Sciweavers

Share
ACSAC
2006
IEEE

How to Automatically and Accurately Sandbox Microsoft IIS

12 years 3 months ago
How to Automatically and Accurately Sandbox Microsoft IIS
Comparing the system call sequence of a network application against a sandboxing policy is a popular approach to detecting control-hijacking attack, in which the attacker exploits such software vulnerabilities as buffer overflow to take over the control of a victim application and possibly the underlying machine. The long-standing technical barrier to the acceptance of this system call monitoring approach is how to derive accurate sandboxing policies for Windows applications whose source code is unavailable. In fact, many commercial computer security companies take advantage of this fact and fashion a business model in which their users have to pay a subscription fee to receive periodic updates on the application sandboxing policies, much like anti-virus signatures. This paper describes the design, implementation and evaluation of a sandboxing system called BASS1 that can automatically extract a highly accurate application-specific sandboxing policy from a Win32/X86 binary, and enfo...
Wei Li, Lap-Chung Lam, Tzi-cker Chiueh
Added 10 Jun 2010
Updated 10 Jun 2010
Type Conference
Year 2006
Where ACSAC
Authors Wei Li, Lap-Chung Lam, Tzi-cker Chiueh
Comments (0)
books