Secure Execution of Java Applets Using a Remote Playground
IEEE Transactions on Software Engineering
Intrusion confinement by isolation in information systems
Journal of Computer Security - Special issue on database security
Safe Virtual Execution Using Software Dynamic Translation
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Spout: A Transparent Distributed Execution Engine for Java Applets
ICDCS '00 Proceedings of the The 20th International Conference on Distributed Computing Systems ( ICDCS 2000)
When Virtual Is Better Than Real
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Isolated Program Execution: An Application Transparent Approach for Executing Untrusted Programs
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Denali: a scalable isolation kernel
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
A comparison of software and hardware techniques for x86 virtualization
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
QEMU, a fast and portable dynamic translator
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
MAPbox: using parameterized behavior classes to confine untrusted applications
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
VMM-independent graphics acceleration
Proceedings of the 3rd international conference on Virtual execution environments
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A user-mode port of the linux kernel
ALS'00 Proceedings of the 4th annual Linux Showcase & Conference - Volume 4
Internet-based Virtual Computing Environment: Beyond the data center as a computer
Future Generation Computer Systems
Hi-index | 0.00 |
In this paper, we present a new approach called Secure Virtual Execution Environment (SVEE) which enables users to "try out" untrusted software without the fear of damaging the system in any manner. A key feature of SVEE is that it implements the OS isolation by executing untrusted code in a hosted virtual machine. Another key feature is that SVEE faithfully reproduces the behavior of applications, as if they were running natively on the underlying host OS. SVEE also provides a convenient way to compare the changes within SVEE and host OS. Referring to these comparison results, users can make a decision to commit these changes or not. With these powerful characteristics, SVEE supports a wide range of tasks, including the study of malicious code, controlled execution of untrusted software and so on. This paper focuses on the execution model of SVEE and the security evaluation for this model.