Design of anti-brush command attack in online games
Online Games plug-in can repeatedly send some instructions, resulting in server CPU consumption or bandwidth consumption, such attacks called brush instructions.
The simplest is the chat broadcast. Do not need a special plug-in, just in the client-wide or regional shout,
The chat message is broadcast to all clients, consuming a lot of bandwidth.
Generally, it is necessary to prevent the screen chat by limiting the time interval of chatting or charging.
Other instructions also require such brush-proofing measures.
Anti-brush instructions should be made into a common mechanism to control all instructions, not just individual instructions.
By default, all instructions sent to the server by all clients are restricted.
The directive restriction function should be placed in the gateway and will not affect the game server.
But also requires the algorithm as simple as possible, can be quickly processed.
The simplest limiting method is to limit the interval time.
There must be a certain length of time between the instructions of the same class.
The same kind of instruction is the same as the instruction number.
For example, all chat instructions must be more than 500ms apart.
The instructions for the mobile attack class are frequent, and the time interval limit is not appropriate.
Because of the impact of network jitter, there may be more than one instruction being received centrally.
The average instruction number should be used to limit.
If the number of instructions in the 5s does not exceed 1000.
For restricted instructions, you can ignore them directly. You can also return a restricted instruction to the client.
The connection is disconnected for the client that is identified as a brush command attack.
Some directives can be cached until they are allowed to be forwarded to the game server. A similar instruction can only retain the last instruction.
(reprint please indicate the column from Jin Qing)