SAFE Banner

APRIL 2011

VOLUME 3, ISSUE 4

Software Scan

The President's Column

Antivirus company McAfee and R&D company SAIC recently published a detailed study about IP theft. According to the study, many cyberthieves now see stealing IP as more profitable than credit card theft and identity theft. In the Scanning IP section of this month's newsletter I discuss the ramifications of this study.

In the Scanning Tools section of this month's newsletter I discuss DocMate, our new product for comparing all kinds of documents for signs of plagiarism. It uses the same technology as CodeMatch and a license is as little as $30 per year for unlimited use.

Send me your comments and critiques. I'm always interested in hearing from you.

Regards,


Bob Zeidman
President, SAFE Corporation


Scanning IP

IP Theft is Becoming the New Target for Cyberthieves

Antivirus company McAfee and R&D company SAIC recently published a report entitled Underground Economies, a study of corporate IP theft. According to the study, many cyberthieves now see stealing IP as more profitable than credit card theft and identity theft. According to the study:

In the past, cybercriminals targeted personal information such as credit cards and social security numbers, which were then sold on the black market. Now, these criminals understand that there is much greater value in selling a company’s proprietary information to competitors and foreign governments. For example, a company’s legal documents can fetch far more money than a list of customer credit cards.

The cyber underground economy has shifted its focus to the theft of corporate intellectual capital–the new currency of cybercrime. Intellectual capital encompasses all the value that a company derives from its intellectual property including trade secrets, marketing plans, research and development findings and even source code. For example, Operation Aurora, a targeted attack on Google and at least 30 other companies, represented a sophisticated attack designed to steal intellectual capital.

Some of the more interesting findings are:

  • Theft of corporate intellectual property is "the new currency of cybercrime."
  • Some governments support or even conduct theft of trade secrets.
  • Forrester Research estimates that corporate IP is twice as valuable as custodial data such as credit card information and customer and medical data.
  • Cloud-based services are not only a new target for cyber criminals, but also but extensive but inexpensive resources into their hands for carrying out cybercrimes.
  • Data breaches, or the credible threat of a data breach, stopped or slowed a merger, acquisition, or new product rollout at one fourth of organizations surveyed.
  • Yet only a quarter of organizations conduct forensic analysis after a breach or attempted breach.
  • Organizations reported that IP was most often leaked or stolen by their own employees.

Read the entire study here.

As an ironic side note, the day that this report was released, security researchers announced that McAfee's own website has serious vulnerabilities. Read that article here.

Advanced Tools to Detect Plagiarism and IP Theft

CodeSuite® & CodeSuite-LT®
Sophisticated sets of tools for analyzing software source code and object code including:

BitMatch®
Check binary object code for plagiarism.

CodeCLOC®
Measure software IP changes between versions of a program.

CodeCross®
Cross check source code for plagiarism.

CodeDiff®
Compare source code to find differences and measure changes.

CodeMatch®
The premiere tool for pinpointing copied source code.

SourceDetective®
Scour the Internet for plagiarized code.

CodeSuite-MP®
Speed up your analysis on a multiprocessor system.

CodeGrid®
Turbo charge your analysis on a supercomputer grid.

DocMatch
Find signs of copying in any document.

Get Smart

SAFE offers training at our facility or yours or on the Web. Contact us to make arrangements:

MCLE credit in software IP

CodeSuite certification

Your New Office

Remember that you can now have your own secure office at the SAFE facility for storing proprietary software, running CodeSuite, analyzing the results, and getting onsite support. We're located at

20863 Stevens Creek Blvd.
Suite 456
Cupertino, CA 95014
(408) 517-1167

Scanning Tools

DocMate Detects Plagiarism

S.A.F.E. has recently announced the release of DocMate, a new tool for comparing all kinds of documents to find plagiarism. Our unique, patented technology has proved very useful for finding copied computer code in court. We decided to apply our technology to general documents like articles, papers, and novels. There have been a few cases where we built custom applications to compare written engineering specifications. The results were very useful. In one case, finding copied but modified software specifications gave clues that showed how one company copied another's software.

DocMate can be licensed as the full version or the LT version. The full version is the professional tool. It creates a database containing matching elements between two sets of documents. The full version can automatically search the Internet for all references to commonly used words and filter them from the database. Also, sophisticated statistics can be extracted from the database. The full version costs $150 for a one-year license. The LT version produces an easy-to-read HTML report showing words, sentences, and paragraphs that are identical or similar in every pair of documents. The LT version costs $30 for a one-year license. Register to download your copy here.

This newsletter is not legal advice. Views expressed herein should be checked for accuracy and current applicability.
Copyright 2011 Software Analysis & Forensic Engineering Corporation