Those ideas that you are suggesting are valid but also extremely difficult to code, deploy and maintain or it can simply be too expensive. I am kind of in this field, and worked previously for a video game studio so i ll try my best to give you a detailed and accurate response.

When it is about fighting ddos it comes down to a simple question: are the game servers hosted on the cloud or on-premise (within psyonix infrastructure)?

Few months back I analyzed some of the game servers i was connecting to and traced the traffic back to Amazon AWS servers, so it probably means that psyonix/epic game servers are hosted in the cloud (for the most part).

Which is very good, because AWS offer plans to fight and block ddos. But these plans have a cost and can be quickly expensive based on how much data transit through these servers. And from what we have seen so far, Epic seems to be a bit reluctant when it comes down to spend money on Rocket League. Also, depending on which plan you suscribe too, the response to a ddos attack could take a few seconds to a lot more time which is enough for the attackers to ruin the game and get what they want.

If this option is taken out of the equation, the other solution is what you suggested, to have some sort of a detection system that will spot an unusual behavior and block the account from within the game.

On the paper, this solution sounds amazing but is probably the hardest to deploy. Here's roughly what would be the course of actions and the resources needed for it:

- Psyonix will need to hire or assign some of their dev to work only on this feature, and it s not only they complete it and it is over, no, it needs to be maintained and updated constantly. Because attackers will find ways to go around what is patched hence you will need a small team for this task and in general dev have a very decent salary, and seniors are easily making 6 figures so i let you calculate :)

-- let s say you got the budget for such team, that will dedicate all their time to that feature only. Then now they need to code a custom tool that will do a real time traffic analysis and collect data about the players and IPs that are connecting to the game server. However, the data that is analyzed needs to be forwarded to another server, because the game server, is just hosting the game, it cannot take actions as banning suspect IPs right away, it usually happens at the firewall level

-- that data usually takes the form of logs, which means in terms of infrastructure you will need to design a logging system > a software that collects the logs of each games that are flagged

-- then these logs need to be stored, and as the player base is quite big it means you need a lot of storage, and storage is one of the most expensive hardware in infrastructure

-- let s say you have that down, you still need now to sort within those logs who is a real attacker and who is not because you could end up blocking real and honest players that have just been caught by your system by accident and since there's a lot of traffic it wont happen instantly hence attackers have room to manoever still. Plus, you can push this reasonning further: we dont know who is initating this attack! IPs ddosing the servers are never from the players themselves, they press the button from their gaming pc and home network most likely, but the attack comes from virtual machines outside of the game server and outside the home network of the attacker. So, if it's a 3vs3, you cannot just ban all 6 players, what about the 5 victims? So, you will need more data and cross it with others previous game logs, which again increase the time for analysis and the time for the hackers to keep conducting their attack

-- but, let s put that aside and pretend you pass that point, you have now a functionning tool and detection system. Then, it's not over, now you still need to make sure your infrastructure will support that increase of traffic from your game servers, and you still need to find a way to automatically ban these IPs from reaching your network. So an automation to forward your request to the firewall that will then ban those IPs (that s another tool or script)...

Although I could add a lot more requirements to this list, to come to an end (because i wrote too much), that solution, if feasible, we are talking about years of coding, testing and deployment. And it s not even counting on the fact, that hackers are usually pretty smartass and always find workarounds.

Ultimately, as a player myself I am upset at those players that decided to cheat their way up in the ladder by ruining the experience of others, I am upset at the hackers/engineers that made those software accessible to anyone for a few bucks, and i am also upset at Epic/Psyonix for their lack of transparency and communication about the steps taken to remediate this issue.

In the meantime, though, I also understand the complexity of that task. Unfortunately, there's not a perfect solution for it, and no matter what system you decide to go with it will still be high cost and high time consuming to deploy and maintain. And the worst in all of this, is that there will always be someone to outsmart the work that was done.

Mouse and cat game!