SlideShare a Scribd company logo

Sandbox – Online, Offline

Download as PPTX, PDF
P
Pushkar Pashupat
Education
1 of 12
Sandbox – Online, Offline By Pushkar Null-The Open Secuirty Community
Sandbox… Sandbox may refer to: Limited, restricted environment for a specific purpose Litter box, an indoor box for cats to relieve themselves Sandpit or sandbox, a wide, shallow playground construction to hold sand often made of wood or plastic Sandbox (railways), a container that holds sand for use in improving rail adhesion in slippery conditions Sandboxing is a popular technique for creating confined execution environments, which could be be used for running untrusted programs. A sandbox limits, or reduces, the level of access its applications have — it is a container
Sandbox… Sandbox (computer security), a virtual container in which untrusted programs can be safely run Sandbox (software development), an online environment in which code or content changes can be tested without affecting the original system Sandbox Effect, in Google Internet search rankings
How it works… Basic two mechanism… Namespace isolation - agents are unable to manipulate resources that they cannot name. Access checks - discharge proof obligations of the form “agent A may manipulate resource R by method M“ Intercepting System calls Deny the system call, Audit the system call's invocation, Pre- process the arguments, Post-process the result, Replace the system call's implementation
Limitations… Sandboxing implementations suffer from five broad kinds of limitation: too much isolation not enough isolation non-portability non-usability design and implementation failures
Google Sandbox… Sandbox Effect, Technique that google uses to ran new website in its search results Check whether it is a genuine or a spam website
Others… Wikipedia Sandbox http://en.wikipedia.org/wiki/Wikipedia:Sandbox MySQL Sandbox http://en.wikipedia.org/wiki/Wikipedia:Sandbox Chrome http://dev.chromium.org/developers/design-documents/sandbox.
Malware Analysis… Online Anubis http://anubis.iseclab.org/ BitBlaze https://aerie.cs.berkeley.edu/ Comodo Instant Malware Analysis  http://camas.comodo.com/ Eureka http://eureka.cyber-ta.org/ JoeBox http://www.joebox.org/submit.php Norman Sandbox  http://www.norman.com/security_center/security_tools/submit_file/en Sunbelt Sandbox:  http://www.sunbeltsecurity.com/sandbox/ ThreatExpert http://www.threatexpert.com/ Xandora http://www.xandora.net/xangui/
Offline… Sandboxie http://www.sandboxie.com/index.php?DownloadSandboxie Autovin http://autovin.pandasecurity.my/ IDefenseLabs SysAnalyzer http://labs.idefense.com/software/ MandiantMemoryze, Red Curtain http://www.mandiant.com/products/free_software  
Additional Tools… Buster Sandbox Analyzer http://bsa.isoftware.nl/ Malware Analyser 2.8 : http://code.google.com/p/malwareanalyzer/
Lets check…
Thank you…Q&A ????

Recommended

Overview of linux kernel development
Overview of linux kernel developmentOverview of linux kernel development
Overview of linux kernel developmentPushkar Pashupat
 
Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014n|u - The Open Security Community
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingPushkar Pashupat
 
Sandboxing - Malware detection.pptx
Sandboxing - Malware detection.pptxSandboxing - Malware detection.pptx
Sandboxing - Malware detection.pptxArshadFarhad4
 
Modern sandbox escaping techniques
Modern sandbox escaping techniquesModern sandbox escaping techniques
Modern sandbox escaping techniquesMohsen Tahmasebi
 
Enabling Worm and Malware Investigation Using Virtualization
Enabling Worm and Malware Investigation Using VirtualizationEnabling Worm and Malware Investigation Using Virtualization
Enabling Worm and Malware Investigation Using Virtualizationamiable_indian
 
Sandbox Technology in AntiVirus
Sandbox Technology in AntiVirusSandbox Technology in AntiVirus
Sandbox Technology in AntiVirusAshish Gautam
 
Advanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA EnvironmentsAdvanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA EnvironmentsLondon School of Cyber Security
 

Recommended

Overview of linux kernel development
Overview of linux kernel developmentOverview of linux kernel development
Overview of linux kernel developmentPushkar Pashupat
 
Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014n|u - The Open Security Community
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingPushkar Pashupat
 
Sandboxing - Malware detection.pptx
Sandboxing - Malware detection.pptxSandboxing - Malware detection.pptx
Sandboxing - Malware detection.pptxArshadFarhad4
 
Modern sandbox escaping techniques
Modern sandbox escaping techniquesModern sandbox escaping techniques
Modern sandbox escaping techniquesMohsen Tahmasebi
 
