English
Related papers

Related papers: Threadbox: Sandboxing for Modular Security

200 papers

Sandboxing restricts what applications do, and prevents exploited processes being abused; yet relatively few applications get sandboxed: why? We report a usability trial with 7 experienced Seccomp developers exploring how they approached…

Operating Systems · Computer Science 2025-06-13 Maysara Alhindi , Joseph Hallett

Malware sandboxes provide many benefits for security applications, but they are complex. These complexities can overwhelm new users in different research areas and make it difficult to select, configure, and use sandboxes. Even worse,…

Sandboxing mechanisms allow developers to limit how much access applications have to resources, following the least-privilege principle. However, it's not clear how much and in what ways developers are using these mechanisms. This study…

Software Engineering · Computer Science 2024-05-14 Maysara Alhindi , Joseph Hallett

Software transactional memory implementations which allow transactions to work on inconsistent states of shared data, risk to cause application visible errors such as memory access violations or endless loops. Hence, many implementations…

Distributed, Parallel, and Cluster Computing · Computer Science 2014-09-23 Holger Machens

The increasing availability of cloud computing and scientific super computers brings great potential for making R accessible through public or shared resources. This allows us to efficiently run code requiring lots of cycles and memory, or…

Cryptography and Security · Computer Science 2014-02-05 Jeroen Ooms

A container is a group of processes isolated from other groups via distinct kernel namespaces and resource allocation quota. Attacks against containers often leverage kernel exploits through system call interface. In this paper, we present…

Cryptography and Security · Computer Science 2017-12-18 Zhiyuan Wan , David Lo , Xin Xia , Liang Cai , Shanping Li

Spectre attacks enable an attacker to access restricted data in an application's memory. Both the academic community and industry veterans have developed several mitigations to block Spectre attacks, but to date, very few have been formally…

Cryptography and Security · Computer Science 2022-08-03 Sunjay Cauligi , Marco Guarnieri , Daniel Moghimi , Deian Stefan , Marco Vassena

An established trend in software engineering insists on using components (sometimes also called services or packages) to encapsulate a set of related functionalities or data. By defining interfaces specifying what functionalities they…

Software Engineering · Computer Science 2015-07-29 Daniel Ricardo dos Santos , Silvio Ranise , Serena Elisa Ponta

This paper details our journey in designing and selecting a suitable application sandboxing mechanism for a satellite under development, with a focus on small satellites. Central to our study is the development of selection criteria for…

Cryptography and Security · Computer Science 2024-04-08 Gabriele Marra , Ulysse Planta , Philipp Wüstenberg , Ali Abbasi

With almost daily improvements in capabilities of artificial intelligence it is more important than ever to develop safety software for use by the AI research community. Building on our previous work on AI Containment Problem we propose a…

Artificial Intelligence · Computer Science 2017-07-27 James Babcock , Janos Kramar , Roman V. Yampolskiy

We introduce a new mechanism to securely extend systems data collection software with potentially untrusted third-party code. Unlike existing tools which run extension modules or plugins directly inside the monitored endpoint (the guest),…

Cryptography and Security · Computer Science 2021-11-11 Sahil Suneja , Canturk Isci

The ability to analyze network threats is very important in security research. Traditional approaches, involving sandboxing technology are limited to simulating a single host, missing local network attacks. This issue is addressed by…

Cryptography and Security · Computer Science 2020-07-17 Francisc Moldovan , Ciprian Oprisa

Like many desktop operating systems in the 1990s, Android is now in the process of including support for multi-user scenarios. Because these scenarios introduce new threats to the system, we should have an understanding of how well the…

Cryptography and Security · Computer Science 2014-10-29 Paul Ratazzi , Yousra Aafer , Amit Ahlawat , Hao Hao , Yifei Wang , Wenliang Du

This work addresses classification of unknown binaries executed in sandbox by modeling their interaction with system resources (files, mutexes, registry keys and communication with servers over the network) and error messages provided by…

Cryptography and Security · Computer Science 2017-05-08 Jan Stiborek , Tomáš Pevný , Martin Rehák

Security-sensitive applications that execute untrusted code often check the code's integrity by comparing its syntax to a known good value or sandbox the code to contain its effects. System M is a new program logic for reasoning about such…

Cryptography and Security · Computer Science 2015-01-26 Limin Jia , Shayak Sen , Deepak Garg , Anupam Datta

Autonomic computing has been proposed recently as a way to address the difficult management of applications whose complexity is constantly increasing. Autonomous applications will have to be especially flexible and be able to monitor…

Networking and Internet Architecture · Computer Science 2009-09-29 Simon Patarin , Mesaac Makpangou

The widening availability of hardware-based trusted execution environments (TEEs) has been accelerating the adaptation of new applications using TEEs. Recent studies showed that a cloud application consists of multiple distributed software…

Cryptography and Security · Computer Science 2022-12-23 Joongun Park , Seunghyo Kang , Sanghyeon Lee , Taehoon Kim , Jongse Park , Youngjin Kwon , Jaehyuk Huh

AI agents increasingly run untrusted code on developer machines: shell commands generated by language models, third-party scripts retrieved at runtime, and tool plugins of unknown provenance. Existing isolation mechanisms impose tradeoffs…

Cryptography and Security · Computer Science 2026-05-27 Cong Wang , Yusheng Zheng

Recent proliferation of embedded systems has generated a bold new paradigm, known as open embedded systems. While traditional embedded systems provide only closed base applications (natively-installed software) to users, open embedded…

Distributed, Parallel, and Cluster Computing · Computer Science 2010-06-30 Hiroaki Inoue

Lockstep processing is a recognized technique for helping to secure functional-safety relevant processing against, for instance, single upset errors that might cause faulty execution of code. Lockstepping processors does however bind…

Hardware Architecture · Computer Science 2021-07-20 Hans Dermot Doran , Timo Lang
‹ Prev 1 2 3 10 Next ›