data based on the storage location information of each object.
[0085] The process by which a storage system allocates physical storage space to a logical volume is as follows: the physical storage space is pre-divided into strips according to the capacity estimate of the objects stored in the logical volume (this estimate often has a large margin relative to the actual capacity of the objects to be stored) and the grouping of Redundant Array of Independent Disks (RAID). A logical volume can be understood as a strip, thus allocating physical storage space to the logical volume.
[0086] It should be understood that the cheating detection method for emulator games provided in this application can be applied to various scenarios, including but not limited to artificial intelligence, cloud technology, maps, and intelligent transportation. It is used to detect or combat cheating behavior on the Windows side by establishing a communication connection between the game side and the Windows side in the emulator environment, and can be applied to scenarios such as game live streaming, cloud gaming applications, and emulator-based online games.
[0087] To address the aforementioned issues, this application proposes a method for detecting cheating behavior in simulator-type games. This method is applied to... Figure 1 Please refer to the video data control system shown. Figure 1 , Figure 1 This is a schematic diagram of the architecture of a video data control system in an embodiment of this application, as shown below. Figure 1As shown, the server receives an access request carrying information to be transmitted from the game anti-cheat SDK, stores the information to be transmitted in a virtual device in the emulator as the first content, and notifies the Windows anti-cheat SDK on the terminal device so that the Windows anti-cheat SDK can obtain the first content. When it receives the second content from the Windows anti-cheat SDK based on the first content, it stores the second content in the virtual device in the emulator so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content. When the game anti-cheat SDK obtains the second content, it can establish a bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK based on the second content. Then, it can detect cheating behavior in emulator-type games based on the bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK. The above method allows virtual devices to act as a bridge between the game's anti-cheat SDK and the Windows anti-cheat SDK. By accessing and obtaining shared first and second content on the virtual device, a bridge communication is established between the game's anti-cheat SDK and the Windows anti-cheat SDK. This connects the interaction capabilities of the game's anti-cheat SDK and the Windows anti-cheat SDK in the emulator environment. Subsequently, based on the bridge communication between the game's anti-cheat SDK and the Windows anti-cheat SDK, the game developer can detect or perceive whether there are cheating behaviors such as hacks in the external Windows environment. Thus, mobile game protection solutions can use this bridge communication to combat cheating methods such as hacks in the external Windows environment.
[0088] Understandable Figure 1 Only one type of terminal device is shown in the diagram. In real-world scenarios, many more types of terminal devices can participate in the data processing. These include, but are not limited to, mobile phones, computers, smart voice interaction devices, smart home appliances, and in-vehicle terminals. The specific number and types depend on the actual scenario and are not limited here. Furthermore, Figure 1 The diagram shows one server, but in real-world scenarios, multiple servers can be involved, especially in scenarios involving multi-model training and interaction. The number of servers depends on the specific scenario and is not limited here.
[0089] It should be noted that in this embodiment, the server can be a standalone physical server, a server cluster or distributed system composed of multiple physical servers, or a cloud server providing basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, content delivery networks (CDNs), and big data and artificial intelligence platforms. Terminal devices and servers can be directly or indirectly connected via wired or wireless communication, and terminal devices and servers can be connected to form a blockchain network; this application does not impose any limitations on this.
[0090] Based on the above introduction, the following section will describe the method for detecting cheating behavior in simulator-type games in this application. Please refer to [link / reference]. Figure 2 One embodiment of the method for detecting cheating behavior in simulator-type games in this application includes:
[0091] In step S101, an access request sent by the game anti-cheat development kit (SDK) is received, wherein the access request carries at least information to be transmitted.
[0092] In this embodiment, when the game is running, the game anti-cheat development kit (SDK) can send an access request to the emulator, so that the emulator can receive the access request sent by the game anti-cheat development kit (SDK).
[0093] Specifically, the game anti-cheat development kit (SDK) can manifest as follows: Figure 11 The indicated mobile game security SDK or Android anti-cheat SDK is used for game security development, design, and storage of game security policies and game protection schemes. The access request must contain at least one piece of information to be transmitted, which is used to instruct the game anti-cheat SDK (such as...). Figure 11 The information that the mobile game security SDK or Android anti-cheat SDK needs to obtain, such as the detection results of cheating behavior by the Windows anti-cheat SDK, is required.
[0094] Specifically, such as Figure 12 As shown, when running a mobile game in an emulator on Windows, the game's anti-cheat SDK (such as...) Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) can initiate active access to the emulator, allowing the emulator to receive access requests sent by the game anti-cheat development kit SDK.
[0095] In step S102, the information to be transmitted is stored in the virtual device in the simulator and used as the first content;
[0096] In this embodiment, after obtaining the access request, the information to be transmitted carried in the access request can be stored in the virtual device in the emulator as the first content, so that the virtual device can be used as a communication bridge for data transmission. This allows the game anti-cheat SDK and the Windows anti-cheat SDK to be connected through the bridge and communicate securely and reliably, thereby better helping the game side detect and combat cheating behavior on the Windows side.
[0097] Among them, virtual devices are driver-based virtual devices provided by the emulator at the operating system level, serving as a bridge for communication between the game's anti-cheat SDK and Windows' anti-cheat SDK. The corresponding device file can be specifically represented as follows: Figure 11 The files shown are ` / dev / virtpipe-sec`, etc. The first content is the encrypted message to be transmitted, used to instruct the game's anti-cheat SDK (such as...). Figure 11 The information that the mobile game security SDK or Android anti-cheat SDK needs to obtain, such as the detection results of cheating behavior by the Windows anti-cheat SDK, is required.
[0098] Specifically, after the game anti-cheat development kit (SDK) sends an access request to the emulator, it can open the shared file of the virtual device in read-write mode and write the information to be transmitted, i.e., the information to be transmitted, into the shared memory of the virtual device, which is stored as the first content in the virtual device.
[0099] In step S103, the Windows anti-cheat development kit SDK is notified to enable the Windows anti-cheat SDK to obtain the first content;
[0100] In this embodiment, when the emulator discovers that the virtual device stores the first content, it can notify the Windows Anti-Cheat SDK of the operating system that the virtual device stores the first content. This allows the Windows Anti-Cheat SDK to obtain the first content, enabling the virtual device to be used as a communication bridge for data transmission. This allows the game anti-cheat SDK and the Windows anti-cheat SDK to be connected securely and reliably, thus better helping the game side detect and combat cheating behavior on the Windows side.
[0101] Specifically, the Windows Anti-Cheat Development Kit (SDK) can be manifested as follows: Figure 11 The Windows anti-cheat SDK shown is used for Windows security development, design, and storage of Windows security policies and Windows protection schemes.
[0102] Specifically, such as Figure 11 As shown, when the emulator detects the game's anti-cheat SDK (such as...) Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) has already written the first content (e.g., content A) into the shared memory of the virtual device. That is, when the emulator discovers that the first content is stored in the virtual device, it can trigger an active action to communicate with the Windows anti-cheat SDK (e.g., ...). Figure 11 The Windows anti-cheat SDK (as shown) knows that the first content has been written to the virtual device. Further, such as... Figure 11 As shown, Windows' anti-cheat SDK (such as...) Figure 11 The Windows anti-cheat SDK (as shown) can access the shared memory corresponding to the virtual device based on the received notification and read the first content from it.
[0103] In step S104, when the second content is received from the Windows anti-cheat SDK based on the first content, the second content is stored in the virtual device in the emulator so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content.
[0104] In this embodiment, when the Windows anti-cheat SDK generates second content based on the first content and replies the second content to the emulator, the emulator can receive the second content replied by the Windows anti-cheat SDK. Then, it stores the second content in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content. Subsequently, based on the second content, it can establish a bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK, opening up the interaction capability between the game anti-cheat SDK and the Windows anti-cheat SDK. This interaction capability can better help the game side detect and combat cheating behavior on the Windows side.
[0105] The first part, the encrypted response message, is used to instruct Windows' anti-cheat SDK (such as...). Figure 11 The response information generated by the Windows anti-cheat SDK (as shown) based on the information required by the game's anti-cheat SDK, such as the Windows anti-cheat SDK's detection result indicating that the cheating behavior is safe.
[0106] Specifically, such as Figure 11 As shown, when Windows' anti-cheat SDK (such as...) Figure 11 After the Windows anti-cheat SDK (as shown) reads the first piece of information (such as the detection results of cheating behavior by the Windows anti-cheat SDK), it can understand the game's anti-cheat SDK (such as...) based on the first piece of information. Figure 11 The system indicates the requirements for a mobile game security SDK or Android anti-cheat SDK. Then, a response can be generated based on these requirements for the game's anti-cheat SDK (such as...). Figure 11 The second content (such as content B) of the mobile game security SDK or Android anti-cheat SDK is written into the shared memory of the virtual device through a pre-agreed communication protocol data format (such as the data assembly format of a general string transmission protocol with encryption and authentication functions). This allows the game anti-cheat SDK to read the second content when it accesses the emulator and discovers it.
[0107] In step S105, when the game anti-cheat SDK obtains the second content, a bridge communication is established between the game anti-cheat SDK and the Windows anti-cheat SDK based on the second content.
[0108] In this embodiment, when the game anti-cheat SDK obtains the second content, it indicates that the interaction capability between the game anti-cheat SDK and the Windows anti-cheat SDK has been established. Therefore, based on the second content, a bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK can be established.
[0109] Specifically, game anti-cheat SDKs (such as...) Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) writes the first content to the virtual device, and also periodically accesses the content in the shared memory corresponding to the virtual device. When the second content is found in the virtual device, it can read and parse the second content to obtain information from the Windows anti-cheat SDK (such as...). Figure 11 Once the Windows anti-cheat SDK obtains the required information, it can be understood that a complete communication process is completed, namely, establishing a reliable bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK, so that subsequent secure communication between the game anti-cheat SDK and the Windows anti-cheat SDK can be maintained by periodically accessing the virtual device based on this bridge communication.
[0110] In step S106, cheating behavior in emulator-type games is detected based on the bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK.
[0111] Specifically, based on driver-based virtual devices, the shared memory provided by the virtual device file is used as a bridge for communication between the game's anti-cheat SDK and the Windows anti-cheat SDK. This bridge communication effectively connects the game's anti-cheat SDK and the Windows anti-cheat SDK while ensuring secure and reliable communication. Then, based on the bridge communication between the game's anti-cheat SDK and the Windows anti-cheat SDK, the game's protection scheme can provide the PC with powerful anti-cheating tools, security scanning, feature downloading, data reporting, and loading of dedicated point-to-point cheat detection scripts, among other security protections. This allows for better detection and countermeasures against cheating behavior in emulator-based games, and provides diverse, flexible, customizable, and easily upgradable anti-cheat capabilities.
[0112] In this embodiment, a method for detecting cheating behavior in emulator-type games is provided. This method uses a virtual device as a bridge between the game's anti-cheat SDK and the Windows anti-cheat SDK. By accessing and obtaining shared first and second content on the virtual device, a bridge communication is established between the game's anti-cheat SDK and the Windows anti-cheat SDK, connecting the interaction capabilities of the game's anti-cheat SDK and the Windows anti-cheat SDK in the emulator environment. This allows the game developer to detect or perceive whether cheating behaviors such as hacks exist in the external Windows environment based on the bridge communication between the game's anti-cheat SDK and the Windows anti-cheat SDK. Thus, a mobile game protection solution can be used to combat cheating methods such as hacks in the external Windows environment through this bridge communication.
[0113] Optionally, in the above Figure 2 Based on the corresponding embodiments, in another optional embodiment of the emulator game cheating detection method provided in this application, such as... Figure 3 As shown, step S101 receives an access request sent by the game anti-cheat development kit (SDK), including step S301; step S103 includes step S302; step S104 includes step S303.
[0114] In step S301, an access request sent by the game anti-cheat development kit (SDK) is received via a communication protocol;
[0115] In this embodiment, the communication protocol is used for secure data transmission between the game anti-cheat SDK and the Windows anti-cheat SDK. Specifically, it can be a general string transmission protocol with encryption and authentication functions, the Linux Netlink communication mechanism, or other protocols such as socket communication. No specific limitations are made here.
[0116] Specifically, such as Figure 12 As shown, when running a mobile game in an emulator on Windows, to prevent data loss or leakage due to malicious damage or network restrictions during data transmission, a game anti-cheat SDK (such as...) is used. Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) can initiate active access to the emulator through a communication protocol, so that the emulator can receive the access request sent by the game anti-cheat development kit SDK.
[0117] In step S302, the Windows anti-cheat SDK is notified so that the Windows anti-cheat SDK can obtain the first content through the communication protocol;
[0118] Specifically, after the game anti-cheat development kit (SDK) sends an access request to the emulator via the communication protocol, it can open the shared file of the virtual device in read-write mode and write the information to be transmitted, i.e., the information to be transmitted, into the shared memory of the virtual device via the communication protocol, i.e., store it in the virtual device as the first content.
[0119] Furthermore, such as Figure 11 As shown, when the emulator detects the game's anti-cheat SDK (such as...) Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) has already written the first content (e.g., content A) into the shared memory of the virtual device. That is, when the emulator discovers that the first content is stored in the virtual device, it can trigger active behavior and inform the Windows anti-cheat SDK (e.g., ...) through the communication protocol. Figure 11 The Windows anti-cheat SDK (as shown) knows that the first content has been written to the virtual device. Further, such as... Figure 11 As shown, Windows' anti-cheat SDK (such as...) Figure 11 The Windows anti-cheat SDK (as shown) can access the shared memory corresponding to the virtual device based on the received notification and read the first content from it through the communication protocol.
[0120] In step S303, when the second content is received from the Windows anti-cheat SDK based on the first content via the communication protocol, the second content is stored in the virtual device in the emulator so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content via the communication protocol.