Enabling Worm and Malware Investigation Using Virtualization
Enabling Worm and Malware Investigation Using VirtualizationEnabling Worm and Malware Investigation Using Virtualization
Enabling Worm and Malware Investigation Using Virtualizationamiable_indian
 
Sandbox Technology in AntiVirus
Sandbox Technology in AntiVirusSandbox Technology in AntiVirus
Sandbox Technology in AntiVirusAshish Gautam
 
Advanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA EnvironmentsAdvanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA EnvironmentsLondon School of Cyber Security
 
Phu appsec13
Phu appsec13Phu appsec13
Phu appsec13drewz lin
 
Containers for sensor web services, applications and research @ Sensor Web Co...
Containers for sensor web services, applications and research @ Sensor Web Co...Containers for sensor web services, applications and research @ Sensor Web Co...
Containers for sensor web services, applications and research @ Sensor Web Co...Daniel Nüst
 
Red Team: Emulating Advanced Adversaries in Cyberspace
Red Team: Emulating Advanced Adversaries in CyberspaceRed Team: Emulating Advanced Adversaries in Cyberspace
Red Team: Emulating Advanced Adversaries in CyberspaceDon Anto
 
Securing the Socks Shop
Securing the Socks ShopSecuring the Socks Shop
Securing the Socks ShopJason Smith
 
Practical Occlusion Culling in Killzone 3
Practical Occlusion Culling in Killzone 3Practical Occlusion Culling in Killzone 3
Practical Occlusion Culling in Killzone 3Guerrilla
 
Countering Innovative Sandbox Evasion Techniques Used by Malware
Countering Innovative Sandbox Evasion Techniques Used by MalwareCountering Innovative Sandbox Evasion Techniques Used by Malware
Countering Innovative Sandbox Evasion Techniques Used by MalwareTyler Borosavage
 
Automated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security IntelligenceAutomated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security IntelligenceJason Choi
 
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]Alex Pruden
 
Attack Chaining: Advanced Maneuvers for Hack Fu
Attack Chaining: Advanced Maneuvers for Hack FuAttack Chaining: Advanced Maneuvers for Hack Fu
Attack Chaining: Advanced Maneuvers for Hack FuRob Ragan
 
Cloud Computing Bootcamp On The Google App Engine v1.2.1
Cloud Computing Bootcamp On The Google App Engine v1.2.1Cloud Computing Bootcamp On The Google App Engine v1.2.1
Cloud Computing Bootcamp On The Google App Engine v1.2.1Matthew McCullough
 
Meder Kydyraliev - Mining Mach Services within OS X Sandbox
Meder Kydyraliev - Mining Mach Services within OS X SandboxMeder Kydyraliev - Mining Mach Services within OS X Sandbox
Meder Kydyraliev - Mining Mach Services within OS X SandboxDefconRussia
 
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainOSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainInfosecTrain
 
Analisis Estatico y de Comportamiento de un Binario Malicioso
Analisis Estatico y de Comportamiento de un Binario MaliciosoAnalisis Estatico y de Comportamiento de un Binario Malicioso
Analisis Estatico y de Comportamiento de un Binario MaliciosoConferencias FIST
 
Google chrome sandbox
Google chrome sandboxGoogle chrome sandbox
Google chrome sandboxNephi Johnson
 
Penetration testing, What’s this?
Penetration testing, What’s this?Penetration testing, What’s this?
Penetration testing, What’s this?Dmitry Evteev
 
Isys20261 lecture 14
Isys20261 lecture 14Isys20261 lecture 14
Isys20261 lecture 14Wiliam Ferraciolli
 
B875.pptx
B875.pptxB875.pptx
B875.pptxMarcoTrujillo29
 
Project Penetration Testing Report(20 Points)Scenario.docx
Project Penetration Testing Report(20 Points)Scenario.docxProject Penetration Testing Report(20 Points)Scenario.docx
Project Penetration Testing Report(20 Points)Scenario.docxsimonlbentley59018
 
Pen test methodology
Pen test methodologyPen test methodology
Pen test methodologyCahyo Darujati
 
Docker practical solutions
Docker practical solutionsDocker practical solutions
Docker practical solutionsKesav Kumar Kolla
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 

More Related Content

Similar to Sandbox – Online, Offline

Phu appsec13
Phu appsec13Phu appsec13
Phu appsec13drewz lin
 
Containers for sensor web services, applications and research @ Sensor Web Co...
Containers for sensor web services, applications and research @ Sensor Web Co...Containers for sensor web services, applications and research @ Sensor Web Co...
Containers for sensor web services, applications and research @ Sensor Web Co...Daniel Nüst
 
