Your SlideShare is downloading. ×
0
Sandbox – Online, Offline
Sandbox – Online, Offline
Sandbox – Online, Offline
Sandbox – Online, Offline
Sandbox – Online, Offline
Sandbox – Online, Offline
Sandbox – Online, Offline
Sandbox – Online, Offline
Sandbox – Online, Offline
Sandbox – Online, Offline
Sandbox – Online, Offline
Sandbox – Online, Offline
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Sandbox – Online, Offline

3,375

Published on

Published in: Education
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,375
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
29
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Sandbox – Online, Offline<br />By Pushkar<br />Null-The Open Secuirty Community<br />
  • 2. Sandbox…<br />Sandbox may refer to:<br />Limited, restricted environment for a specific purpose<br />Litter box, an indoor box for cats to relieve themselves<br />Sandpit or sandbox, a wide, shallow playground construction to hold sand often made of wood or plastic<br />Sandbox (railways), a container that holds sand for use in improving rail adhesion in slippery conditions<br />Sandboxing is a popular technique for creating confined execution environments, which could be be used for running untrusted programs. A sandbox limits, or reduces, the level of access its applications have — it is a container<br />
  • 3. Sandbox…<br />Sandbox (computer security), a virtual container in which untrusted programs can be safely run<br />Sandbox (software development), an online environment in which code or content changes can be tested without affecting the original system<br />Sandbox Effect, in Google Internet search rankings<br />
  • 4. How it works…<br />Basic two mechanism…<br />Namespace isolation<br />- agents are unable to manipulate resources that they cannot name. <br />Access checks<br />- discharge proof obligations of the form “agent A may manipulate resource R by method M“<br />Intercepting System calls<br />Deny the system call, Audit the system call's invocation, Pre- process the arguments, Post-process the result, Replace the system call's implementation<br />
  • 5. Limitations…<br />Sandboxing implementations suffer from five broad kinds of limitation:<br />too much isolation<br />not enough isolation<br />non-portability<br />non-usability<br />design and implementation failures<br />
  • 6. Google Sandbox…<br />Sandbox Effect,<br />Technique that google<br /> uses to ran new website <br /> in its search results<br />Check whether it is a <br /> genuine or a spam<br /> website<br />
  • 7. Others…<br />Wikipedia Sandbox<br />http://en.wikipedia.org/wiki/Wikipedia:Sandbox<br />MySQL Sandbox<br />http://en.wikipedia.org/wiki/Wikipedia:Sandbox<br />Chrome<br />http://dev.chromium.org/developers/design-documents/sandbox.<br />
  • 8. Malware Analysis…<br />Online<br />Anubis http://anubis.iseclab.org/<br />BitBlaze https://aerie.cs.berkeley.edu/<br />Comodo Instant Malware Analysis <br />http://camas.comodo.com/<br />Eureka http://eureka.cyber-ta.org/<br />JoeBox http://www.joebox.org/submit.php<br />Norman Sandbox<br /> http://www.norman.com/security_center/security_tools/submit_file/en<br />Sunbelt Sandbox: <br />http://www.sunbeltsecurity.com/sandbox/<br />ThreatExpert http://www.threatexpert.com/<br />Xandora http://www.xandora.net/xangui/<br />
  • 9. Offline…<br />Sandboxie http://www.sandboxie.com/index.php?DownloadSandboxie<br />Autovin http://autovin.pandasecurity.my/<br />IDefenseLabs SysAnalyzer http://labs.idefense.com/software/<br />MandiantMemoryze, Red Curtain http://www.mandiant.com/products/free_software<br /> <br />
  • 10. Additional Tools…<br />Buster Sandbox Analyzer http://bsa.isoftware.nl/<br />Malware Analyser 2.8 : http://code.google.com/p/malwareanalyzer/<br />
  • 11. Lets check…<br />
  • 12. Thank you…Q&A ????<br />

×