A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Filters
Virtual Machine Monitor Indigenous Memory Reclamation Technique
2016
International Journal of Information Technology and Computer Science
Preserved Fulltext
The proposed technique indigenously works in virtual machine monitor layer without installing any driver in VMX non root mode and without new communication channel with host kernel. ...
We implemented proposed technique with one of open source sandboxes to show effectiveness of proposed memory reclamation method. ...
New instructions VMLAUNCH and VMRESUME enters the VMX non root mode and executes the guest OS. This transition from root to non root mode is called VM entry. ...
doi:10.5815/ijitcs.2016.04.02
fatcat:5od6otqs7bgi5kg4ehjecuiuq4
A portable user-level approach for system-wide integrity protection
2013
Proceedings of the 29th Annual Computer Security Applications Conference on - ACSAC '13
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2014; you can also visit the original URL.
The file type is application/pdf.
Like sandboxing, all user data is held within one name space, thereby providing a unified view. ...
Moreover, policy development is almost entirely automated, sparing users and administrators this cumbersome and difficult task. ...
For each non-root userid 1 R in the original system, we add a corresponding untrusted userid Ru. ...
doi:10.1145/2523649.2523655
dblp:conf/acsac/SzeS13
fatcat:vcv5jeqwhzbsndtcvrfl6wzf3q
GWiQ-P
2008
ACM SIGOPS Operating Systems Review
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
GWiQ-P is light-weight, and in practice is infinitely scalable, satisfying concurrently any number of resource demands, all within the limits of a global quota assigned to each user. ...
This setup calls for scalable and highly available resource utilization control that adapts itself to dynamic changes in the grid environment as they occur. ...
This points to the protocol's excellent scalability and local operation. Moreover, for a change rate of 0.1%, the utilization practically equals the quota. ...
doi:10.1145/1341312.1341339
fatcat:v4a7c75d3zdcxjsca3dvhmtisi
Tutorial: An Overview of Malware Detection and Evasion Techniques
[chapter]
2018
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
However, some malware can use sandbox detection to detect that they run in such an environment and so avoid exhibiting their malicious behavior. ...
We demonstrate how statically-extracted syntactic signatures can be used for quickly detecting simple variants of malware. ...
In this example, x is taken as a user input and then it is tested on being non-negative and a root for x 2 − 3x − 4. ...
doi:10.1007/978-3-030-03418-4_34
fatcat:a35rkedbczcgpolcrtevlac2ea
The state of the art of application restrictions and sandboxes: A survey of application-oriented access controls and their shortfalls
2013
Computers & security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
This paper describes the motivation for application restrictions and sandboxes, presenting an indepth review of the literature covering existing systems. ...
The paper concludes with a discussion on areas for future work, and points a way forward within this developing field of research with recommendations for usability and abstraction to be considered to ...
Sandboxes that enforce the same rule-based policy for every program effectively provide a limited form of isolation. ...
doi:10.1016/j.cose.2012.09.007
fatcat:k4ujixk57bbaxhe7gmu3fcrcim
A novel approach for computer security education using Minix instructional operating system
2006
Computers & security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2006; you can also visit the original URL.
The file type is application/pdf.
The lack of an effective and efficient laboratory for security courses motivated us to consider practices adopted by the traditional mature courses, e.g., operating systems (OS) and compilers. ...
The courseware contains a set of well defined and documented projects for helping students focus on (1) grasping security concepts, principles and technologies; (2) practicing design and implementation ...
., the root directory is changed to newroot for cmd and any of its child processes. Any program running within this sandbox can only access files within the subdirectory of newroot. ...
doi:10.1016/j.cose.2005.09.011
fatcat:bbumhrjnm5h4xbzgu6fbm4y7uu
Launching Generic Attacks on iOS with Approved Third-Party Applications
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
We further provide corresponding mitigation strategies for both vetting and sandbox mechanisms, in order to defend against the proposed attack vector. ...