Red Team: Emulating Advanced Adversaries in Cyberspace
Red Team: Emulating Advanced Adversaries in CyberspaceRed Team: Emulating Advanced Adversaries in Cyberspace
Red Team: Emulating Advanced Adversaries in CyberspaceDon Anto
 
Securing the Socks Shop
Securing the Socks ShopSecuring the Socks Shop
Securing the Socks ShopJason Smith
 
Practical Occlusion Culling in Killzone 3
Practical Occlusion Culling in Killzone 3Practical Occlusion Culling in Killzone 3
Practical Occlusion Culling in Killzone 3Guerrilla
 
Countering Innovative Sandbox Evasion Techniques Used by Malware
Countering Innovative Sandbox Evasion Techniques Used by MalwareCountering Innovative Sandbox Evasion Techniques Used by Malware
Countering Innovative Sandbox Evasion Techniques Used by MalwareTyler Borosavage
 
Automated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security IntelligenceAutomated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security IntelligenceJason Choi
 
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]Alex Pruden
 
Attack Chaining: Advanced Maneuvers for Hack Fu
Attack Chaining: Advanced Maneuvers for Hack FuAttack Chaining: Advanced Maneuvers for Hack Fu
Attack Chaining: Advanced Maneuvers for Hack FuRob Ragan
 
Cloud Computing Bootcamp On The Google App Engine v1.2.1
Cloud Computing Bootcamp On The Google App Engine v1.2.1Cloud Computing Bootcamp On The Google App Engine v1.2.1
Cloud Computing Bootcamp On The Google App Engine v1.2.1Matthew McCullough
 
Meder Kydyraliev - Mining Mach Services within OS X Sandbox
Meder Kydyraliev - Mining Mach Services within OS X SandboxMeder Kydyraliev - Mining Mach Services within OS X Sandbox
Meder Kydyraliev - Mining Mach Services within OS X SandboxDefconRussia
 
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainOSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainInfosecTrain
 
Analisis Estatico y de Comportamiento de un Binario Malicioso
Analisis Estatico y de Comportamiento de un Binario MaliciosoAnalisis Estatico y de Comportamiento de un Binario Malicioso
Analisis Estatico y de Comportamiento de un Binario MaliciosoConferencias FIST
 
Google chrome sandbox
Google chrome sandboxGoogle chrome sandbox
Google chrome sandboxNephi Johnson
 
Penetration testing, What’s this?
Penetration testing, What’s this?Penetration testing, What’s this?
Penetration testing, What’s this?Dmitry Evteev
 
Project Penetration Testing Report(20 Points)Scenario.docx
Project Penetration Testing Report(20 Points)Scenario.docxProject Penetration Testing Report(20 Points)Scenario.docx
Project Penetration Testing Report(20 Points)Scenario.docxsimonlbentley59018
 

Similar to Sandbox – Online, Offline (20)

Phu appsec13
Phu appsec13Phu appsec13
Phu appsec13
 
Containers for sensor web services, applications and research @ Sensor Web Co...
Containers for sensor web services, applications and research @ Sensor Web Co...Containers for sensor web services, applications and research @ Sensor Web Co...
Containers for sensor web services, applications and research @ Sensor Web Co...
 
Red Team: Emulating Advanced Adversaries in Cyberspace
Red Team: Emulating Advanced Adversaries in CyberspaceRed Team: Emulating Advanced Adversaries in Cyberspace
Red Team: Emulating Advanced Adversaries in Cyberspace
 
Securing the Socks Shop
Securing the Socks ShopSecuring the Socks Shop
Securing the Socks Shop
 
Practical Occlusion Culling in Killzone 3
Practical Occlusion Culling in Killzone 3Practical Occlusion Culling in Killzone 3
Practical Occlusion Culling in Killzone 3
 
Countering Innovative Sandbox Evasion Techniques Used by Malware
Countering Innovative Sandbox Evasion Techniques Used by MalwareCountering Innovative Sandbox Evasion Techniques Used by Malware
Countering Innovative Sandbox Evasion Techniques Used by Malware
 
Automated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security IntelligenceAutomated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security Intelligence
 
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
 
Attack Chaining: Advanced Maneuvers for Hack Fu
Attack Chaining: Advanced Maneuvers for Hack FuAttack Chaining: Advanced Maneuvers for Hack Fu
Attack Chaining: Advanced Maneuvers for Hack Fu
 