[0121] Specifically, such as Figure 11 As shown, when Windows' anti-cheat SDK (such as...) Figure 11After the Windows anti-cheat SDK (as shown) reads the first content (such as the detection results of cheating behavior by the Windows anti-cheat SDK) through the communication protocol, it can understand the game's anti-cheat SDK (such as...) based on the first content. Figure 11 The system indicates the requirements for a mobile game security SDK or Android anti-cheat SDK. Then, a response can be generated based on these requirements for the game's anti-cheat SDK (such as...). Figure 11 The second content (such as content B) of the mobile game security SDK or Android anti-cheat SDK is written into the shared memory of the virtual device through a communication protocol and according to the agreed communication protocol data format. This allows the game anti-cheat SDK to read the second content when it accesses the emulator and discovers it.
[0122] Optionally, in the above Figure 3 Based on the corresponding embodiments, in another optional embodiment of the emulator game cheating detection method provided in this application, such as... Figure 4 As shown, step S301 receives an access request sent by the game anti-cheat development kit (SDK) via a communication protocol, including step S401; step S102 includes step S402; step S302 includes step S403; step S303 includes step S404.
[0123] In step S401, the access request sent by the game anti-cheat SDK is received through the encryption transmission protocol of the general string. The information to be transmitted carried in the access request is encrypted information to be transmitted by the encryption transmission protocol of the general string. The encryption transmission protocol of the general string is a response protocol.
[0124] Understandably, because virtual device files can be accessed and opened simultaneously by multiple processes (including the emulator itself, game anti-cheat SDKs, and Windows anti-cheat SDKs) during communication, the virtual device returns independent and unrelated file descriptors (fds) for access requests from different processes to ensure the integrity and validity of the communication data. The same fd will point to the same part of the file; this means that if two processes read and write the same part of the file simultaneously, the integrity and validity of the data may not be guaranteed. For example, game anti-cheat SDKs (such as...) Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) accesses a shared file (content C) in the virtual device corresponding to fd 15, hoping to read the Windows anti-cheat SDK (such as...) from it. Figure 11The Windows anti-cheat SDK (as shown) has already written the contents C of the virtual device. If the Windows anti-cheat SDK (such as...) is also... Figure 11 The Windows anti-cheat SDK (as shown) also accesses the shared file of the virtual device, intending to write new content D into it. If the emulator returns the same fd as 15 to the Windows anti-cheat SDK (such as...), Figure 11 The Windows anti-cheat SDK shown will cause the Windows anti-cheat SDK (such as...) to... Figure 11 The Windows anti-cheat SDK (as shown) rewrote content D into part of the previously written content C, causing the game's anti-cheat SDK (such as...) to... Figure 11 The mobile game security SDK or Android anti-cheat SDK shown might not read the complete content C as expected, but might read a part of content C and a part of content D, thus compromising the integrity and validity of the communication data.
[0125] Therefore, to ensure the integrity and validity of communication data, this embodiment is based on the bridge communication protocol of driver-based virtual devices, i.e., the encrypted transmission protocol of general strings, designed as follows: the protocol is designed as a response-based protocol, one response for each other. All protocols are provided by the game anti-cheat SDK (such as...). Figure 11 The request is initiated by the mobile game security SDK or Android anti-cheat SDK (as indicated), and then by the Windows anti-cheat SDK (such as...). Figure 11 The Windows anti-cheat SDK (as indicated) was used in the reply.
[0126] The protocol is designed as a general-purpose string transmission protocol with encryption and authentication functions; that is, a general-purpose string encryption transmission protocol. During communication, protocol data can be assembled and encrypted for transmission in the form of "key_1=value_1|key_2=value_2|…|key_n=value_n". For example, it can be initiated by the communication party, such as a game anti-cheat SDK (e.g., Figure 11 The assembly is handled by the mobile game security SDK or Android anti-cheat SDK (as indicated), and the message response party, such as the Windows anti-cheat SDK (e.g., ... Figure 11 The Windows anti-cheat SDK (as shown) is responsible for parsing protocol data and extracting the fields of interest. In addition to ensuring communication security through encryption, it can also achieve authentication through negotiated key values.
[0127] Furthermore, based on the protocol design and data format of the aforementioned general string encryption transmission protocol, access requests sent by the game anti-cheat SDK can be received.
[0128] In step S402, the encrypted information to be transmitted is stored in the virtual device in the simulator and used as the first encrypted content;
[0129] Specifically, after the game anti-cheat development kit (SDK) sends an access request to the emulator based on the protocol design and data format of the aforementioned general string encryption transmission protocol, it can open the shared file of the virtual device in read-write mode, assemble the information to be transmitted into the first content using the data format of the general string encryption transmission protocol, encrypt it to obtain the first encrypted content, and write it into the shared memory of the virtual device.
[0130] In step S403, the Windows anti-cheat SDK is notified to obtain the first encrypted content through the encryption transmission protocol of the common string.
[0131] Specifically, when the emulator detects the game's anti-cheat SDK (such as...) Figure 11 The first content (e.g., content A) already written to the shared memory of the virtual device by the mobile game security SDK or Android anti-cheat SDK (as shown) can trigger active behavior when the emulator discovers that the virtual device stores the first encrypted content. This can be done by informing the Windows anti-cheat SDK (e.g., via a common string encryption transmission protocol) through a general string encryption protocol. Figure 11 The Windows anti-cheat SDK (as shown) knows that the first content has been written to the virtual device. Further, such as... Figure 11 As shown, Windows' anti-cheat SDK (such as...) Figure 11 The Windows anti-cheat SDK (as shown) can access the shared memory corresponding to the virtual device based on the received notification, and read the first encrypted content from it through a common string encryption transmission protocol.
[0132] In step S404, when the second encrypted content is received from the Windows anti-cheat SDK based on the first encrypted content via the encryption transmission protocol of the common string, the second encrypted content is stored in the virtual device in the emulator so that when the game anti-cheat SDK accesses the emulator and discovers the second encrypted content, it can obtain the second encrypted content via the encryption transmission protocol of the common string.
[0133] Specifically, such as Figure 11 As shown, when Windows' anti-cheat SDK (such as...) Figure 11The Windows anti-cheat SDK (as shown) reads the first encrypted content (such as the detection results of cheating behavior from the Windows anti-cheat SDK) through a common string encryption transmission protocol. Then, it can parse the first encrypted content using a key, and based on the parsed content, understand the game's anti-cheat SDK (such as...). Figure 11 The system indicates the requirements for a mobile game security SDK or Android anti-cheat SDK. Then, a response can be generated based on these requirements for the game's anti-cheat SDK (such as...). Figure 11 The second content (such as content B) of the mobile game security SDK or Android anti-cheat SDK is assembled and encrypted using a data format of a general string encryption transmission protocol. Then, the encrypted second content is written to the shared memory of the virtual device, so that when the game anti-cheat SDK accesses the emulator and discovers the second encrypted content, it can read the second encrypted content through the general string encryption transmission protocol.
[0134] Optionally, in the above Figure 3 Based on the corresponding embodiments, in another optional embodiment of the emulator game cheating detection method provided in this application, such as... Figure 5 As shown, step S301 receives an access request sent by the game anti-cheat development kit (SDK) via a communication protocol, including step S501; step S302 includes step S502; step S303 includes step S503.
