Security for Microsoft .NET Mobile Applications

Microsoft .NET offers an efficient framework for developing and deploying Windows applications, including Web 2.0 server and client-side applications. However, it also uses Microsoft intermediate language (MSIL) or Common Intermediate language (CIL), which contains highly detailed metadata that makes compiled applications easy to reverse engineer, tamper and pirate. Once Microsoft .NET applications are deployed, hackers and competitors have easy access to the source code and the embedded IP within the applications themselves.

Arxan’s Solution for .NET Mobile Applications:

GuardIT for .NET protects managed code in mixed-mode and pure managed-code assemblies. It can be used for protecting Microsoft .NET managed code in pure managed-code or with GuardIT for Windows in mixed mode assemblies. GuardIT for .NET provides various Guards for obfuscating and encrypting character strings in managed code. The obfuscation Guards in GuardIT for .NET transform program instructions into code that is difficult to understand, for instance by inserting garbage code. These transformations do not affect the functionality of the protected application. The checksum guard in GuardIT for Microsoft .NET Framework provides strong anti-tamper capability by detecting whether a program has been modified by computing a checksum within a specified range.

 Core Features

  • Obfuscation and Checksum plus dynamic security of Microsoft .NET, via layered Guard-based protection
  • Comprehensive and tailored defend-detect-react protection of native code (with GuardIT for Windows) and managed code
  • Point-click breach management
  • Ability for users to directly edit and optimize GuardSpec
  • User-friendly graphical user interface
  • Web 2.0 server and client-side code protection

Guards at work to protect .Net 24/7:

GuardIT® for .Net leverages thousands of guard instances, of many types, to comprehensively safeguard your applications against revese-engineering, tampering and decompilation.

The following table summarizes the types of Guards for .NET and functions performed by each of them:

Class of DefenseGuard TypeFunction
DEFENDObfuscationTransforms programs into code that’s difficult to disassemble and understand, but has the same functionality as the original
RenamingRenames the symbols in the protected application to meaningless strings
String EncryptionEncrypts string literals and decryption at run -time
Garbage CodeInserts extra useless code to hide the actual code
DETECTChecksumDetects whether a program has been modified by computing checksum within a specified range
AuthenticationVerifies if the loaded module (for example DLL) is the correct one
REACTRepairSelf-repairs any damaged or tampered code/data


Following exhibit summarizes the process of transforming unprotected application into a protected application using GuardIT® for .Net: