A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Filters
Transaction-based Sandboxing for JavaScript
[article]
2017
arXiv
pre-print
Preserved Fulltext
Other Versions
This paper presents design and implementation of DecentJS, a language-embedded sandbox for full JavaScript. ...
The implementation relies on JavaScript proxies to guarantee full interposition for the full language and for all code, including dynamically loaded scripts and code injected via eval. ...
In particular, Tom Van Cutsem provided helpful advice on the internals of JavaScript proxies. ...
arXiv:1612.00669v2
fatcat:xhovkezmzbdo3py3ucx5hx3k4q
1987 IEEE Symposium on Security and Privacy
1986
Computer
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is suitable for sandboxing "one-shot" execution of unknown, untrusted programs, as well as for model-based enforcement of system-call behavior of known benign programs. Uncircumventability. ...
TXBOX is a new system for sandboxing untrusted applications. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/mc.1986.1663102
fatcat:cduvzxwakjfyxjqlvejzyhdyym
TxBox: Building Secure, Efficient Sandboxes with System Transactions
2011
2011 IEEE Symposium on Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is suitable for sandboxing "one-shot" execution of unknown, untrusted programs, as well as for model-based enforcement of system-call behavior of known benign programs. Uncircumventability. ...
TXBOX is a new system for sandboxing untrusted applications. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/sp.2011.33
dblp:conf/sp/JanaPS11
fatcat:thlvosrksjdbfnqn7k6aexkefi
2006 IEEE Symposium on Security and Privacy
2006
2006 IEEE Symposium on Security and Privacy (S&P'06)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is suitable for sandboxing "one-shot" execution of unknown, untrusted programs, as well as for model-based enforcement of system-call behavior of known benign programs. Uncircumventability. ...
TXBOX is a new system for sandboxing untrusted applications. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/sp.2006.20
fatcat:gutozsr4avfwpgpkvrwa4a77fu
1987 IEEE Symposium on Security and Privacy
1986
Computer
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is suitable for sandboxing "one-shot" execution of unknown, untrusted programs, as well as for model-based enforcement of system-call behavior of known benign programs. Uncircumventability. ...
TXBOX is a new system for sandboxing untrusted applications. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/mc.1986.1663329
fatcat:u33ipffhdvhzxnmwjwqx4p3xvq
1988 IEEE Symposium on Security and Privacy
1987
Computer
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is suitable for sandboxing "one-shot" execution of unknown, untrusted programs, as well as for model-based enforcement of system-call behavior of known benign programs. Uncircumventability. ...
TXBOX is a new system for sandboxing untrusted applications. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/mc.1987.1663423
fatcat:p76ekk6airaxdariqes2bfucey
1987 IEEE Symposium on Security and Privacy
1986
Computer
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
TXBOX is suitable for sandboxing "one-shot" execution of unknown, untrusted programs, as well as for model-based enforcement of system-call behavior of known benign programs. Uncircumventability. ...
TXBOX is a new system for sandboxing untrusted applications. ...
We are grateful to our shepherd David Wagner for many helpful comments and to Emmett Witchel for his insightful advice and for guiding the development of TxOS. ...
doi:10.1109/mc.1986.1663073
fatcat:wvh5tdhog5clrhdrom2tjgv2my
Web Browser Security: Different Attacks Detection and Prevention Techniques
2017
International Journal of Computer Applications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
The Attacker can run malicious JavaScript to exploit user system by using these vulnerabilities. ...
Browser with electrolysis system and sandboxed processes are discussed to prevent the browser from attack. ...
In multiprocess based tabs, layout rendering and JavaScript code should be put into a sandboxed process to reduce kernel attack surface. ...
doi:10.5120/ijca2017914938
fatcat:gim5jnnpfverneo45nd4mtz754
A Language-based Serverless Function Accelerator
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Moreover, we seamlessly transition between language-based and OS-based sandboxing by leveraging the fact that serverless functions must tolerate re-execution for fault tolerance. ...
