A Sandbox with a Dynamic Policy Based on Execution Contexts of Applications

Tomohiro Shioya, Yoshihiro Oyama and Hideya Iwasaki

View Related Documents

Book Chapter
Host Level Security
Anirban Chakrabarti
2007, Grid Computing Security, Pages 133-158
- Download PDF (652.2 KB)
Book Chapter
View-OS: A New Unifying Approach Against the Global View Assumption
Ludovico Gardenghi, Michael Goldweber and Renzo Davoli
Lecture Notes in Computer Science, 2008, Volume 5101, Computational Science – ICCS 2008, Pages 287-296
- Download PDF (279.5 KB)
Book Chapter
Flexible and Efficient Sandboxing Based on Fine-Grained Protection Domains
Takahiro Shinagawa, Kenji Kono and Takashi Masuda
Lecture Notes in Computer Science, 2003, Volume 2609, Software Security — Theories and Systems, Pages 61-70
- Download PDF (949.5 KB)
Book Chapter
Ensemble: Community-Based Anomaly Detection for Popular Applications
Feng Qian, Zhiyun Qian, Z. Morley Mao and Atul Prakash
Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 1, Volume 19, Security and Privacy in Communication Networks, Part 4, Pages 163-184
- Download PDF (685.6 KB)
Journal Article
Linux 2.6 kernel exploits
Stéphane Duverger
Journal in Computer Virology, 2008, Volume 4, Number 1, Pages 39-60
- Download PDF (737.6 KB)
Journal Article
Behavioral detection of malware: from a survey towards an established taxonomy
Grégoire Jacob, Hervé Debar and Eric Filiol
Journal in Computer Virology, 2008, Volume 4, Number 3, Pages 251-266
- Download PDF (1.1 MB)
Book Chapter
Static Analysis on x86 Executables for Preventing Automatic Mimicry Attacks
Danilo Bruschi, Lorenzo Cavallaro and Andrea Lanzi
Lecture Notes in Computer Science, 2007, Volume 4579, Detection of Intrusions and Malware, and Vulnerability Assessment, Pages 213-230
- Download PDF (419.1 KB)
Book Chapter
Return Value Predictability Profiles for Self–healing
Michael E. Locasto, Angelos Stavrou, Gabriela F. Cretu, Angelos D. Keromytis and Salvatore J. Stolfo
Lecture Notes in Computer Science, 2008, Volume 5312, Advances in Information and Computer Security, Pages 152-166
- Download PDF (1.5 MB)
Book Chapter
Exploiting Execution Context for the Detection of Anomalous System Calls
Darren Mutz, William Robertson, Giovanni Vigna and Richard Kemmerer
Lecture Notes in Computer Science, 2007, Volume 4637, Recent Advances in Intrusion Detection, Pages 1-20
- Download PDF (507.3 KB)
Book Chapter
On Random-Inspection-Based Intrusion Detection
Simon P. Chung and Aloysius K. Mok
Lecture Notes in Computer Science, 2006, Volume 3858, Recent Advances in Intrusion Detection, Pages 165-184
- Download PDF (401.4 KB)

Abstract

We propose a sandbox system that dynamically changes its behavior according to the application’s execution context. Our system allows users to give different policies, each of which specifies permitted system calls, depending on the user functions in which the target application is executing. The target application can be given less privilege than would be possible with other single-policy sandbox systems. We implemented the sandbox by using LKM (Loadable Kernel Module) of Linux that intercepts the system call issued by the application process. We experimentally demonstrated the effectiveness of the sandbox.

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

A Sandbox with a Dynamic Policy Based on Execution Contexts of Applications

View Related Documents

Abstract

Fulltext Preview