FlexBox

Sandboxing Internet servers based on layer-7 contexts

Ayumu Tanoue, Makoto Shimamura, Miyuki Hanaoka, Kenji Kono

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Internet servers are constantly exposed to malicious attacks launched remotely. Sandbox is a promising approach to reducing the damage caused by malicious attacks. A sandbox system provides a restricted environment for executing programs/codes from an Internet server, in which the accessible resources are limited to those required for legal execution. However, traditional sandbox systems are not suitable for preventing sensitive files, legally accessed by Internet servers, from being leaked or tampered. A sandbox system must permit access to sensitive files if the sandboxed server requires access to them. This paper presents FlexBox, a novel sandbox system that reduces the possibility of leaking or tampering with sensitive files accessed by Internet servers. The key observation is that Internet servers typically have several execution states, each of which requires different access rights to resources such as files, especially sensitive files that are usually accessed only in a few execution states. Therefore, if FlexBox dynamically changes a set of accessible files according to servers' execution states, it is expected to dramatically reduce the possibility of information leakage/tampering. To obtain the execution states of Internet servers, FlexBox exploits the layer-7 contexts of Internet servers, i.e., it monitors the network messages exchanged between the server and clients. We demonstrate that FlexBox can be applied to several real Internet servers and the overhead from FlexBox is reasonably low.

Original languageEnglish
Title of host publicationProceedings - IEEE Symposium on Computers and Communications
Pages386-391
Number of pages6
DOIs
Publication statusPublished - 2008
Event13th IEEE Symposium on Computers and Communications, ISCC 2008 - Marrakech, Morocco
Duration: 2008 Jul 62008 Jul 9

Other

Other13th IEEE Symposium on Computers and Communications, ISCC 2008
CountryMorocco
CityMarrakech
Period08/7/608/7/9

Fingerprint

Servers
Server
Internet
Context
Attack
Computer monitors
Resources
Computer networks
Leakage
Monitor
Damage
Demonstrate

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Software
  • Mathematics(all)
  • Signal Processing

Cite this

Tanoue, A., Shimamura, M., Hanaoka, M., & Kono, K. (2008). FlexBox: Sandboxing Internet servers based on layer-7 contexts. In Proceedings - IEEE Symposium on Computers and Communications (pp. 386-391). [4625645] https://doi.org/10.1109/ISCC.2008.4625645

FlexBox : Sandboxing Internet servers based on layer-7 contexts. / Tanoue, Ayumu; Shimamura, Makoto; Hanaoka, Miyuki; Kono, Kenji.

Proceedings - IEEE Symposium on Computers and Communications. 2008. p. 386-391 4625645.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Tanoue, A, Shimamura, M, Hanaoka, M & Kono, K 2008, FlexBox: Sandboxing Internet servers based on layer-7 contexts. in Proceedings - IEEE Symposium on Computers and Communications., 4625645, pp. 386-391, 13th IEEE Symposium on Computers and Communications, ISCC 2008, Marrakech, Morocco, 08/7/6. https://doi.org/10.1109/ISCC.2008.4625645
Tanoue A, Shimamura M, Hanaoka M, Kono K. FlexBox: Sandboxing Internet servers based on layer-7 contexts. In Proceedings - IEEE Symposium on Computers and Communications. 2008. p. 386-391. 4625645 https://doi.org/10.1109/ISCC.2008.4625645
Tanoue, Ayumu ; Shimamura, Makoto ; Hanaoka, Miyuki ; Kono, Kenji. / FlexBox : Sandboxing Internet servers based on layer-7 contexts. Proceedings - IEEE Symposium on Computers and Communications. 2008. pp. 386-391
@inproceedings{9d2581adc3ee4ca6bbdd0bbb076d9e92,
title = "FlexBox: Sandboxing Internet servers based on layer-7 contexts",
abstract = "Internet servers are constantly exposed to malicious attacks launched remotely. Sandbox is a promising approach to reducing the damage caused by malicious attacks. A sandbox system provides a restricted environment for executing programs/codes from an Internet server, in which the accessible resources are limited to those required for legal execution. However, traditional sandbox systems are not suitable for preventing sensitive files, legally accessed by Internet servers, from being leaked or tampered. A sandbox system must permit access to sensitive files if the sandboxed server requires access to them. This paper presents FlexBox, a novel sandbox system that reduces the possibility of leaking or tampering with sensitive files accessed by Internet servers. The key observation is that Internet servers typically have several execution states, each of which requires different access rights to resources such as files, especially sensitive files that are usually accessed only in a few execution states. Therefore, if FlexBox dynamically changes a set of accessible files according to servers' execution states, it is expected to dramatically reduce the possibility of information leakage/tampering. To obtain the execution states of Internet servers, FlexBox exploits the layer-7 contexts of Internet servers, i.e., it monitors the network messages exchanged between the server and clients. We demonstrate that FlexBox can be applied to several real Internet servers and the overhead from FlexBox is reasonably low.",
author = "Ayumu Tanoue and Makoto Shimamura and Miyuki Hanaoka and Kenji Kono",
year = "2008",
doi = "10.1109/ISCC.2008.4625645",
language = "English",
isbn = "9781424427031",
pages = "386--391",
booktitle = "Proceedings - IEEE Symposium on Computers and Communications",