Cloud Computing Bootcamp On The Google App Engine v1.2.1
Cloud Computing Bootcamp On The Google App Engine v1.2.1Cloud Computing Bootcamp On The Google App Engine v1.2.1
Cloud Computing Bootcamp On The Google App Engine v1.2.1
 
Meder Kydyraliev - Mining Mach Services within OS X Sandbox
Meder Kydyraliev - Mining Mach Services within OS X SandboxMeder Kydyraliev - Mining Mach Services within OS X Sandbox
Meder Kydyraliev - Mining Mach Services within OS X Sandbox
 
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainOSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ Infosectrain
 
Analisis Estatico y de Comportamiento de un Binario Malicioso
Analisis Estatico y de Comportamiento de un Binario MaliciosoAnalisis Estatico y de Comportamiento de un Binario Malicioso
Analisis Estatico y de Comportamiento de un Binario Malicioso
 
Google chrome sandbox
Google chrome sandboxGoogle chrome sandbox
Google chrome sandbox
 
Penetration testing, What’s this?
Penetration testing, What’s this?Penetration testing, What’s this?
Penetration testing, What’s this?
 
Isys20261 lecture 14
Isys20261 lecture 14Isys20261 lecture 14
Isys20261 lecture 14
 
B875.pptx
B875.pptxB875.pptx
B875.pptx
 
Project Penetration Testing Report(20 Points)Scenario.docx
Project Penetration Testing Report(20 Points)Scenario.docxProject Penetration Testing Report(20 Points)Scenario.docx
Project Penetration Testing Report(20 Points)Scenario.docx
 
Pen test methodology
Pen test methodologyPen test methodology
Pen test methodology
 
Docker practical solutions
Docker practical solutionsDocker practical solutions
Docker practical solutions
 

Recently uploaded

Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 

Recently uploaded (20)

Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 

Sandbox – Online, Offline

  • 1. Sandbox – Online, Offline By Pushkar Null-The Open Secuirty Community
  • 2. Sandbox… Sandbox may refer to: Limited, restricted environment for a specific purpose Litter box, an indoor box for cats to relieve themselves Sandpit or sandbox, a wide, shallow playground construction to hold sand often made of wood or plastic Sandbox (railways), a container that holds sand for use in improving rail adhesion in slippery conditions Sandboxing is a popular technique for creating confined execution environments, which could be be used for running untrusted programs. A sandbox limits, or reduces, the level of access its applications have — it is a container
  • 3. Sandbox… Sandbox (computer security), a virtual container in which untrusted programs can be safely run Sandbox (software development), an online environment in which code or content changes can be tested without affecting the original system Sandbox Effect, in Google Internet search rankings
  • 4. How it works… Basic two mechanism… Namespace isolation - agents are unable to manipulate resources that they cannot name. Access checks - discharge proof obligations of the form “agent A may manipulate resource R by method M“ Intercepting System calls Deny the system call, Audit the system call's invocation, Pre- process the arguments, Post-process the result, Replace the system call's implementation
  • 5. Limitations… Sandboxing implementations suffer from five broad kinds of limitation: too much isolation not enough isolation non-portability non-usability design and implementation failures
  • 6. Google Sandbox… Sandbox Effect, Technique that google uses to ran new website in its search results Check whether it is a genuine or a spam website
  • 7. Others… Wikipedia Sandbox http://en.wikipedia.org/wiki/Wikipedia:Sandbox MySQL Sandbox http://en.wikipedia.org/wiki/Wikipedia:Sandbox Chrome http://dev.chromium.org/developers/design-documents/sandbox.
  • 8. Malware Analysis… Online Anubis http://anubis.iseclab.org/ BitBlaze https://aerie.cs.berkeley.edu/ Comodo Instant Malware Analysis  http://camas.comodo.com/ Eureka http://eureka.cyber-ta.org/ JoeBox http://www.joebox.org/submit.php Norman Sandbox  http://www.norman.com/security_center/security_tools/submit_file/en Sunbelt Sandbox:  http://www.sunbeltsecurity.com/sandbox/ ThreatExpert http://www.threatexpert.com/ Xandora http://www.xandora.net/xangui/
  • 9. Offline… Sandboxie http://www.sandboxie.com/index.php?DownloadSandboxie Autovin http://autovin.pandasecurity.my/ IDefenseLabs SysAnalyzer http://labs.idefense.com/software/ MandiantMemoryze, Red Curtain http://www.mandiant.com/products/free_software  
  • 10. Additional Tools… Buster Sandbox Analyzer http://bsa.isoftware.nl/ Malware Analyser 2.8 : http://code.google.com/p/malwareanalyzer/