CISPA
Browse
paper43.pdf (159.27 kB)

Mining Sandboxes for Security - Automatisches Sandboxing für Software-Sicherheit.

Download (159.27 kB)
conference contribution
posted on 2024-05-03, 12:44 authored by Konrad Jamrozik, Andreas ZellerAndreas Zeller
We present sandbox mining, a technique to confine an application to resources accessed during automatic testing. Sandbox mining first explores software behavior by means of automatic test generation, and extracts the set of resources accessed during these tests. This set is then used as a sandbox, blocking access to resources not used during testing. The mined sandbox thus protects against behavior changes such as the activation of latent malware, infections, targeted attacks, or malicious updates. The use of test generation makes sandbox mining a fully automatic process that can be run by vendors and end users alike. Our BOXMATE prototype requires less than one hour to extract a sandbox from an Android app, with few to no confirmations required for frequently used functionality.

History

Editor

Jürjens J ; Schneider K

Primary Research Area

  • Threat Detection and Defenses

Name of Conference

Software Engineering (SE)

Journal

Software Engineering

Volume

P-267

Page Range

111-112

Publisher

GI

BibTeX

@conference{Jamrozik:Zeller:2017, title = "Mining Sandboxes for Security - Automatisches Sandboxing für Software-Sicherheit.", author = "Jamrozik, Konrad" AND "Zeller, Andreas", editor = "Jürjens, Jan" AND "Schneider, Kurt", year = 2017, month = 2, journal = "Software Engineering", pages = "111--112", publisher = "GI" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC