Protect Unity3D application in Windows/Linux system

Protect Unity3D Projects in Windows/Linux system


Virbox Protector support to protect/encrypt the Unity3D App compiled in Mono framework and IL2CPP compiling mode.

Virbox Protector supports to protect Unity3D App in both GUI tool and CLI tool.

With Virbox Protector, Developer protect/encrypt the whole Unity3D directory and critical libs and data assets for Unity3D android Apk, inlcudes:

Assembly-CSharp-firstpass.dll, Assembly-CSharp.dll, global-metadata.dat, and other C# assemblies, ​

​ and Unity3D data assets .resS and resource)

​ and to Protect the Unity3D App in general protection:

Anti- debugging, Anti-Injection and other features.

Here we use Virbox Protector GUI tool to show the protection process for Unity3D app step by step . For more detail, you may also refer to the User Manual_Virbox Protector Standalone or contact us.

Protect Unity3D Application in 5 steps

  1. Import Unity3D projects: Drag related Unity3D App into Virbox Protector;

  2. Setting to protect the C# dll, gloabl metadata and protect Unity3D APK in general in "Protection Option"

  3. Setting to protect Unity3D App Resource in "Resource Encryption"

  4. Click to start "Protection" Process

  5. Back up source APK and Use the protected APK for further testing or distribution.


Sign-up Virbox Protector and install the Virbox Protector;

Open Virbox Protector and sign in with your account;

Above pre-requisition is for test/evaluation Virbox Protector only.

To protect formal and commercial release software, pls purchase and get the related Virbox Protector license.

Protection Process

1. Import Unity3D Project:

Drag the whole Unity3D app folder into Virbox Protector; Then Virbox protector will parse the Unity3D application automatically. and show Unity3D App information in the "Basic info" tabs, shown as snapshot below:

2. Setting to protect the C# dll, gloabl metadata and protect Unity3D App in general in "Protection Option"

Go to "Protection Option" to set:

2.1 Output path and output file name, click the button in right to change output path and name; the on default output will create new sub directory in same path; with configuration file:

2.2 Set the protection option to Unity3D project in General to prevent debugging and decompiling

For Mono frame based and IL2CPP compiled App, the configuration may slightly different:

For Unity3D App based on Mono framework, The Assembly-CSharp-firstpass.dll, Assembly-CSharp.dll will be encrypted on default by Virbox protector;

You can add other C# assemblies under "Managed directory" by click "+".the Virbox Protector GUI shown as attached below:

For Unity3D app compiled on IL2CPP, Virbox Protector will protect/encrypt the metadata on default, click to select other protection options:

Memory Check:

Verify memo and check memo integrity(effective to IL2CPP project);

Metadata Name obfuscation:

Obfuscate the name of method metadata (effective to IL2CPP project);

Anti debugging:

Click to set to this feature, The protected application will quit the execution when debugging of process has been detected;


Switch on/off RASP Protection (Advanced Process Protection)

Enable to RASP feature: additonal license required

Runtime application self protection, the advanced Protection feature to protect the process for windows application, which effective to prevent debuging tool to debug your application and also prevent the "Cheat Engine" tool to scan the memo of process, this protection function is most effective way for the highly security scenario to protect applications

There are 3 features can be select in the "RASP" Protection plugin:

  • Memory Protection:

Click to protect the memory information executed for windows application; which to prevent the attacker/hacker to scan the process memory by use of "Cheat Engine" tools;

  • Kernel Mode Anti-debugging

Click to activate the Anti-debugging feature to prevent the debugging tool to debug the kernal;

  • Show Error Message

Pop up error message inlcudes error code when program execution error occured, and popup message will be quite after 5 seconds automatically;

as shown attached below:

3. Setting to protect Unity3D project Resource in "Resource Encryption"

Go to "Resource Encryption" tab, developer can set and protect the data assets and resource of Unit3D project here.

Switch on "Enable" button, then Virbox Protector will load the resource file;

Input password to encrypt Resources (Optional, if no password input, use the random password)

click "Select Files" to add other resource file to encrypt/protect it.

It is recommend to encrypt the resource file on default.

4. Click to start "Protection" Process

Click to "Protect Selected Projects" to start the protection process.

Go to the output folder, besides of original project directory, Ball2018 2.4f1_X64.

you will find 1 new protected app folder (Ball2018.4.f1_X64 protected) and

1 new file (the configuration file: Ball2018.2.4f1_X64.ssp) has been generated.

Go to the "protected folder", you can find and use the protected application in this folder for further testing and evaluation,

5. Back up source Apk and use the protected Apk for further testing

You need to back up your source app, configuration file and use debugging tool and decompiler to verify, test the security performance of protected App.

The configuration file can be used for:

When you updated your App version and protect your latest version with same "protection option"

Use Virbox protector CLI tool to protect your app later.

Use Virbox Protector CLI tool to protect the Unity3D Apk

Set protection options and generate the configuration file

Open Virbox Protector GUI tool, Set the protection options to your apk and generated the configuration file, you may refer and follow the steps to the protection setting described in above chapter.

and click the button: "Save Selected Project" in the main menu to generate the "configuration file", a file with the suffix name: .ssp

Put this configuration file into the same directory of the apk which you want to protect.

Use the Virbox Protector CLI tool to protect your App

Find the Virbox Protector CLI tools: virboxprotector_con.exe:


C:\Program Files\senseshield\Virbox Protector 2\bin




/Applications/Virbox Protector

Use following command to protect you apk in CLI mode.

virboxprotector_con <application_path> -o <output_application_path>

Execution Performance and Technical Mechanism

Protection FeaturePerformance impactTechnical mechanics

Assembly Encryption

Execution performance related with the Qty. and size of methods encrypted.

To encrypt the methods which contained in the Assembly and Encrypt the assembly also, and decrypt these methods and assembly when compiling the IL during JIT process.

Resource Encryption

related with the the size and no. of "resource" encrypted

Select the resource to encrypt and decrypt it in the Unity enginer (modefied) when executed.

Anti Debugging

almost no impact to performance

Use the system API or memo status to detect the debug tool

Unity3D Engine Protection (IL2CPP)

Slightly impact execution performance

Obfuscate the instruction combine with calling detect

MetaData-Name of Obfuscation (IL2CPP)

No impact

Parse gloabl-metadat.dat and modify the name

Memory Check (IL2CPP)

slightly impact when start execution

Vcan and verify if the instruction be tampered.

Signature Check

slightly impact when start execution

Verify the developer signature in the APK or AAB

File Check

Slightly impact when start execution

Verify the hash of each file

Anti Injection

almost no impact execution performance

Use the system API to prevent debugger and modify the momory

Emulator Detection

Slightly impact when start executio

To detect if the runnging device info. is real hardware info generated.

Root Detection

Slightly impact when start executio

To detect if the running environment is root environment.

Multi-Parallel Detection

Slightly impact when start executio

To detect if the running environment is multi-parallel environment

Last updated