Sciweavers

IPPS
2005
IEEE

Speculative Security Checks in Sandboxing Systems

14 years 6 months ago
Speculative Security Checks in Sandboxing Systems
Sandboxing systems are extremely useful for secure execution of untrusted applications. Many of the sandboxing systems proposed so far provide security by intercepting system calls invoked by an application and controlling their execution. However, a problem in existing sandboxing systems is the amount of overhead required for security checks performed after system call interceptions. In this paper, we propose a sandboxing system that executes speculative security checks. The proposed system predicts the behavior of a sandboxed application and executes speculative security checks in parallel with the application, thus reducing the overhead. Behavior is predicted based on system call profiles in past executions of the application. We implemented the system on Linux and made a preliminary evaluation.
Yoshihiro Oyama, Koichi Onoue, Akinori Yonezawa
Added 25 Jun 2010
Updated 25 Jun 2010
Type Conference
Year 2005
Where IPPS
Authors Yoshihiro Oyama, Koichi Onoue, Akinori Yonezawa
Comments (0)