Protecting Computer Game Code against Theft and Plagiarism
Preface
There are more than 10 million computer game developers worldwide [1]. At least half of them use Java or Android languages. In my humble experience, spanning over 30 years as a software developer, only about one-third of developers write their code entirely from scratch. The remaining two-thirds borrow code fragments and even entire algorithms in one way or another, taking advantage of the fact that program code is virtually impossible to protect legally [2].
Antidecompilers protect your Java/Android apps, also known as JAR/APK files, at the bytecode level. This is the most reliable solution for protecting intellectual property from theft and plagiarism. They encrypt all class or dex files in the source JAR/APK using AES (the Advanced Encryption Standard), thereby defending them against decompilation. The key used for encryption is calculated on the fly and can’t be extracted from the Antidecompiler codes by decompilation or other methods. For each known attack method, a counter-method has been found and implemented. This know-how has been developed and belongs to BIS Guard & Co. [3], [4].
Principles of Our Technology
Code protection is an ongoing process rather than a final result. New hacking methods constantly emerge, and the latest versions of compilers are released, enabling more manipulation of computer memory. It is the same war as between viruses and anti-viruses. In other words, neither absolute weapons nor absolute protection exist and cannot exist. Any new method of attack gives rise to a corresponding method of defense that repels this attack.
Any hacker’s attack disturbs the runtime environment (similar to the observer effect in quantum mechanics). Our company has developed a set of algorithms to detect them and interrupt program execution before the decryption stage. Thus, we have a classic example of the evolution of the attack-defense system. This means that for every offensive action, there is a defense, and vice versa. Note that the defense is always in the best position!
Of course, any code transformation increases start time and memory consumption, but these disadvantages are almost unnoticeable even for fast games, and free cheese only in a mousetrap.
Appendix
The Antidecompiler is designed to protect against various types of hacking attacks. One example of a simplistic hacking attempt involved modifying the Java class loader to intercept the loading process after decryption. However, detecting a modified class loader is relatively straightforward. It is often sufficient to analyze the current ClassLoader, including its length and the lengths of its methods, among other characteristics.
Here are some examples of naive attempts to crack an encrypted Java class using a modified ClassLoader. The assumption is that an encrypted Java class must be decrypted before execution, which is true. However, the error lies in thinking a Java class must operate within a modified ClassLoader. These attempts have been made several times despite this error being quite apparent. [5, 6]. We use the simplest analysis to detect a modified ClassLoader: we calculate its length and the lengths of the defineClass methods. Any modification changes these parameters, thereby showing their falsification.
[1] How Many Game Developers Are There In the World? Surprising Statistics. https://qubit-labs.com/how-many-game-developers-are-there-in-the-world-surprising-statistics/
[2] Can You Patent Code? A Tech Founders Guide to Software Patents. https://www.linkedin.com/pulse/can-you-patent-code-tech-founders-guide-software-andrew-rapacke-esq–eybge/
[3] Apology of Java Byte/Dex Code Encryption. https://bisguard.com/apology
[4] Hacking Protected Java-Based Programs. https://dzone.com/articles/hacking-protected-java-based-programs
[5] Cracking Java byte-code encryption. https://www.infoworld.com/article/2171002/cracking-java-byte-code-encryption.html
[6] A Gun is a Great Equalizer: OpenJDK Hack vs. Class Encryption. https://dexprotector.com/blog/gun-great-equalizer-openjdk-hack-vs.-class-encryption
Based on the above, we have started developing new security
algorithms for computer games. Please help us.