TxBox: Building Secure, Efficient Sandboxes with System Transactions

Abstract

TxBox is a new system for sand boxing untrusted applications. It speculatively executes the application in a system transaction, allowing security checks to be parallelized and yielding significant performance gains for techniques such as on-access anti-virus scanning. TxBox is not vulnerable to TOCTTOU attacks and incorrect mirroring of kernel state. Furthermore, TxBox supports automatic recovery: if a violation is detected, the sand boxed program is terminated and all of its effects on the host are rolled back. This enables effective enforcement of security policies that span multiple system calls.

DOI: 10.1109/SP.2011.33
View Slides

Extracted Key Phrases

14 Figures and Tables

Cite this paper

@article{Jana2011TxBoxBS, title={TxBox: Building Secure, Efficient Sandboxes with System Transactions}, author={Suman Jana and Donald E. Porter and Vitaly Shmatikov}, journal={2011 IEEE Symposium on Security and Privacy}, year={2011}, pages={329-344} }