Resources

• CodeArmor for .NET Datasheet (300k)
• CodeArmor for Windows Datasheet (210k)
• Piracy Solution Brief (682k)
• Technology Whitepaper (337k)
• Code Theft Case Study (83k)

V.i. Labs Software Protection Technology:

V.i. Lab’s patent-pending technology protects software applications without requiring source code modifications or complex security infrastructure. It combines strong function level encryption, anti-debugging, anti-tampering, and secure run-time execution monitoring to provide comprehensive software protection.

Our technology is able to protect software applications in their executable form – eliminating the need for software development resources or impacting product time-to-market. Once protected, run-time security features persistently secure the application against piracy, tampering, misuse, and code theft. Protection is self contained within the application and no additional, separate security files or components are required.

System Components:

V.i. Labs’ technology adds a strong layer of security to software applications without introducing additional end user and deployment complexities. To enable protection and secure the application run-time environment the following system components are used:

• Post Processor - A desktop application that automatically analyzes application binary files, applies encryption at the function level, embeds secure run-time monitoring functions, adds pre-defined application and security extensions, and creates a secure version of the target application.
• Secure Execution Monitor - A set of security functions that are embedded in the software application during the protection process to secure the application during run-time. The monitor provides functions to encrypt and decrypt application subroutines, ensure application integrity, and monitor the runtime environment for malicious activity and unauthorized access.
• Application and Security Extensions - These custom extensions support software authorization frameworks, enhanced security through integration of external key management devices/systems, and alternate encryption algorithms. These extensions can be invoked prior to the execution of the application to verify authorization or perform additional monitoring. Extensions can be developed using an available CodeArmor Application Extension Software Development Kit (SDK). 

Technology Operation:

V.i. Labs' software protection technology secures existing applications without requiring source code changes and also protects the application run-time environment once applications are deployed.

Adding Protection Using a Post Processor:

The Post Processor embeds the V.i. Labs protection technology into the application source executable and associated dll files. The post processor automatically analyzes and finds the application functions, creates and stores a digest of each, and then encrypts each function with a unique key. During the protection process, the post processor attaches V.i. Lab's Secure Execution Monitor and any pre-defined application extensions to the application without requiring modification to the original software code or functions. The execution monitor provides the protection intelligence and monitoring functions to protect the software application at run-time. The output of the Post Processor operation is a hardened version of the original software application with self-contained security that mimics the original unprotected version. 

Run Time Security Protection:

When the protected application is launched, Secure Execution Monitor attaches itself to the application. Once the application is started the execution monitor continually checks the run-time environment to detect for an insecure environment (pre-defined within the Post Processor configuration setup), check the integrity of dependent ".dll" files, and discover any attempts to attach and run tools that could be used to reverse engineer the software or insert malicious code. In addition, the Secure Execution Monitor decrypts and re-encrypts each protected function in real-time on a block-by-block or on a function call basis. The monitor never decrypts the entire application in memory nor in same location to thwart attempts to obtain the unprotected application functions. As a result, the code itself is secure -- providing a higher degree of protection against reverse engineering threats. If at run-time tampering is detected, the monitor can be configured to notify a user, log the event, or halt the executable altogether. Because the technology maintains a store of digests for the original application functions, it can invoke a self healing process to replace tampered code with original code.

Threats Deterred:

Software reverse engineering is a process used to disassemble and reveal the design and implementation details of a software application without having access to the source code. Although this process is sometimes used for legitimate purposes, malicious users and software pirates often reverse engineer applications in order to tamper with or alter them completely. To protect software applications against this threat requires a technology that secures the run-time environment as well as the individual application files. V.i. Labs’ technology provides comprehensive countermeasures against these threats:

• Guards against reverse engineering and loader programs that attempt to rebuild unprotected applications by accessing them within memory
• Prevents user and kernel debuggers and other tools from analyzing and cracking the protection process
• Verifies system DLLs to ensure that the application environment cannot be compromised and access to the decrypted application gained
• Prevents hackers from embedding a malicious payload into the software application statically or at run-time
• Prevents hackers from modifying the applicaton program flow to run Malware
• Enables mission critical applications to function even if a malicious program is trying to tamper with it at run-time

Read our technology whitepaper.