TxBox: Building Secure, Efficient Sandboxes with System Transactions

TxBox: Building Secure, Efficient Sandboxes with System Transactions

TxBox is a new system for sand boxing untrusted applications. It speculatively executes the application in a system transaction, allowing security checks to be parallelized and yielding significant performance gains for techniques such as on-access anti-virus scanning. TxBox is not vulnerable to TOC...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Jana, S., Porter, D. E., Shmatikov, V.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Codecs
Instruments
Kernel
Malware
Monitoring
sandbox
Semantics
speculative execution
transaction
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:TxBox is a new system for sand boxing untrusted applications. It speculatively executes the application in a system transaction, allowing security checks to be parallelized and yielding significant performance gains for techniques such as on-access anti-virus scanning. TxBox is not vulnerable to TOCTTOU attacks and incorrect mirroring of kernel state. Furthermore, TxBox supports automatic recovery: if a violation is detected, the sand boxed program is terminated and all of its effects on the host are rolled back. This enables effective enforcement of security policies that span multiple system calls.
ISSN:1081-6011
2375-1207
DOI:10.1109/SP.2011.33