Security

Startup morphs website code against morphing malware, causing cries of anguish from attackers

Above: Real-time polymorphism is behind this new effort to stop malware.

Image Credit: Shape Security

Can websites use judo logic to defend themselves, turning one of their attackers’ key strategies against them? That’s the idea behind a new product that shields websites by continually morphing its visible code, creating what some have described as the first “botwall.”

The Mountain View, Calif.-based Shape Security’s ShapeShifter is a network-security appliance that utilizes real-time polymorphism, dynamically changing code in a website’s user interface into random strings that still deliver the functionality of HTML, CSS, and Javascript. This creates a moving target for malware engaging in automated attacks, disabling its capability to interact with a web application. The approach is intended to block a range of attack types, including account takeover, application distributed denial of service, and Man-in-the-Browser.

As Shape Security VP of strategy Shuman Ghosemajumder told VentureBeat, a ShapeShifted website and a malware attack use “the same fundamental concept of polymorphism, but the implementation is different.”

ShapeShifter’s polymorphism, he pointed out, is conducted in real time, while “malware changes code only when it installs, because it’s trying to change its signature.” CEO Derek Smith told news media that his company’s focus is on “deflection, not detection.”

Does this replacement of the original code reduce a website’s performance? Ghosemajumder said there is “minimal latency,” adding that the process is transparent to website management. End users see the original user interface.

Currently, Shape Security’s solution is being offered as a hardware appliance, but a cloud-based version is being developed. The product is being targeted at major websites in financial services, health care, and major e-commerce at prices north of a million bucks.

0 comments