Dynamic Sandboxing

Hajime Inoue, Postdoctoral Fellow, School of Computer Science, Carlton University, Canada

Applications written in ``safe'' languages and run on virtual machines (VMs), like Java and C\#, have become increasingly important. Often invisible to users, these program constitute important and security sensitive parts of complex enterprise and server-level applications. Applications written in safe languages are immune from many of the common attacks aimed at applications written in languages like C. They do suffer, however, from other vulnerabilities. I describe the three main classes of vulnerabilities and then how we use anomaly detection and the extra information available in VM hosted languages to detect and prevent exploitation of these vulnerabilities.