Secure Mobile Code Execution Service

Mobile code refers to programs that come into a host computer over the network and start to execute with or without a user's knowledge or consent. Because these programs run in the execution context of the user that downloads them, they can issue any system calls that the user is allowed to make, and thus pose a serious security threat when they are malicious. Although many solutions have been proposed to solve the malicious mobile code problem, none of them are truly effective at striking a good balance between defeating zero-day attacks and minimizing disruption to the execution of legitimate applications.

This paper describes a commercial system called SEES that secures the execution of mobile code that comes into a host computer as an email attachment or as a web document downloaded through an anchor link by running them on a separate guinea pig machine rather than on the user machine. Effectively, it takes an isolation approach to the secure mobile code execution problem. As a result, SEES guarantees that no malicious email attachments or web documents that act on behalf of the user that downloads them, can damage the resources of the user machine, or can leak any confidential information. In particular, even zero-day virus cannot cause any harms. We present the design, implementation and evaluation of SEES on the Windows platform, and contrast it with other existing approaches to the same problem.