Yanlin Li, CyLab/Carnegie Mellon University; Jonathan McCune and James Newsome, CyLab/Carnegie Mellon University and Google, Inc.; Adrian Perrig, CyLab/Carnegie Mellon University; Brandon Baker and Will Drewry, Google, Inc.
Abstract:
This paper presents MiniBox, the first two-way sandbox for x86 native code, that not only protects a benign OS from a misbehaving application, but also protects an application from a malicious OS. MiniBox can be applied in Platform-as-a-Service cloud computing to provide two-way protection between a customer’s application and the cloud platform OS. We implement a Mini- Box prototype running on recent x86 multi-core systems from Intel or AMD, and we port several applications to MiniBox. Evaluation results show that MiniBox is efficient and practical.
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
BibTeX
@inproceedings {183975,
author = {Yanlin Li and Jonathan McCune and James Newsome and Adrian Perrig and Brandon Baker and Will Drewry},
title = {{MiniBox}: A {Two-Way} Sandbox for x86 Native Code},
booktitle = {2014 USENIX Annual Technical Conference (USENIX ATC 14)},
year = {2014},
isbn = {978-1-931971-10-2},
address = {Philadelphia, PA},
pages = {409--420},
url = {https://www.usenix.org/conference/atc14/technical-sessions/presentation/li_yanlin},
publisher = {USENIX Association},
month = jun
}
connect with us