Sandboxing creates confined execution environments that limit the level of access untrusted programs have. It works by implementing namespace isolation and access checks to control what resources programs can access. While sandboxing improves security, it also has limitations such as not providing enough or too much isolation, lack of portability, usability issues, and design/implementation failures. Popular online sandboxes for analyzing malware include Anubis and BitBlaze, while offline options include Sandboxie and Autovin.

1. Sandbox – Online, OfflineBy PushkarNull-The Open Secuirty Community

2. Sandbox…Sandbox may refer to:Limited, restricted environment for a specific purposeLitter box, an indoor box for cats to relieve themselvesSandpit or sandbox, a wide, shallow playground construction to hold sand often made of wood or plasticSandbox (railways), a container that holds sand for use in improving rail adhesion in slippery conditionsSandboxing is a popular technique for creating confined execution environments, which could be be used for running untrusted programs. A sandbox limits, or reduces, the level of access its applications have — it is a container

3. Sandbox…Sandbox (computer security), a virtual container in which untrusted programs can be safely runSandbox (software development), an online environment in which code or content changes can be tested without affecting the original systemSandbox Effect, in Google Internet search rankings

4. How it works…Basic two mechanism…Namespace isolation- agents are unable to manipulate resources that they cannot name. Access checks- discharge proof obligations of the form “agent A may manipulate resource R by method M“Intercepting System callsDeny the system call, Audit the system call's invocation, Pre- process the arguments, Post-process the result, Replace the system call's implementation

5. Limitations…Sandboxing implementations suffer from five broad kinds of limitation:too much isolationnot enough isolationnon-portabilitynon-usabilitydesign and implementation failures

6. Google Sandbox…Sandbox Effect,Technique that google uses to ran new website in its search resultsCheck whether it is a genuine or a spam website

7. Others…Wikipedia Sandboxhttp://en.wikipedia.org/wiki/Wikipedia:SandboxMySQL Sandboxhttp://en.wikipedia.org/wiki/Wikipedia:SandboxChromehttp://dev.chromium.org/developers/design-documents/sandbox.

8. Malware Analysis…OnlineAnubis http://anubis.iseclab.org/BitBlaze https://aerie.cs.berkeley.edu/Comodo Instant Malware Analysis http://camas.comodo.com/Eureka http://eureka.cyber-ta.org/JoeBox http://www.joebox.org/submit.phpNorman Sandbox http://www.norman.com/security_center/security_tools/submit_file/enSunbelt Sandbox: http://www.sunbeltsecurity.com/sandbox/ThreatExpert http://www.threatexpert.com/Xandora http://www.xandora.net/xangui/

9. Offline…Sandboxie http://www.sandboxie.com/index.php?DownloadSandboxieAutovin http://autovin.pandasecurity.my/IDefenseLabs SysAnalyzer http://labs.idefense.com/software/MandiantMemoryze, Red Curtain http://www.mandiant.com/products/free_software

10. Additional Tools…Buster Sandbox Analyzer http://bsa.isoftware.nl/Malware Analyser 2.8 : http://code.google.com/p/malwareanalyzer/

11. Lets check…

12. Thank you…Q&A ????