A Sandbox Designed on User-level Virtualization Platform
- DOI
- 10.2991/csic-15.2015.44How to use a DOI?
- Keywords
- Sandbox, Dune, Hardware support, API interception, Information security
- Abstract
Network has been widely applied in all aspects of life with time. Spread of malicious programs and harm thereof are also gradually increased with network. Sandbox provides high isolation environment for operation of suspicious program, thereby detecting malicious code effectively. However, there are some problems and disadvantages in sandboxes which are popular at present. Therefore, we establish a sandbox on user-level virtualization platform, which is called Dune[1]. The so-called user-level virtualization refers to a virtualization platform capable for providing direct and safe privileged operation for application programs. It is called Dune[1]. Compared with VMM [2] which provides support for operation system, Dune is more compact and lightweight. Meanwhile, sandbox, as an application program, is operated under dune, which can be operated under privileged mode by the aid of VT-x[3]. Privileged operation can be provided directly and safely, mode switch can be reduced compared with sandbox in the application layer in the aspect of intercepting API calls[4]. Experimental results showed that dune-based sandbox can guarantee higher performance on the basis of smaller scale.
- Copyright
- © 2015, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Jin Xie PY - 2015/07 DA - 2015/07 TI - A Sandbox Designed on User-level Virtualization Platform BT - Proceedings of the 2015 International Conference on Computer Science and Intelligent Communication PB - Atlantis Press SP - 183 EP - 187 SN - 2352-538X UR - https://doi.org/10.2991/csic-15.2015.44 DO - 10.2991/csic-15.2015.44 ID - Xie2015/07 ER -