Basic theory in Sandboxing

As malware became more sophisticated, we needed more technology that would allow us to analyze malware easily without compromising our system. One such technology that can be used is sandboxing. Sandboxing has a wide and various explanation among IT people. For a reference, you can see the explanation from Wikipedia at http://en.wikipedia.org/wiki/Sandbox_(computer_security). In specific terminology (computer security), sandboxing is a technique for isolating a program (in this case, malware) by providing confined execution environments, which can be used for running unreliable programs from the main environment. To give a clear explanation about sandboxing technology, let's imagine a sandbox or sandpit playground for ...

Get Cuckoo Malware Analysis now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.