We use a new approach to trace compilation to build source-level, interprocedural, execution trace trees for serverless functions written in JavaScript. ...
Containerless is built in Rust and is carefully designed to minimize the trusted computing base (TCB). For language-based sandboxing, Containerless generates Rust code from JavaScript. ...
arXiv:1911.02178v4
fatcat:7ixzojaicfcfbawawqmy2yujii
JsSandbox: A Framework for Analyzing the Behavior of Malicious JavaScript Code using Internal Function Hooking
2012
KSII Transactions on Internet and Information Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
JsSandbox was implemented based on a debugger engine, and some features were applied to detect and analyze malicious JavaScript code: detection of obfuscation, deobfuscation of the obfuscated string, detection ...
Then, the proposed framework was analyzed for specific features, and the results demonstrate that JsSandbox can be applied to the analysis of the behavior of malicious web pages. ...
Based on the analysis of the IE modules, the JsSandbox system was implemented for sandboxing malicious JavaScript code in IE 7. Fig. 5 shows the architecture of the JsSandbox system. ...
doi:10.3837/tiis.2012.02.019
fatcat:stojza4u55farbjjmlgrm2fa2q
Defeat Information Leakage from Browser Extensions via Data Obfuscation
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The obfuscated information is properly restored for legitimate browser transactions. A prototype has been implemented and iObfus works seamlessly with the Chromium 25. ...
Today web browsers have become the de facto platform for Internet users. This makes browsers the target of a lot of attacks. ...
Static analysis techniques are utilized to analyze JavaScript-based extensions. ...
doi:10.1007/978-3-319-02726-5_3
fatcat:njfzvqicxner7azu2y5z5dvqdi
Emerson
2011
Proceedings of the 10th SIGPLAN symposium on New ideas, new paradigms, and reflections on programming and software - ONWARD '11
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf.
To simplify scripting for novices, Emerson employs two abstractions: multi-presencing and execution sandboxes. ...
Execution sandboxes allow safely running application code provided by another object, borrowing the execution and deployment model of modern web applications. ...
Emerson is based on JavaScript, which is itself heavily influenced by Self [38] . ...
doi:10.1145/2048237.2048247
dblp:conf/oopsla/MistreeCCLG11
fatcat:7yn7y2nxhrhaxcvfo36e5cpt5u
RockJIT
2014
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security - CCS '14
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Managed languages such as JavaScript are popular. For performance, modern implementations of managed languages adopt Just-In-Time (JIT) compilation. ...
Key contributions of RockJIT are a general architecture for securing JIT compilers and a method for generating fine-grained control-flow graphs from C++ code. ...
ACKNOWLEDGMENTS We thank anonymous reviewers for their helpful comments. ...
doi:10.1145/2660267.2660281
dblp:conf/ccs/NiuT14
fatcat:xgz62iicqbfzpkyv3c6ffhiz34
AccTEE
2019
Proceedings of the 20th International Middleware Conference on - Middleware '19
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Typically, these computations are executed inside a sandboxed environment for two reasons: first, to isolate the execution in order to protect the host environment from unauthorised access, and second ...
In this paper we present AccTEE, a two-way sandbox that offers remote computation with resource accounting trusted by consumers and providers. ...
The system is based on SGX for trusted execution and TSX for transactional memory as well as hyper-threading. It utilises two dedicated threads inside one SGX enclave: a timer and a worker thread. ...
doi:10.1145/3361525.3361541
dblp:conf/middleware/GoltzscheNKK19
fatcat:rbuex7jrpfh4dd5gficp7aqgwe
Scriptless attacks
2012
Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We address the question of whether an attacker really needs JavaScript or similar functionality to perform attacks aiming for information theft. ...
This approach proves useful for prevention of certain types of attacks we here discuss. ...
processing or delegating credit card transactions. ...
doi:10.1145/2382196.2382276
dblp:conf/ccs/HeiderichNSHS12
fatcat:qf27r473mvdtxakegcujj6w6cm
« Previous
Showing results 1 — 15 out of 744 results