It depends on what kind of cheat you’re trying to detect, and how obvious it is from the information you have. Using an infinite money hack is a lot easier to detect than someone using a second computer and an engine to cheat at chess. The first one can catch you just from your money amount and a log of what you’ve done, but with something like chess it’s a lot harder, you have to look at how the player normally plays, compare that to the moves computers would make, and then decide how likely it is the player would have made that move without help. Any single move, it’s impossible to tell just from the move made, so you need statistics and sometimes expert human players.

Often a game developer will look at what methods of cheating are most popular, and specifically target something about that method of cheating.

Via malware generally. Technically speaking, anti-cheat software is extremely intrusive onto your system and sometimes even demands kernel access. Genshin Impact is an example of this.

It uses this higher access to detect what other software is running on your system at the same time. Basically, it’s like a helicopter, getting a higher vantage point to look down on your pc.

You should check into anti cheat software you use because hackers have been known to access your computer through it. Specifically the kernel level software because that level of access is beyond many security programs.

it depends on the implementation of the software and the sort of cheating its trying ot stamp out.

the most direct form of anti cheat is having your game have the server as the final and only authority to anthenticate changes in game state. this means that if the clients attempt to send bad data to the server the server will know there is fckery and will refuse the data(and remvoe the client from the network)

the issue is that often server netcode isnt designed like this because this force the server to effectively run the game fully on their end which is expensive hardware wise(and VERY laggy for slower systems).

hence games often go the other route where they have a local program running on the clients that checks in with a central server, this client will essentialy check the application’s memory space for any tampering(ie: hex editors like cheat engine) and terminate the connectino if somethnig is detected.Most anti cheat solution do some variation of this.

this has the upside of being computationally cheaper on both the clients and the serve r and it lowers the overhead of communicating with the server and reciving data(as the server only has to send and receive data related ot the game state, instead of sending everything).

the problem is that this sort of anticheat often requires priviledged access to the client’s system and the effectivness of said system is proportional with said access, whihc doesnt mesh well with security expectatino by clients.(this is famously Why VAC isnt as effective as it could be: Valve is upholding the promise of an unintrusive anticheat ot the best they can. This is also why VAC is worlhess on linux: linux doesnt allow the sort of access VAC needs.)