Current Scenario: IDC estimates that over $40B worth of software was pirated worldwide in 2006. Despite widespread use of license management, software piracy is rampant. Similarly, DRM applications are hacked to enable digital media piracy. Attacks fall into the following four categories:
Piracy. Attacker unlocks proprietary software and provides reproductions cheaply or for free Tampering. Attacker alters software to bypass usage restrictions Reverse Engineering. Attacker extracts code, stealing intellectual property and proprietary algorithms. Insertion of Exploits. Attackerinserts viruses or other malware into pirated copies.
Tomorrow's Technology Today: Arxan's innovative approach includes its patented Guard technology and "Moving Maze" architecture.
Small protection units called Guards are automatically inserted into the software binary. A Guard is a piece of code responsible for performing certain security-related actions during program execution. Guards can protect a specified region of code, and implement cross-Guarding between code, DLLs and other objects. These Guards are triggered to action by unauthorized changes to the protected program, and react in fully programmable ways.
Moving Maze Architecture
Arxan's architecture combines layers of binary based defend, detect, and react Guards that protect the application and each other in intricate, interconnected layers. This design ensures that the fortified application has no one single point of failure. The Guards react to attacks with active, diverse and random execution. Together, these act in concert to create a "Moving Maze" architecture. By contrast, competing products in this class of security never get past the step of prevention. If prevention fails, the application or system under attack has no further recourse.
Arxan software protection solution incorporates all of the 7 key factors to software protection.
Guards provide multiple layers of defense with self-healing capabilities, diversity and random execution to eliminate BORE attacks. In addition, Arxan's Guards are closely intertwined with program logic, so if Guards are removed or damaged, the program will cease to run normally. This makes reverse engineering and code lifting very difficult.
In addition, the binary insertion of Guards generates a configurable protection scheme, which can be unique for each instance of the program. Each copy of a protected program can have the same protection scheme, yet different instances of the specified Guard types. This decreases damage by automated attacks and collaboration by hackers, as a successful attack against one copy of the program would not work on other copies.
Arxan's active, dynamic defense not only prevents attacks, but detects and responds to them.
Arxan's active defense gives the application the intelligence to know when it is under attack and the power to act in response to that attack. With user defined reactions the developer can specify reactions such as:
Shut down the application entirely to prevent the application from running
Calculate the incorrect answer or degrade performance
Phone home with traitor tracing information
Well designed protections force attackers to develop competency in the subject matter of the software rather than generic hacking techniques, dramatically reducing the attacker base and making the protection much harder for attackers to detect and violate.
A single integer within the GuardScript, called the seed, determines which specific Guard instances (of which several thousand exist, per Guard type) are chosen for insertion, and which specific sequence of transforms are applied on the program. For the same GuardScript, simply changing the seed yields a binary code base that is significantly different in structure and code flow, providing resistance to diff attacks.
Additionally, any oversights in the original protection design which may result in a breach can be quickly and easily corrected by inserting additional Guards into the GuardScript, without any dependency on the source code.
By changing the seed and tweaking the GuardScript as necessary, a fully secure update can be developed in hours without disrupting the ongoing software development cycle
Arxan allows the user to have precise control over placement of protection code. Arxan places Guards, in binary code at precisely the location the user specifies. Schemes that insert protection into source code can not guarantee this specificity because the user can not reliably predict outcome after compilation.
The custom guard libraries create diversity. Arxan provides over 12,000 unique Guard instances. In addition, Arxan provides customers with the ability to create their own Guard instances by leveraging the internal IP. Together, these create a rich ecosystem of protection to choose from and ensure minimal vulnerability to BORE exploits. Once the Guards are chosen they can be configured into a network for the level of protection required.
Guards can be optimized to meet the constraints of the application. Levels of guarding can be easily scaled up for larger or more security-critical programs by installing more guards, and increasing the complexity of the guard network and level of obfuscation.
Low Impact on Performance
In contrast to source code obfuscation techniques, Arxan protects the binary directly, ensuring that protection techniques can be accurately inserted and do not compete with the compiler and optimizer. This approach to protection results in better performance and lower costs than that of other solutions. Test results have shown that the impact of Arxan on run-time performance of protected programs is very low. Arxan provides total security coverage with total application performance.
Arxan separates code hardening and development. Protection is inserted into the binary without modifying source code, so field updates and patches are easily achieved.
Arxan's point-click protection automates the Guard insertion process, allowing patches to be created under the same process as done for an unprotected application. Additionally, we can protect legacy applications where source code is unavailable.
Conclusion: Arxan protects software vendors against piracy, tampering, reverse engineering and any manner of theft. We go beyond static obfuscation and encryption to dynamically defend, detect and react against attacks. Commercial businesses rely on Arxan to fortify software, license management and DRM applications from the billions of dollars lost to unauthorized use.
Arxan Technologies, Inc.
6903 Rockledge Drive, Suite 910
Bethesda, MD 20817