Abstract—TXBOX is a new system for sandboxing untrusted applications. It speculatively executes the application in a system transaction, allowing security checks to be parallelized and yielding significant performance gains for techniques such as on-access anti-virus scanning. TXBOX is not vulnerable to TOCTTOU attacks and incorrect mirroring of kernel state. Furthermore, TXBOX supports automatic recovery: if a violation is detected, the sandboxed program is terminated and all of its effects on the host are rolled back. This enables effective enforcement of security policies that span multiple system calls. I
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.