Company Overview

Arxan protects Intellectual Property from software piracy, tampering, reverse engineering and any manner of theft. We protect software, and fortify License Management and DRM applications.

Arxan makes intellectual property (IP) theft virtually impossible, so developers of software applications,including multi-media and DRM applications, can safeguard their revenues. For the past 5 years, Arxan’s IP fortification technology has been protecting America’s critical military infrastructure. Today, defense agencies as well as Global 500 companies, trust Arxan to protect their IP.

Software Applications Are At Risk

Commercial piracy is a huge and costly problem: IDC predicts that by 2009, losses due to software theft will exceed $200 billion. For every $2 of PC software purchased legitimately, $1 was obtained illegally. Why? Software is driving business value and revenues; companies are increasingly selling globally; software attack tools are widely developed and disseminated; and the internet is an enabling distribution medium for pirated software. No wonder piracy is forecasted to grow at 20% per year (IDC).

4 Software Application Threats

Desktop software is increasingly pirated, DRM applications are regularly hacked, and embedded software based products are increasingly subject to tampering.

The four biggest threats to software:

• Piracy. An attacker makes unauthorized copies of proprietary software and sells reproductions at bargain prices, thereby stealing revenue from the organization creating the software.
• Tampering. An attacker alters proprietary software to give access to others or enhance the software’s functionality. Users might seek to add features, delete restrictions or to access hidden functionality.
• Reverse Engineering. An attacker extracts code in order to steal intellectual property, confidentialinformation, and proprietary algorithms.
• Insertion of Exploits. Prevent insertion of viruses or other malware into pirated versions.

License management is not designed to protect software against professional attackers who hack the binary to get to the valuable IP within it. Instead, license management is designed to keep honest users honest by metering usage. DRM applications are also in a race against sophisticated pirates, and require the latest in security technology, such as Arxan’s, to stay ahead.

Arxan Protection

Our solution includes, but goes beyond obfuscation and encryption to actively protect software. We defend, detect, and react to attempted attacks through a layered and dynamic network of Guards™ that provide defense-in-depth. In fact, we anticipate favorite techniques attackers employ to compromise software applications such as simulated execution, static analysis attacks, dynamic attacks, memory examination, and more.

At-A-Glance

Problem: Software piracy – for every $2 of PC software purchased legitimately, $1 was obtained illegally (IDC)

Solution: Prevent software piracy and tampering with Arxan’s patented IP protection technology.

Patented Guard™ Technology. Arxan combines advanced encryption and obfuscation with small protection units that are surgically inserted into the software’s binary – our Guards™ - to protect critical functions. We allow flexibility to specify the type, location, and purpose of over 12,000 Guards to create customized security solutions that meet the needs of each application’s unique vulnerabilities and requirements. Once deployed, our Guard protection dissolves into the binary.

Active Defense. Arxan takes a unique approach to software protection, not only defending against compromise, but actively detecting and reacting to attacks. Guards are triggered to action by unauthorized changes to the protected program. When Guards detect compromise, they react in fully programmable ways. Reactions are programmable, and can include terminating the program, self-healing any attempted tampering, changing the program in a subtle ways such as computing an incorrect answer, or reporting the identity of attackers via “traitor tracing” information that is covertly sent to a remote server.

“Moving Maze” Architecture. Combined, our Guards create a layered network that provides a dense web of protection with a high level of individualization. Guards actively protect the application as well as each other, forming a complex protection that is difficult to defeat by even the most advanced hackers. We employ a variety of techniques to protect dynamically, ensuring no single point-of-failure. Low Impact Protection. We believe that customers should not have to choose between the desired application functionality and effective security. So, our binary-based precision and individualization allows for finely tailored protection, resulting in low (typically less than 2%) application performance impact. That means transparency for legitimate users, while attackers face a battalion of Guards.

Automated Deployment. Developers can easily insert, and reinsert, Guard protection into their binaries since we have automated the process to seamlessly fit into the software development lifecycle. Nightly builds, for instance, can easily accommodate Guard protection.

How It Works
At the end of the software development process, Arxan’s GuardScript™ Design Wizard defines where Guards are to be inserted. Our protection engine then reads the GuardScript, and injects the Guards at the binary level with surgical precision.

Our Guards Defend, Detect and React to threats using a variety of technologies:

Defend: anti-debug, obfuscation, white box cryptography and encryption Guards

Detect: check-sum and authentication Guards

React: self-healing Guards, and customized reactions including traitor tracing, phone home and application termination

Arxan supports both native (e.g. C++) and managed (e.g. .NET) code on x86 and PowerPC architectures on a variety of operating systems, including Windows.