view counter

CybersecurityBotwall: New Web security solution uses real-time polymorphism to ward off attacks

Published 24 January 2014

Malware has long used polymorphism — that is, rewriting its code — every time a new machine was infected in order easily to evade antivirus detection systems. Shape Security says its new product, the ShapeShifter, is reversing this advantage which malware has so far enjoyed: the new product uses polymorphic code as a new foundational tool for Web site defense. The patent-pending technology implements real-time polymorphism, or dynamically changing code, on any Web site, to remove the static elements that botnets and malware depend on for their attacks.

Mountain View, California-based Shape Security the other day unveiled a new product to protect Web sites against the most dangerous cyberattacks. The company says the ShapeShifter is a network security appliance that prevents Web site breaches by immediately disabling the capability of malware, bots, and other scripted attacks to interact with the user’s Web application.

For years, attackers have used automated malware to conduct huge numbers of attacks on computer systems quickly and cheaply,” said Bob Blakley, director of security innovation at Citigroup. “By taking a technique — polymorphic code — out of the attackers’ own playbook, Shape turns the cost equation back around in the defender’s favor.”

The company says that the key to being able to block attacks on Web sites from malware and other scripts is a technique called real-time polymorphism. Malware has long used polymorphism, rewriting its code every time a new machine was infected, easily to evade antivirus detection systems. Shape is reversing this advantage, using polymorphic code as a new foundational tool for Web site defense. The company says that it has invented patent-pending technology to be able to implement real-time polymorphism, or dynamically changing code, on any Web site, to remove the static elements that botnets and malware depend on for their attacks.

Modern cybercriminals employ sophisticated attacks that operate at large scale while easily evading detection by security defenses,” said Derek Smith, CEO of Shape Security. “The ShapeShifter focuses on deflection, not detection. Rather than guessing about traffic and trying to intercept specific attacks based on signatures or heuristics, we allow websites to simply disable the automation that makes these attacks possible.”

When a ShapeShifter protects a Web site, instead of encountering an application with fixed elements which are trivial to program an attack against, cybercriminals now face the much more difficult task of making their malware interact with a Web application that has become a moving target, constantly rewriting itself. All of this happens transparently, with legitimate users continuing to see the original, unchanged user interface.

Shape is operating on a previously inaccessible layer of the security problem: the fact that everyone has a user interface, but user interfaces are inherently vulnerable to attacks from malware, bots and scripts,” said Robert Lentz, former chief information security officer of the U.S. Department of Defense and member of the board of directors of FireEye. “By preventing automation against a Web site’s user interface, Shape’s technology allows enterprises to block dozens of attack categories, such as account takeover, application DDoS, and Man-in-the-Browser, with a single product. This is not only a powerful new tool for enterprises but a potentially disruptive technology for multiple sectors of the cybersecurity industry.”

The industry has long needed a botwall — a new tier of your security architecture that blocks attacks from bots, malware and scripts, which are the source or enabler of nearly all breaches,” said Ted Schlein, managing partner at Kleiner Perkins Caufield & Byers. “Shape has successfully created the world’s first botwall. The Internet badly needs this. This is a game-changing technology.”

view counter
view counter