Riot laid out its plans for a new anti-cheat system, explaining its ins and outs, and how it will affect League of Legends, it’s upcoming first-person shooter Project A and other games in the future.
“Your favorite anti-cheat team has been forced to play this game [League] from the user-level, effectively giving cheaters a much-needed, twelve-stroke handicap,” Riot wrote in a blog post. “But as much as we might like the idea of an ever-escalating appsec war with teenagers, we’re now entering a multi-game universe where linear time and sleep deficits will make this particular strategy untenable.”
Riot is opting to use a so-called “kernel drive.” The kernel is a computer program at the core of a computer’s operating system with complete control over everything in the system. In other words, a kernel driver is the highest form of protection for any game, or software.
“In the last few years, cheat developers have started to leverage vulnerabilities or corrupt Windows’ signing verification to run their applications (or portions of them) at the kernel level,” Riot wrote. “The problem here arises from the fact that code executing in kernel-mode can hook the very system calls we would rely on to retrieve our data, modifying the results to appear legitimate in a way we might have difficulty detecting.”
At the moment, an abundance of cheats run at a higher privilege level than Riot’s current anti-cheat system. Specialized hardware has been used to read and process system memory, and when done perfectly, can be undetectable by Riot.
To counter this, Riot will be taking advantage of a kernel driver in the future. This should stop cheaters and help create a smoother environment for League, and particularly Project A.
Several third-party anti-cheat systems, such as EasyAntiCheat, Battleye, and Xigncode 3 each use a kernel driver to protect its games, and Riot will be following the trend.
“The purpose of this upgrade is to monitor system state for integrity (so we can trust our data) and to make it harder for cheaters to tamper with our games (so you can’t blame aimbots for personal failure),” Riot wrote. “It will be significantly harder to create undetected cheats: protecting you from aimbots, protecting us from Reddit, and protecting cheaters from themselves.”