Sandbox – Online, Offline

3,965 views
3,892 views

Published on

Published in: Education
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,965
On SlideShare
0
From Embeds
0
Number of Embeds
741
Actions
Shares
0
Downloads
35
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Sandbox – Online, Offline

  1. 1. Sandbox – Online, Offline<br />By Pushkar<br />Null-The Open Secuirty Community<br />
  2. 2. Sandbox…<br />Sandbox may refer to:<br />Limited, restricted environment for a specific purpose<br />Litter box, an indoor box for cats to relieve themselves<br />Sandpit or sandbox, a wide, shallow playground construction to hold sand often made of wood or plastic<br />Sandbox (railways), a container that holds sand for use in improving rail adhesion in slippery conditions<br />Sandboxing is a popular technique for creating confined execution environments, which could be be used for running untrusted programs. A sandbox limits, or reduces, the level of access its applications have — it is a container<br />
  3. 3. Sandbox…<br />Sandbox (computer security), a virtual container in which untrusted programs can be safely run<br />Sandbox (software development), an online environment in which code or content changes can be tested without affecting the original system<br />Sandbox Effect, in Google Internet search rankings<br />
  4. 4. How it works…<br />Basic two mechanism…<br />Namespace isolation<br />- agents are unable to manipulate resources that they cannot name. <br />Access checks<br />- discharge proof obligations of the form “agent A may manipulate resource R by method M“<br />Intercepting System calls<br />Deny the system call, Audit the system call's invocation, Pre- process the arguments, Post-process the result, Replace the system call's implementation<br />
  5. 5. Limitations…<br />Sandboxing implementations suffer from five broad kinds of limitation:<br />too much isolation<br />not enough isolation<br />non-portability<br />non-usability<br />design and implementation failures<br />
  6. 6. Google Sandbox…<br />Sandbox Effect,<br />Technique that google<br /> uses to ran new website <br /> in its search results<br />Check whether it is a <br /> genuine or a spam<br /> website<br />
  7. 7. Others…<br />Wikipedia Sandbox<br />http://en.wikipedia.org/wiki/Wikipedia:Sandbox<br />MySQL Sandbox<br />http://en.wikipedia.org/wiki/Wikipedia:Sandbox<br />Chrome<br />http://dev.chromium.org/developers/design-documents/sandbox.<br />
  8. 8. Malware Analysis…<br />Online<br />Anubis http://anubis.iseclab.org/<br />BitBlaze https://aerie.cs.berkeley.edu/<br />Comodo Instant Malware Analysis <br />http://camas.comodo.com/<br />Eureka http://eureka.cyber-ta.org/<br />JoeBox http://www.joebox.org/submit.php<br />Norman Sandbox<br /> http://www.norman.com/security_center/security_tools/submit_file/en<br />Sunbelt Sandbox: <br />http://www.sunbeltsecurity.com/sandbox/<br />ThreatExpert http://www.threatexpert.com/<br />Xandora http://www.xandora.net/xangui/<br />
  9. 9. Offline…<br />Sandboxie http://www.sandboxie.com/index.php?DownloadSandboxie<br />Autovin http://autovin.pandasecurity.my/<br />IDefenseLabs SysAnalyzer http://labs.idefense.com/software/<br />MandiantMemoryze, Red Curtain http://www.mandiant.com/products/free_software<br /> <br />
  10. 10. Additional Tools…<br />Buster Sandbox Analyzer http://bsa.isoftware.nl/<br />Malware Analyser 2.8 : http://code.google.com/p/malwareanalyzer/<br />
  11. 11. Lets check…<br />
  12. 12. Thank you…Q&A ????<br />

×