Sandboxing and Virtualization: Modern Tools for Combating Malware

Malware is probably the most significant computer security threat to enterprises and businesses alike. To address the exposure gap left by antivirus products, an emerging category of desktop security products that use application-level sandboxing attempts to address malware threats by containing their malicious behavior. High profile applications that now employ sandboxing include the Google Chrome browser, Internet Explorer Protect Mode, and Adobe Reader X. Partial virtualization techniques usually involve a combination of privilege restrictions by user ac counts and a virtual file system. Other terms for this approach include lightweight virtualiza tion, OS virtualization, process virtualization, and process confinement. Full virtualization techniquesare also called hardware virtu alization because the hardware layer and resources, including de vice drivers, are virtualized for a "guest" OS by a hypervisor layer.Utilizing hardware virtualization based techniques, a malware pro tection solution runs the target application in its own OS in a virtual machine.