Although details of the vetting process and the sandbox are kept as black box by Apple, it was generally believed that these iOS security mechanisms are effective in defending against malwares. ...
We also thank the anonymous reviewers for their valuable insights and comments. ...
doi:10.1007/978-3-642-38980-1_17
fatcat:opk2pkmmkjaurneuqcxyodi3ue
Hybrid User-level Sandboxing of Third-party Android Apps
2015
Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security - ASIA CCS '15
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
native libraries and minor for apps with them. ...
Specifically, dex sandbox hooks into the app's Dalvik virtual machine instance and redirects each sensitive framework API to a proxy which strictly enforces the user-defined policies, and native sandbox ...
Acknowledgements The authors would like to thank the anonymous reviewers for their insightful comments that helped improve the presentation of this paper. ...
doi:10.1145/2714576.2714598
dblp:conf/ccs/ZhouPWWJ15
fatcat:w5iqqjqyp5g2jozmif7ffa5zqu
Cut-and-Mouse and Ghost Control
2021
Digital Threats: Research and Practice
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
To protect their digital assets from malware attacks, most users and companies rely on antivirus (AV) software. ...
Furthermore, we also show some weaknesses in additional protection mechanisms of AVs, such as sandboxing and CAPTCHA verification. ...
and non-kernel modules. ...
doi:10.1145/3431286
fatcat:bxrm6yuiebcmpcuurdtlmxm5om
Practical techniques to obviate setuid-to-root binaries
2014
Proceedings of the Ninth European Conference on Computer Systems - EuroSys '14
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
This paper demonstrates how least privilege can be achieved on modern systems for non-administrator users. ...
We identify the policies currently encoded in setuid-to-root binaries, and present a framework for expressing and enforcing these policy categories in the kernel. ...
Acknowledgements We thank the anonymous reviewers, our shepherd, Ted Wobber, Rob Johnson, and Vyas Sekar for insightful comments on earlier drafts of this paper. ...
doi:10.1145/2592798.2592811
dblp:conf/eurosys/JainTJP14
fatcat:ealhdaworvdw5fvhhplbqrtjv4
1987 IEEE Symposium on Security and Privacy
1986
Computer
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is a new system for sandboxing untrusted applications. ...
This makes on-access scanning practical for routine use in production systems. Expressive policies. TXBOX can enforce a rich class of practical security policies. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/mc.1986.1663102
fatcat:cduvzxwakjfyxjqlvejzyhdyym
TxBox: Building Secure, Efficient Sandboxes with System Transactions
2011
2011 IEEE Symposium on Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is a new system for sandboxing untrusted applications. ...
This makes on-access scanning practical for routine use in production systems. Expressive policies. TXBOX can enforce a rich class of practical security policies. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/sp.2011.33
dblp:conf/sp/JanaPS11
fatcat:thlvosrksjdbfnqn7k6aexkefi
2006 IEEE Symposium on Security and Privacy
2006
2006 IEEE Symposium on Security and Privacy (S&P'06)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is a new system for sandboxing untrusted applications. ...
This makes on-access scanning practical for routine use in production systems. Expressive policies. TXBOX can enforce a rich class of practical security policies. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/sp.2006.20
fatcat:gutozsr4avfwpgpkvrwa4a77fu
1987 IEEE Symposium on Security and Privacy
1986
Computer
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is a new system for sandboxing untrusted applications. ...
This makes on-access scanning practical for routine use in production systems. Expressive policies. TXBOX can enforce a rich class of practical security policies. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/mc.1986.1663329
fatcat:u33ipffhdvhzxnmwjwqx4p3xvq
1988 IEEE Symposium on Security and Privacy
1987
Computer
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is a new system for sandboxing untrusted applications. ...
This makes on-access scanning practical for routine use in production systems. Expressive policies. TXBOX can enforce a rich class of practical security policies. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/mc.1987.1663423
fatcat:p76ekk6airaxdariqes2bfucey
« Previous
Showing results 1 — 15 out of 3,002 results