}

TY - GEN

T1 - FlexBox

T2 - Sandboxing Internet servers based on layer-7 contexts

AU - Tanoue, Ayumu

AU - Shimamura, Makoto

AU - Hanaoka, Miyuki

AU - Kono, Kenji

PY - 2008

Y1 - 2008

N2 - Internet servers are constantly exposed to malicious attacks launched remotely. Sandbox is a promising approach to reducing the damage caused by malicious attacks. A sandbox system provides a restricted environment for executing programs/codes from an Internet server, in which the accessible resources are limited to those required for legal execution. However, traditional sandbox systems are not suitable for preventing sensitive files, legally accessed by Internet servers, from being leaked or tampered. A sandbox system must permit access to sensitive files if the sandboxed server requires access to them. This paper presents FlexBox, a novel sandbox system that reduces the possibility of leaking or tampering with sensitive files accessed by Internet servers. The key observation is that Internet servers typically have several execution states, each of which requires different access rights to resources such as files, especially sensitive files that are usually accessed only in a few execution states. Therefore, if FlexBox dynamically changes a set of accessible files according to servers' execution states, it is expected to dramatically reduce the possibility of information leakage/tampering. To obtain the execution states of Internet servers, FlexBox exploits the layer-7 contexts of Internet servers, i.e., it monitors the network messages exchanged between the server and clients. We demonstrate that FlexBox can be applied to several real Internet servers and the overhead from FlexBox is reasonably low.

AB - Internet servers are constantly exposed to malicious attacks launched remotely. Sandbox is a promising approach to reducing the damage caused by malicious attacks. A sandbox system provides a restricted environment for executing programs/codes from an Internet server, in which the accessible resources are limited to those required for legal execution. However, traditional sandbox systems are not suitable for preventing sensitive files, legally accessed by Internet servers, from being leaked or tampered. A sandbox system must permit access to sensitive files if the sandboxed server requires access to them. This paper presents FlexBox, a novel sandbox system that reduces the possibility of leaking or tampering with sensitive files accessed by Internet servers. The key observation is that Internet servers typically have several execution states, each of which requires different access rights to resources such as files, especially sensitive files that are usually accessed only in a few execution states. Therefore, if FlexBox dynamically changes a set of accessible files according to servers' execution states, it is expected to dramatically reduce the possibility of information leakage/tampering. To obtain the execution states of Internet servers, FlexBox exploits the layer-7 contexts of Internet servers, i.e., it monitors the network messages exchanged between the server and clients. We demonstrate that FlexBox can be applied to several real Internet servers and the overhead from FlexBox is reasonably low.

UR - http://www.scopus.com/inward/record.url?scp=55849106343&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=55849106343&partnerID=8YFLogxK

U2 - 10.1109/ISCC.2008.4625645

DO - 10.1109/ISCC.2008.4625645

M3 - Conference contribution

SN - 9781424427031

SP - 386

EP - 391

BT - Proceedings - IEEE Symposium on Computers and Communications

ER -