[0135] In step S501, an access request sent by the game anti-cheat development kit (SDK) is received through the Netlink socket communication mechanism;
[0136] In this embodiment, the Netlink socket communication mechanism is a communication method provided by Linux for communication between the kernel and user-space processes. Netlink can achieve full-duplex communication, so bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK can be established based on the full-duplex communication of the Netlink communication mechanism.
[0137] Specifically, such as Figure 12 As shown, when running a mobile game in an emulator on Windows, to prevent data loss or leakage due to malicious damage or network restrictions during data transmission, a game anti-cheat SDK (such as...) is used. Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) can initiate active access to the emulator through the Netlink communication mechanism, so that the emulator can receive the access request sent by the game anti-cheat development kit SDK.
[0138] In step S502, the Windows anti-cheating SDK is notified so that the Windows anti-cheating SDK can obtain the first content through the Netlink communication mechanism.
[0139] Specifically, after the game anti-cheat development kit (SDK) sends an access request to the emulator through the Netlink communication mechanism, it can open the shared file of the virtual device in read-write mode and write the information to be transmitted, i.e. the information to be transmitted, into the shared memory of the virtual device through the Netlink communication mechanism, i.e., store it in the virtual device as the first content.
[0140] Furthermore, such as Figure 11 As shown, when the emulator detects the game's anti-cheat SDK (such as...) Figure 11 The first content (e.g., content A) already written to the shared memory of the virtual device by the mobile game security SDK or Android anti-cheat SDK (as shown) can trigger active behavior when the emulator discovers that the first content is stored in the virtual device. This can be done by informing the Windows anti-cheat SDK (e.g., through the Netlink communication mechanism) via Netlink. Figure 11 The Windows anti-cheat SDK (as shown) knows that the first content has been written to the virtual device. Further, such as... Figure 11 As shown, Windows' anti-cheat SDK (such as...) Figure 11 The Windows anti-cheat SDK (as shown) can access the shared memory corresponding to the virtual device based on the received notification, and read the first content from it through the Netlink communication mechanism.
[0141] In step S503, when the second content is received from the Windows anti-cheat SDK based on the first content via the Netlink communication mechanism, the second content is stored in the virtual device in the emulator so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content via the Netlink communication mechanism.
[0142] Specifically, such as Figure 11 As shown, when Windows' anti-cheat SDK (such as...) Figure 11 After the Windows anti-cheat SDK (as shown) reads the first content (such as the detection results of cheating behavior by the Windows anti-cheat SDK) through the Netlink communication mechanism, it can understand the game's anti-cheat SDK (such as...) based on the first content. Figure 11 The system indicates the requirements for a mobile game security SDK or Android anti-cheat SDK. Then, a response can be generated based on these requirements for the game's anti-cheat SDK (such as...). Figure 11The second content (such as content B) of the mobile game security SDK or Android anti-cheat SDK is written to the shared memory of the virtual device through the Netlink communication mechanism according to the agreed Netlink communication mechanism data format. This allows the game anti-cheat SDK to read the second content when it accesses the emulator and discovers it through the Netlink communication mechanism.
[0143] Optionally, in the above Figure 3 Based on the corresponding embodiments, in another optional embodiment of the emulator game cheating detection method provided in this application, such as... Figure 6 As shown, step S301 receives an access request sent by the game anti-cheat development kit (SDK) via a communication protocol, including steps S601 to S603; step S302 includes step S604; step S303 includes step S605.
[0144] In step S601, the default IP address corresponding to the emulator is determined according to the emulator type;
[0145] In step S602, based on the default IP address, a port number socket communication connection is established between the emulator and the game anti-cheat SDK, and a socket communication connection is established between the emulator and the Windows anti-cheat SDK.
[0146] In step S603, an access request sent by the game anti-cheat development kit (SDK) is received via socket communication;
[0147] In this embodiment, the default IP address of the emulator can be determined according to the emulator type. Then, based on the default IP address, a port number socket communication connection can be established between the emulator and the game anti-cheat SDK, and a socket communication connection can be established between the emulator and the Windows anti-cheat SDK. Then, access requests sent by the game anti-cheat development kit SDK can be securely received through socket communication.
[0148] In this context, a socket refers to the exchange of data between two programs on a network through a bidirectional communication connection. One end of this connection is called a socket. It's understandable that establishing a network communication connection requires at least one pair of port numbers (sockets). Essentially, a socket is a programming interface (API), a wrapper around TCP / IP. TCP / IP also provides interfaces for programmers to use in network development; this is the Socket programming interface. For example, if HTTP can be understood as a car, providing the specific form of data encapsulation or display, then a socket is like the engine, providing the network communication capability.
[0149] Specifically, such as Figure 11 As shown, when the game runtime environment is detected to be an emulator runtime environment, the default IP address corresponding to the emulator can be determined based on the emulator type. Then, based on the default IP address, port number socket communication connections can be established between the emulator and the game anti-cheat SDK, and between the emulator and the Windows anti-cheat SDK. Furthermore, to prevent data loss or leakage due to malicious damage or network restrictions during data transmission, the game anti-cheat SDK (such as...) Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) can initiate active access to the emulator through socket communication, so that the emulator can receive the access request sent by the game anti-cheat development kit SDK.
[0150] In step S604, the Windows anti-cheating SDK is notified so that the Windows anti-cheating SDK can obtain the first content through socket communication;
[0151] Specifically, after the game anti-cheat development kit (SDK) sends an access request to the emulator via socket communication, it can open the shared file of the virtual device in read-write mode and write the information to be transmitted, i.e., the information to be transmitted, into the shared memory of the virtual device via socket communication, which is stored as the first content in the virtual device.
[0152] Furthermore, such as Figure 11 As shown, when the emulator detects the game's anti-cheat SDK (such as...) Figure 11 The first content (e.g., content A) already written to the shared memory of the virtual device by the mobile game security SDK or Android anti-cheat SDK (as shown) can trigger active behavior when the emulator discovers that the first content is stored in the virtual device. This can be done by informing the Windows anti-cheat SDK (e.g., ...) through socket communication. Figure 11The Windows anti-cheat SDK (as shown) knows that the first content has been written to the virtual device. Further, such as... Figure 11 As shown, Windows' anti-cheat SDK (such as...) Figure 11 The Windows anti-cheat SDK (as shown) can access the shared memory corresponding to the virtual device based on the received notification and read the first content from it through socket communication.
[0153] In step S605, when the second content is received from the Windows anti-cheat SDK based on the first content via socket communication, the second content is stored in the virtual device in the emulator so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content via socket communication.
[0154] Specifically, such as Figure 11 As shown, when Windows' anti-cheat SDK (such as...) Figure 11 After the Windows anti-cheat SDK (as shown) reads the first content (such as the detection results of cheating behavior by the Windows anti-cheat SDK) through socket communication, it can understand the game's anti-cheat SDK (such as...) based on the first content. Figure 11 The system indicates the requirements for a mobile game security SDK or Android anti-cheat SDK. Then, a response can be generated based on these requirements for the game's anti-cheat SDK (such as...). Figure 11 The second content (such as content B) of the mobile game security SDK or Android anti-cheat SDK is written to the shared memory of the virtual device through socket communication according to the agreed socket communication data format. This allows the game anti-cheat SDK to read the second content through socket communication when it accesses the emulator and discovers it.
[0155] Optionally, in the above Figure 3 Based on the corresponding embodiments, in another optional embodiment of the emulator game cheating detection method provided in this application, such as... Figure 7 As shown, step S301 receives an access request sent by the game anti-cheat development kit (SDK) via a communication protocol, including steps S701 to S703; step S302 includes step S704; step S303 includes step S705.
[0156] In step S701, the routing table information of the simulator is parsed to obtain the target IP address corresponding to the simulator;
[0157] In step S702, based on the target IP address, a port number socket communication connection is established between the emulator and the game anti-cheat SDK, and a socket communication connection is established between the emulator and the Windows anti-cheat SDK.
[0158] In step S703, an access request sent by the game anti-cheat SDK is received via socket communication;
[0159] In this embodiment, the target IP address corresponding to the emulator can be obtained by parsing the routing table information of the emulator. Then, based on the target IP address, a port number socket communication connection can be established between the emulator and the game anti-cheat SDK, and a socket communication connection can be established between the emulator and the Windows anti-cheat SDK. Then, the access request sent by the game anti-cheat development kit SDK can be securely received through socket communication.
[0160] The target IP address is the router's IP address. Specifically, you can obtain the router's IP address by entering a command in the run menu to view the emulator's routing table information, or you can view the gateway address. There are no specific restrictions here.
[0161] Specifically, such as Figure 11 As shown, when the game's runtime environment is detected to be an emulator, the emulator's routing table information can be parsed to obtain the target IP address corresponding to the emulator. Then, based on the target IP address, port number socket communication connections can be established between the emulator and the game's anti-cheat SDK, and between the emulator and the Windows anti-cheat SDK. Furthermore, to prevent data loss or leakage due to malicious damage or network restrictions during data transmission, the game's anti-cheat SDK (such as...) Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) can initiate active access to the emulator through socket communication, so that the emulator can receive the access request sent by the game anti-cheat development kit SDK.
[0162] In step S704, the Windows anti-cheating SDK is notified so that the Windows anti-cheating SDK can obtain the first content through socket communication;
[0163] Specifically, after the game anti-cheat development kit (SDK) sends an access request to the emulator via socket communication, it can open the shared file of the virtual device in read-write mode and write the information to be transmitted, i.e., the information to be transmitted, into the shared memory of the virtual device via socket communication, which is stored as the first content in the virtual device.
[0164] Furthermore, such as Figure 11 As shown, when the emulator detects the game's anti-cheat SDK (such as...) Figure 11 The first content (e.g., content A) already written to the shared memory of the virtual device by the mobile game security SDK or Android anti-cheat SDK (as shown) can trigger active behavior when the emulator discovers that the first content is stored in the virtual device. This can be done by informing the Windows anti-cheat SDK (e.g., ...) through socket communication. Figure 11 The Windows anti-cheat SDK (as shown) knows that the first content has been written to the virtual device. Further, such as... Figure 11 As shown, Windows' anti-cheat SDK (such as...) Figure 11 The Windows anti-cheat SDK (as shown) can access the shared memory corresponding to the virtual device based on the received notification and read the first content from it through socket communication.
[0165] In step S705, when the second content is received from the Windows anti-cheat SDK based on the first content via socket communication, the second content is stored in the virtual device in the emulator so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content via socket communication.
[0166] Specifically, such as Figure 11 As shown, when Windows' anti-cheat SDK (such as...) Figure 11 After the Windows anti-cheat SDK (as shown) reads the first content (such as the detection results of cheating behavior by the Windows anti-cheat SDK) through socket communication, it can understand the game's anti-cheat SDK (such as...) based on the first content. Figure 11 The system indicates the requirements for a mobile game security SDK or Android anti-cheat SDK. Then, a response can be generated based on these requirements for the game's anti-cheat SDK (such as...). Figure 11 The second content (such as content B) of the mobile game security SDK or Android anti-cheat SDK is written to the shared memory of the virtual device through socket communication according to the agreed socket communication data format. This allows the game anti-cheat SDK to read the second content through socket communication when it accesses the emulator and discovers it.
[0167] Optionally, in the above Figure 4 Based on the corresponding embodiments, in another optional embodiment of the emulator game cheating detection method provided in this application, such as... Figure 8As shown, step S402 stores the encrypted information to be transmitted into a virtual device in the simulator, and uses it as the first encrypted content, including:
[0168] In step S801, the file handle of the virtual device is sent to the game anti-cheat SDK so that the game anti-cheat SDK assembles the encrypted information to be transmitted into the first encrypted content through the encryption transmission protocol of the common string, and writes the first encrypted content into the virtual device based on the file handle.
[0169] In this embodiment, when a game anti-cheat SDK (such as...) is received... Figure 11 When the mobile game security SDK or Android anti-cheat SDK (as indicated) actively initiates an access request to the emulator, the emulator can send the file handle of the virtual device to the game anti-cheat SDK. This allows the game anti-cheat SDK to assemble the encrypted information to be transmitted into the first encrypted content using a common string encryption transmission protocol. Based on the file handle, the SDK can accurately index the location of the shared file on the virtual device and then write the first encrypted content to the virtual device more effectively and accurately.
[0170] In this context, a file handle can be understood as a pointer to a shared file in a virtual device, which can help the game anti-cheat SDK quickly and accurately index the location of the shared file in the virtual device.
[0171] Specifically, such as Figure 11 As shown, when receiving the game anti-cheat SDK (such as...) Figure 11 When the mobile game security SDK or Android anti-cheat SDK (as indicated) actively initiates an access request to the emulator, the emulator can send the file handle of the virtual device to the game anti-cheat SDK.
[0172] Furthermore, when the game's anti-cheat SDK (such as...) Figure 11 After successfully obtaining the file handle of the shared file of the virtual device (as indicated by the mobile game security SDK or Android anti-cheat SDK), the desired information, i.e. the encrypted information to be transmitted (such as the cheat detection result of the Windows anti-cheat SDK), is assembled into the first encrypted content (such as content A) according to the agreed communication protocol data format (such as the data assembly format of the general string transmission protocol with encryption and authentication functions). Then, the first encrypted content (such as content A) can be written into the shared memory corresponding to the virtual device file.
[0173] It is understandable that the Android emulator's operating system is based on the Android system, which is derived from the Linux system. It inherits many features of the Linux system, one of which is that all things or resources exist in the form of files, such as messages, shared memory, and connections.
[0174] Optionally, in the above Figure 4 Based on the corresponding embodiments, in another optional embodiment of the emulator game cheating detection method provided in this application, such as... Figure 9 As shown, step S403 notifies the Windows anti-cheating SDK to obtain the first encrypted content via a generic string encryption transmission protocol, including:
[0175] In step S901, the emulator periodically accesses the virtual device. When it discovers the first encrypted content in the virtual device, it notifies the Windows anti-cheating SDK so that the Windows anti-cheating SDK can read the first encrypted content from the virtual device through the encryption transmission protocol of the common string.
