Chapter 48

Obfuscation, Application Monitoring, and Management

WHAT’S IN THIS CHAPTER?

• Exploring the features of Dotfuscator and Analytics–Community Edition, a free post-build hardening and application monitoring tool that ships with Visual Studio
• Understanding how obfuscation can be used to prevent your assemblies from being easily decompiled
• Using tamper defense to protect your application assemblies from unauthorized modification
• Configuring application expiry to encode a specific date after which your application can’t be executed
• Setting up usage tracking to determine what applications and features are used

If you’ve peeked under the covers at the details of how .NET assemblies are executed, you will have picked up on the fact that instead of compiling to machine language (and regardless of the programming language used), all .NET source code is compiled into the Microsoft Intermediary Language (MSIL, or just IL, for short). The IL is then just-in-time compiled when it is required for execution. This two-stage approach has a number of significant advantages, such as enabling you to dynamically query an assembly for type and method information, using reflection. However, this is a double-edged sword because this same flexibility means that once-hidden algorithms and business logic can easily be reverse-engineered and modified, legally or otherwise. This chapter introduces tools and techniques that help to protect your source code from prying eyes and monitor the execution ...