IOBIAC | Anti-Exploit & Backdoor Shield

🛡️ IOBIAC — Universal Server-Side Anti-Cheat for Garry's Mod

IOBIAC is a server-authoritative anti-cheat built for the threats that actually take GMod servers down: RCE exploits, backdoors, admin-stealing privilege escalation, and net-flood DoS. It drops into any gamemode and starts protecting the moment your server boots — with zero risk of false-banning your real players.

This is not a re-skinned griefware menu. Every layer is purpose-built, runs on the server, and has been hardened against real leaked cheats (LOKI, Limon, afri, ExploitCity and more) — so it catches what they actually do, not theoretical threats.

🆚 Why IOBIAC Over Other Anti-Cheats

• ✅ Safe by default. Most anti-cheats earn their bad reputation by false-banning innocent players. IOBIAC is warn-only out of the box: it detects, scores and logs, but never auto-punishes anyone until you turn enforcement on yourself. You are always in control.
• 🧠 Server-authoritative, not client-trusting. Decisions are made on the server. A cheat that owns the client cannot simply claim it is clean — the layers that matter run where the attacker has no power.
• 🔄 It adapts to YOUR server. The auto-learning allow-set fingerprints your own legitimate network traffic and console commands. No giant whitelist to hand-maintain, and it works on any gamemode and addon set without configuration.
• 🪤 High-confidence traps others don't have. Honeypot channels and a challenge-response honeytoken (a planted secret that proves a cheat stole and reused it) give zero-false-positive, server-observed evidence — the kind of signal you can safely auto-ban on.
• 🛡️ It protects itself. Most anti-cheats can be silently disabled by a determined attacker. IOBIAC snapshots the engine before any addon loads, owns its network pipeline behind a self-reinstalling watchdog, and detects and restores attempts to disable or silence it.
• ⚡ Light on your server and your players. No per-frame scans, no per-entity traces. Negligible when idle, light in normal play, and never a tax on your players' FPS.
• 🚫 Not a backdoor. Many "free" anti-cheats are griefware or contain backdoors. IOBIAC is clean, audited, and built to defend your server — not compromise it.
• 🌍 One product, every platform and gamemode. Pure Lua, runs on Windows and Linux servers, on DarkRP, Helix, TTT, Sandbox and custom gamemodes. English and Russian included.

🎯 What It Protects Against

• 🔓 Exploits and backdoors. IOBIAC owns a single, watchdog-protected inbound network pipeline. Honeypot trap channels and the challenge-response honeytoken catch backdoor net channels the instant they fire.
• 👑 Privilege escalation. A metatable-level guard on rank changes stops a player promoting themselves or anyone else to admin or superadmin from untrusted code — while recognising every major admin mod (ULX, SAM, ServerGuard, FAdmin, DarkRP, Helix and more) so legitimate rank changes are never touched.
• 🌊 Net-flood and oversize DoS. Per-player rate limits and packet-size ceilings stop the floods and giant payloads that freeze a server.
• 🕵️ Unknown backdoor channels and console commands. The auto-learning allow-set flags any net channel or console command it has never seen a real player use.
• 🔎 Known cheats. A live signature engine catches cheat globals, console commands, fonts and leftover files, plus on-demand exploit-string discovery across the server's registered network strings.
• 🧬 Client tampering. Snapshot-before-load integrity baselining, server-driven randomised audits and a SHA-256 challenge-response heartbeat detect a client whose anti-cheat or standard library has been patched or silenced.

🔍 How It Detects Cheats

IOBIAC does not rely on a single trick. It layers independent detection methods and fuses them into a per-player threat score, so a cheat has to beat all of them at once.

• 🔗 Network pipeline ownership. IOBIAC becomes the single owner of all inbound network traffic. Every client-to-server message passes through it before reaching its handler, so backdoor channels, floods and oversize payloads are seen and judged in one place.
• 🪤 Honeypot bait channels. IOBIAC registers trap network channels that no legitimate client ever touches. The moment a cheat probes one, it is caught red-handed — a server-observed, high-confidence hit.
• 🎣 Honeytoken challenge-response. IOBIAC plants a random secret behind a bait channel. If a cheat exfiltrates that secret and sends it back, it has produced undeniable proof of compromise — a signal a legitimate player can never generate.
• 📚 Auto-learning allow-set anomaly. Instead of a hand-written whitelist, IOBIAC learns which channels and console commands your real players actually use, then flags anything new and unexplained. This catches novel backdoors no signature list could know about.
• 🧾 Signature engine. On the client it scans globals, console commands, fonts, files and UI controls for known cheat fingerprints; on the server it discovers suspicious exploit strings among the registered network names. The signature corpus is built from real leaked cheats and is regularly extended.
• 🧪 Integrity and tamper auditing. IOBIAC captures the clean standard library before any addon loads, then runs randomised server-driven audits that compare a client's live functions against that baseline. A patched net library, a hooked fire-bullets function, or a silenced anti-cheat shows up as drift.
• 💓 Continuous heartbeat. A SHA-256 challenge-response heartbeat means a client that strips or kills its anti-cheat goes visibly dark instead of quietly disappearing.
• 👑 Privilege-escalation guard. A metatable-level interception of rank changes catches self-promotion attempts that bypass the normal admin tools.
• 🧮 Multi-signal fusion. Each detection carries a weight and a confidence. Low-confidence noise stays advisory; corroborated, server-observed signals rise to the top of an admin review queue. This is what keeps the false-positive rate down while still catching real threats.

🔒 It Will Not Ban Your Players

This is the part most anti-cheats get wrong. IOBIAC is warn-only by default. Out of the box it detects, scores and logs, but nothing auto-kicks, auto-bans, drops a packet or strips a rank until you explicitly enable enforcement — after you have watched a clean run on your own server.

• ✔️ A false positive can never punish a legit player on its own.
• ✔️ You stay in the loop: alerts go to your admins with one-click Ban · Kick · Warn · Whitelist.
• ✔️ When you are ready, enforcement is opt-in and granular. Turn on only what you trust. High-confidence, server-observed signals such as honeypot hits and returned honeytokens can be promoted to auto-ban independently of everything else.

For server owners who have been burned by anti-cheats that banned innocent players, this is the headline feature: safety first, by design.

⚡ Performance & Optimization

IOBIAC is engineered for a single-threaded srcds reality and a real, busy DarkRP or Helix server. It does not run per-frame scans, per-entity traces, or anything that scales with your prop or entity count.

Measured cost on roughly 30 players at 66 tick:

| Scenario | Cost of server tick |

| 📊 Idle — nobody cheating (the 99% case) | under 0.1% |

| 📊 Normal gameplay — ~500 packets/sec | ~1–2% |

| 📊 Heavy network burst — ~1500 packets/sec | ~3–6% |

Key points:

• 🎮 Zero extra cost for normal play. Firing a weapon, spawning a prop, moving, or using an entity costs nothing extra by default — the behavioural movement detector is off out of the box.
• ⚙️ One tiny steady cost. The only constant is a per-inbound-packet check on the network pipeline, which is constant-time and allocation-free on the normal path.
• 🧱 Bounded memory. Every internal table is capped, and on-disk storage is indexed and auto-pruned. No unbounded growth and no leaks across map changes.
• 🖥️ Light client footprint. The client side runs an integrity check roughly every 30 seconds and a signature scan roughly every 45 seconds, never per frame. The on-screen alert layer instantly returns when there is nothing to draw, so non-admin players pay essentially nothing.
• 🩹 Degrades gracefully under load. Audits are sliced across frames, heartbeats are rate-capped, and detections are cooldown-limited, so a stressed server is never made worse by the anti-cheat.

In short: negligible when idle, light in normal play, and never a per-frame tax on your players.