[0176] Specifically, such as Figure 11 As shown, the emulator continuously monitors the status of its virtual device and periodically accesses the content in the shared memory corresponding to the virtual device. When it detects the game's anti-cheat SDK (such as...) according to the agreed communication protocol data format (e.g., the data assembly format of a general string transmission protocol with encryption and authentication functions), it will detect the game's anti-cheat SDK (e.g.,...). Figure 11 After the mobile game security SDK or Android anti-cheat SDK (as indicated) has written the first encrypted content (such as content A) into the shared memory of the virtual device, it can trigger active behavior and communicate with the Windows anti-cheat SDK (such as...). Figure 11 The Windows anti-cheat SDK shown is understandable; it's the Windows anti-cheat SDK (such as...). Figure 11 The Windows anti-cheat SDK (as shown) can be integrated into the emulator. This can be understood as the emulator being able to execute specific interface function code to enable the Windows anti-cheat SDK (such as...). Figure 11 The Windows anti-cheat SDK (as shown) knows that the first encrypted content has been written to the virtual device (e.g., the emulator received a notification such as...). Figure 11 (The notification of communication data from the mobile game security SDK or Android anti-cheat SDK as shown).
[0177] Furthermore, Windows' anti-cheat SDK (such as...) Figure 11 The Windows anti-cheat SDK (as shown) can access the shared memory corresponding to the virtual device based on the notification and read the first encrypted content (such as content A). By parsing the first encrypted content (such as content A), it can understand the game's anti-cheat SDK (such as...). Figure 11 The system indicates the requirements for a mobile game security SDK or Android anti-cheat SDK. Then, a response can be generated based on these requirements for the game's anti-cheat SDK (such as...). Figure 11The second content (such as content B) of the mobile game security SDK or Android anti-cheat SDK is encrypted into a second encrypted content and written to the shared memory of the virtual device through a pre-agreed communication protocol data format (such as the data assembly format of a general string transmission protocol with encryption and authentication functions).
[0178] Optionally, in the above Figure 2 Based on the corresponding embodiments, in another optional embodiment of the emulator game cheating detection method provided in this application, such as... Figure 10 As shown, step S101 receives an access request sent by the game anti-cheat development kit (SDK), including:
[0179] In step S1001, the game running environment is detected. When the game running environment is an emulator environment, the emulator receives the access request sent by the game anti-cheat SDK.
[0180] Specifically, when the game is running, the game anti-cheat SDK (such as...) Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) can detect the current game runtime environment through x86 environment recognition technology combined with multi-feature matching methods. If the current game runtime environment is identified as an emulator environment, then... Figure 12 As shown, when running a mobile game in an emulator on Windows, the game's anti-cheat SDK (such as...) Figure 11 The mobile game security SDK or Android anti-cheat SDK shown will actively access the emulator and open the shared files of the virtual device in read-write mode. It is understandable that the game anti-cheat SDK (such as...) Figure 11 The mobile game security SDK or Android anti-cheat SDK (as shown) opens the shared file of the virtual device in read-write mode, which ensures that the game anti-cheat SDK can access and read the contents of the shared memory provided by the virtual device file. At the same time, the information to be transmitted, i.e. the information to be transmitted, can be written into the shared memory of the virtual device.
[0181] The following is a detailed description of the cheat detection device for simulator-type games in this application. Please refer to [link / reference]. Figure 13 , Figure 13 This is a schematic diagram of one embodiment of the emulator-type game cheating detection device in this application. The emulator-type game cheating detection device 20 includes:
[0182] The acquisition unit 201 is used to receive an access request sent by the game anti-cheat development kit SDK, wherein the access request carries at least information to be transmitted;
[0183] The processing unit 202 is used to store the information to be transmitted into a virtual device in the simulator and use it as the first content;
[0184] The sending unit 203 is used to notify the Windows anti-cheating development kit SDK of the operating system so that the Windows anti-cheating SDK can obtain the first content;
[0185] The processing unit 202 is also configured to store the second content in the virtual device in the emulator when it receives the second content replied by the Windows anti-cheat SDK based on the first content, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content;
[0186] The processing unit 202 is also used to establish a bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK based on the second content when the game anti-cheat SDK obtains the second content.
[0187] The processing unit 202 is also used to detect cheating behavior in emulator-type games based on the bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK.
[0188] Optionally, in the above Figure 13 Based on the corresponding embodiments, in another embodiment of the game data device provided in this application,
[0189] The acquisition unit 201 can be specifically used to: receive access requests sent by the game anti-cheat development kit (SDK) via a communication protocol;
[0190] The sending unit 203 can be specifically used to: notify the Windows anti-fraud SDK so that the Windows anti-fraud SDK can obtain the first content through the communication protocol;
[0191] The processing unit 202 can be specifically used to: when it receives the second content replied by the Windows anti-cheat SDK based on the first content through the communication protocol, store the second content in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content through the communication protocol.
[0192] Optionally, in the above Figure 13 Based on the corresponding embodiments, in another embodiment of the game data device provided in this application,
[0193] The acquisition unit 201 can be specifically used to: receive the access request sent by the game anti-cheat SDK through the encryption transmission protocol of the general string, wherein the information to be transmitted carried in the access request is the encrypted information to be transmitted obtained by the encryption transmission protocol of the general string, and the encryption transmission protocol of the general string is a response protocol.
[0194] The processing unit 202 can be specifically used to: store the encrypted information to be transmitted into a virtual device in the simulator, and use it as the first encrypted content;
[0195] The sending unit 203 can be specifically used to: notify the Windows anti-cheating SDK so that the Windows anti-cheating SDK can obtain the first encrypted content through the encryption transmission protocol of the common string;
[0196] The processing unit 203 can be specifically used to: when it receives the second encrypted content replied by the Windows anti-cheat SDK based on the first encrypted content through the encryption transmission protocol of the common string, store the second encrypted content to the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second encrypted content, it can obtain the second encrypted content through the encryption transmission protocol of the common string.
[0197] Optionally, in the above Figure 13 Based on the corresponding embodiments, in another embodiment of the game data device provided in this application,
[0198] The acquisition unit 201 can be specifically used to: receive access requests sent by the game anti-cheat development kit (SDK) through the socket Netlink communication mechanism;
[0199] The sending unit 203 can be specifically used to: notify the Windows anti-fraud SDK so that the Windows anti-fraud SDK can obtain the first content through the Netlink communication mechanism;
[0200] The processing unit 202 can be specifically used to: when it receives the second content replied by the Windows anti-cheat SDK based on the first content through the Netlink communication mechanism, store the second content in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content through the Netlink communication mechanism.
[0201] Optionally, in the above Figure 13 Based on the corresponding embodiments, in another embodiment of the game data device provided in this application, the acquisition unit 201 can specifically be used for:
[0202] Determine the default IP address corresponding to the emulator based on the emulator type;
[0203] Based on the default IP address, establish a port number socket communication connection between the emulator and the game anti-cheat SDK, and establish a socket communication connection between the emulator and the Windows anti-cheat SDK.
[0204] Receive access requests sent by the game anti-cheat development kit (SDK) via socket communication;
[0205] The sending unit 203 can be specifically used to: notify the Windows anti-fraud SDK so that the Windows anti-fraud SDK can obtain the first content through socket communication;
[0206] The processing unit 202 can be specifically used to: when receiving the second content replied by the Windows anti-cheat SDK based on the first content via socket communication, store the second content in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content via socket communication.
[0207] Optionally, in the above Figure 13 Based on the corresponding embodiments, in another embodiment of the game data device provided in this application, the acquisition unit 201 can specifically be used for:
[0208] Parse the emulator's routing table information to obtain the target IP address corresponding to the emulator;
[0209] Based on the target IP address, establish a port number socket communication connection between the emulator and the game anti-cheat SDK, and establish a socket communication connection between the emulator and the Windows anti-cheat SDK.
[0210] Receive access requests sent by the game's anti-cheat SDK via socket communication;
[0211] The sending unit 203 can be specifically used to: notify the Windows anti-fraud SDK so that the Windows anti-fraud SDK can obtain the first content through socket communication;
[0212] The processing unit 202 can be specifically used to: when receiving the second content replied by the Windows anti-cheat SDK based on the first content via socket communication, store the second content in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content via socket communication.
[0213] Optionally, in the above Figure 13 Based on the corresponding embodiments, in another embodiment of the game data device provided in this application, the processing unit 202 may specifically be used for:
[0214] The file handle of the virtual device is sent to the game anti-cheat SDK, so that the game anti-cheat SDK assembles the encrypted information to be transmitted into the first encrypted content through the encryption transmission protocol of the general string, and writes the first encrypted content into the virtual device based on the file handle.
[0215] Optionally, in the above Figure 13 Based on the corresponding embodiments, in another embodiment of the game data device provided in this application, the sending unit 203 can specifically be used for:
[0216] The emulator periodically accesses the virtual device. When it discovers the first encrypted content in the virtual device, it notifies the Windows anti-cheat SDK so that the Windows anti-cheat SDK can read the first encrypted content from the virtual device using a generic string encryption transmission protocol.
[0217] Optionally, in the above Figure 13 Based on the corresponding embodiments, in another embodiment of the game data device provided in this application, the acquisition unit 201 can specifically be used for:
[0218] The game's runtime environment is detected. When the game's runtime environment is an emulator environment, the emulator receives access requests sent by the game's anti-cheat SDK.
[0219] This application also provides a schematic diagram of another computer device, such as... Figure 14 As shown, Figure 14 This is a schematic diagram of a computer device structure provided in an embodiment of this application. The computer device 300 can vary significantly due to different configurations or performance. It may include one or more central processing units (CPUs) 310 (e.g., one or more processors) and a memory 320, and one or more storage media 330 (e.g., one or more mass storage devices) for storing application programs 331 or data 332. The memory 320 and storage media 330 can be temporary or persistent storage. The program stored in the storage media 330 may include one or more modules (not shown in the diagram), each module including a series of instruction operations on the computer device 300. Furthermore, the CPU 310 may be configured to communicate with the storage media 330 and execute the series of instruction operations in the storage media 330 on the computer device 300.
[0220] Computer device 300 may also include one or more power supplies 340, one or more wired or wireless network interfaces 350, one or more input / output interfaces 360, and / or one or more operating systems 333, such as Windows Server. TMMac OS X TM Unix TM Linux TM FreeBSD TM etc.
[0221] The aforementioned computer device 300 is also used to perform, for example Figures 2 to 10 The steps in the corresponding embodiments.
[0222] Another aspect of this application provides a computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, implements... Figures 2 to 10 The steps in the method described in the illustrated embodiment.
[0223] Another aspect of this application provides a computer program product comprising a computer program, which, when executed by a processor, implements as follows: Figures 2 to 10 The steps in the method described in the illustrated embodiment.
[0224] Those skilled in the art will clearly understand that, for the sake of convenience and brevity, the specific working processes of the systems, devices, and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here.
[0225] In the several embodiments provided in this application, it should be understood that the disclosed systems, apparatuses, and methods can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative; for instance, the division of units is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection between apparatuses or units through some interfaces, and may be electrical, mechanical, or other forms.
[0226] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.
[0227] Furthermore, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit. The integrated unit can be implemented in hardware or as a software functional unit.
[0228] If the integrated unit is implemented as a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, or all or part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of this application. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.
Claims
1. A method for detecting cheating behavior in simulator games, characterized in that, include: Receive an access request sent by the game anti-cheat development kit (SDK), wherein the access request carries at least information to be transmitted; The information to be transmitted is stored in a virtual device in the simulator and used as the first content; The Windows Anti-Cheat Development Kit (SDK) is notified to enable the Windows Anti-Cheat Development Kit (SDK) to obtain the first content. When the Windows Anti-Cheat SDK receives a second response based on the first content, the second content is stored in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second content, it can obtain the second content. When the game anti-cheat development kit SDK obtains the second content, it establishes a bridge communication between the game anti-cheat development kit SDK and the Windows anti-cheat development kit SDK based on the second content. The game anti-cheat SDK is used to detect cheating behavior in emulator-type games through bridge communication between the game anti-cheat SDK and the Windows anti-cheat SDK.
2. The method according to claim 1, characterized in that, The process of receiving access requests sent by the game anti-cheat development kit (SDK) includes: Receive access requests sent by the game anti-cheat development kit (SDK) via communication protocols; The notification to the Windows Anti-Cheat Development Kit (SDK) of the operating system, so that the Windows Anti-Cheat Development Kit (SDK) can obtain the first content, includes: The Windows Anti-Cheat Development Kit (SDK) is notified so that the Windows Anti-Cheat Development Kit (SDK) can obtain the first content through the communication protocol. When the Windows Anti-Cheat SDK receives a second response based on the first content, the second content is stored in the virtual device of the emulator. This allows the Anti-Cheat SDK to access the emulator and retrieve the second content, including: When the second content is received from the Windows Anti-Cheat Development Kit SDK based on the first content via the communication protocol, the second content is stored in the virtual device in the emulator, so that when the game anti-cheat development kit SDK accesses the emulator and discovers the second content, it can obtain the second content via the communication protocol.
3. The method according to claim 2, characterized in that, The step of receiving the access request sent by the game anti-cheat development kit (SDK) via the communication protocol includes: The access request sent by the game anti-cheat development kit SDK is received through a general string encryption transmission protocol, wherein the information to be transmitted carried in the access request is encrypted information to be transmitted by the general string encryption transmission protocol, and the general string encryption transmission protocol is a response protocol. The step of storing the information to be transmitted in a virtual device in the simulator and using it as the first content includes: The encrypted information to be transmitted is stored in the virtual device in the simulator and used as the first encrypted content; The notification to the Windows Anti-Cheat Development Kit (SDK) to enable the Windows Anti-Cheat Development Kit (SDK) to obtain the first content via the communication protocol includes: The Windows Anti-Cheat Development Kit (SDK) is notified to obtain the first encrypted content via the encrypted transmission protocol of the generic string. When the second content is received from the Windows Anti-Cheat Development Kit SDK based on the first content via the communication protocol, the second content is stored in the virtual device in the emulator, so that when the game anti-cheat development kit SDK accesses the emulator and discovers the second content, it obtains the second content via the communication protocol, including: When the Windows Anti-Cheat SDK receives the second encrypted content in response to the first encrypted content via the encryption transmission protocol of the common string, the second encrypted content is stored in the virtual device in the emulator, so that when the game anti-cheat SDK accesses the emulator and discovers the second encrypted content, it can obtain the second encrypted content via the encryption transmission protocol of the common string.