🌐 Compatibility

• 🪟 🐧 Windows & Linux. Runs on both dedicated server platforms. Pure Lua, no native binaries, nothing platform-specific to install.
• 🧩 Any gamemode. DarkRP, Helix, TTT, Sandbox and custom gamemodes. Nothing is hard-wired to one framework.
• 🧠 Server-authoritative. Decisions are made on the server; it never trusts the client.
• 🤝 Plays nice with your admin mods. ULX & ULib, SAM, ServerGuard, Evolve, FAdmin, DarkRP, Helix and NutScript are all recognised.
• 🌍 Localization. English and Russian included.

⚙️ Installation — Drop-In, ~2 Minutes

1. Extract the addon folder into garrysmod/addons.
2. Restart your server or change the level.
3. Done. IOBIAC loads automatically from its single entry point — watch your server console for the load confirmation lines.

No database to set up, no external service, no client mod for your players to install. It works on the default configuration immediately, in safe warn-only mode, on Windows and Linux alike.

🔧 Configuration & Going Live

Everything is in one well-documented config file, and every threshold, interval and module has an inline comment.

Recommended rollout — safe by design:

1. Install and leave it on defaults. IOBIAC runs warn-only. Watch the detection log and admin panel through a few days of real traffic.
2. Review. Confirm your legitimate addons and admin tools are not being flagged. The allow-set learns your server's normal traffic automatically during this time.
3. Enable enforcement when you are confident. Flip the master enforcement gate, and the granular per-feature gates, to start actually kicking and banning. High-confidence server-observed signals can be promoted to auto-ban on their own.

You are always in control of how aggressive it is.

🧰 Admin Toolkit

• 🖥️ Live panel. Every connected player scored in real time, with their last detection and anti-cheat status, and one-click Ban, Kick, Warn and Whitelist.
• 📸 On-demand screenshot evidence. Request a suspect's screen; the capture is nonce-bound and validated so it cannot be spoofed. Proof before you act.
• 🌍 IP intelligence. Alt-account correlation, Steam family-share detection, and optional VPN or proxy lookups (off by default).
• 🚧 Quarantine. Drop a suspect into an observation mode without kicking them.
• 🗂️ Filterable detection log. Search by name, SteamID, category or date.
• 📈 Network and exploit analytics. Live inbound channel counters and on-demand exploit-string discovery.

🔑 Granular Permissions

Every IOBIAC function is a separate permission (panel, ban, kick, warn, whitelist, screenshot, quarantine, network analytics and more) that shows up in SAM and ULX, so you can delegate exactly what each rank is allowed to do. Give your moderators the panel and warnings without giving them bans.

🪖 Built to Survive a Real Attacker

A good anti-cheat has to protect itself. IOBIAC snapshots the engine before any other addon loads, so its baseline is the real, un-tampered standard library. It owns the inbound network pipeline behind a self-reinstalling watchdog that detects and restores its position if anything tries to replace or disable it. It detects state-level tampering — silently disabled detectors, swapped handler functions, or attempts to suppress its own reporting — and restores them. And it runs server-driven integrity audits plus a challenge-response heartbeat, so a client that strips its anti-cheat goes dark visibly, not silently.

📦 What You Get

• ✔️ The complete IOBIAC anti-cheat as a single drop-in addon.
• ✔️ One documented configuration file with safe defaults.
• ✔️ English and Russian language files.
• ✔️ Regular signature and corpus updates.

❓ Notes

• ℹ️ IOBIAC specialises in server-side threats: exploits, backdoors, RCE, privilege escalation, network abuse and client tampering. It is not a behavioural aimbot or ESP detector — it is the layer that keeps your server from being crashed, backdoored or taken over.
• ℹ️ It is safe to run alongside your existing admin mod and other addons.
• ℹ️ Built and hardened against real, leaked cheats, not theoretical ones.
• ℹ️ Runs on both Windows and Linux dedicated servers.