4. The method according to claim 2, characterized in that, The step of receiving the access request sent by the game anti-cheat development kit (SDK) via the communication protocol includes: Receive access requests sent by the game anti-cheat development kit SDK through the Netlink socket communication mechanism; The notification to the Windows Anti-Cheat Development Kit (SDK) to enable the Windows Anti-Cheat Development Kit (SDK) to obtain the first content via the communication protocol includes: The Windows Anti-Cheat Development Kit (SDK) is notified so that the Windows Anti-Cheat Development Kit (SDK) can obtain the first content through the Netlink communication mechanism. When the second content is received from the Windows Anti-Cheat Development Kit SDK based on the first content via the communication protocol, the second content is stored in the virtual device in the emulator, so that when the game anti-cheat development kit SDK accesses the emulator and discovers the second content, it obtains the second content via the communication protocol, including: When the second content is received from the Windows Anti-Cheat Development Kit SDK based on the first content via the Netlink communication mechanism, the second content is stored in the virtual device in the emulator, so that when the game anti-cheat development kit SDK accesses the emulator and discovers the second content, it can obtain the second content through the Netlink communication mechanism.
5. The method according to claim 2, characterized in that, The step of receiving the access request sent by the game anti-cheat development kit (SDK) via the communication protocol includes: Determine the default IP address corresponding to the emulator based on the emulator type; Based on the default IP address, establish a port number socket communication connection between the emulator and the game anti-cheat development kit SDK, and establish a socket communication connection between the emulator and the Windows anti-cheat development kit SDK; The socket communication is used to receive access requests sent by the game anti-cheat development kit (SDK). The notification to the Windows Anti-Cheat Development Kit (SDK) to enable the Windows Anti-Cheat Development Kit (SDK) to obtain the first content via the communication protocol includes: The Windows Anti-Cheat Development Kit (SDK) is notified so that the Windows Anti-Cheat Development Kit (SDK) can obtain the first content through the socket communication; When the second content is received from the Windows Anti-Cheat Development Kit SDK based on the first content via the communication protocol, the second content is stored in the virtual device in the emulator, so that when the game anti-cheat development kit SDK accesses the emulator and discovers the second content, it obtains the second content via the communication protocol, including: When the second content is received from the Windows Anti-Cheat Development Kit SDK based on the first content via the socket communication, the second content is stored in the virtual device in the emulator, so that when the game anti-cheat development kit SDK accesses the emulator and discovers the second content, it can obtain the second content via the socket communication.
6. The method according to claim 2, characterized in that, The step of receiving the access request sent by the game anti-cheat development kit (SDK) via the communication protocol includes: Parse the routing table information of the simulator to obtain the target IP address corresponding to the simulator; Based on the target IP address, establish a port number socket communication connection between the emulator and the game anti-cheat development kit SDK, and establish a socket communication connection between the emulator and the Windows anti-cheat development kit SDK; The game anti-cheat development kit (SDK) is received via the socket communication. The notification to the Windows Anti-Cheat Development Kit (SDK) to enable the Windows Anti-Cheat Development Kit (SDK) to obtain the first content via the communication protocol includes: The Windows Anti-Cheat Development Kit (SDK) is notified so that the Windows Anti-Cheat Development Kit (SDK) can obtain the first content through the socket communication; When the second content is received from the Windows Anti-Cheat Development Kit SDK based on the first content via the communication protocol, the second content is stored in the virtual device in the emulator, so that when the game anti-cheat development kit SDK accesses the emulator and discovers the second content, it obtains the second content via the communication protocol, including: When the second content is received from the Windows Anti-Cheat Development Kit SDK based on the first content via the socket communication, the second content is stored in the virtual device in the emulator, so that when the game anti-cheat development kit SDK accesses the emulator and discovers the second content, it can obtain the second content via the socket communication.
7. The method according to claim 3, characterized in that, The step of storing the encrypted information to be transmitted into the virtual device in the simulator and using it as the first encrypted content includes: The file handle of the virtual device is sent to the game anti-cheat development kit (SDK), so that the game anti-cheat development kit (SDK) assembles the encrypted information to be transmitted into the first encrypted content through the encryption transmission protocol of the general string, and writes the first encrypted content into the virtual device based on the file handle.
8. The method according to claim 3, characterized in that, The notification to the Windows Anti-Cheat Development Kit (SDK) to enable the Windows Anti-Cheat Development Kit (SDK) to obtain the first encrypted content via the encrypted transmission protocol of the generic string includes: The emulator periodically accesses the virtual device. When it discovers the first encrypted content in the virtual device, it notifies the Windows Anti-Cheat Development Kit (SDK) so that the Windows Anti-Cheat Development Kit (SDK) can read the first encrypted content from the virtual device using the encryption transmission protocol of the generic string.
9. The method according to claim 1, characterized in that, The process of receiving access requests sent by the game anti-cheat development kit (SDK) includes: The game runtime environment is detected. When the game runtime environment is an emulator environment, the emulator receives the access request sent by the game anti-cheat development kit (SDK).
10. A device for detecting cheating behavior in simulator games, characterized in that, include: The acquisition unit is used to receive an access request sent by the game anti-cheat development kit (SDK), wherein the access request carries at least information to be transmitted. A processing unit is used to store the information to be transmitted into a virtual device in the simulator and use it as the first content; The sending unit is used to notify the Windows Anti-Cheat Development Kit (SDK) of the operating system so that the Windows Anti-Cheat Development Kit (SDK) can obtain the first content; The processing unit is further configured to, when receiving the second content replied by the Windows anti-cheat development kit SDK based on the first content, store the second content in the virtual device in the emulator, so that when the game anti-cheat development kit SDK accesses the emulator and discovers the second content, it can obtain the second content; The processing unit is further configured to, when the game anti-cheat development kit SDK obtains the second content, establish a bridge communication between the game anti-cheat development kit SDK and the Windows anti-cheat development kit SDK based on the second content; The processing unit is also used to detect cheating behavior in the emulator-type game based on the bridge communication between the game anti-cheat development kit SDK and the Windows anti-cheat development kit SDK.
11. A computer device comprising a memory, a processor, and a bus system, wherein the memory stores a computer program, characterized in that, When the processor executes the computer program, it implements the steps of the method according to any one of claims 1 to 9; The bus system is used to connect the memory and the processor to enable communication between the memory and the processor.
12. A computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 9.
13. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 9.