Magnesium Object Manager Sandbox, A More Effective Sandbox Method for Windows 7

Author

Martin A. Gilligan

Date of Award

3-22-2012

Document Type

Thesis

Degree Name

Master of Science

Department

Department of Electrical and Computer Engineering

First Advisor

Jeffrey W. Humphries, PhD.

Abstract

A major issue in computer security is limiting the affects a program can have on a computer. One way is to place the program into a sandbox, a limited environment. Many attempts have been made to create a sandbox that maintains the usability of a program and effectively limits the effects of the program. Sandboxes that limit the resources programs can access, have succeeded. To test the effectiveness of a sandbox that limits the resources a program can access on Windows 7, the Magnesium Object Manager Sandbox (MOMS) is created. MOMS uses a kernel mode Windows component to monitor and limit the access rights to every resource. Based on the performance data of a set of test programs, running with and without MOMS, and with different hardware configurations, the hardware configuration and MOMS has an impact to performance a normal user probably will not notice. For the exploits run against two of the test programs, none of the associated payloads successfully ran. While these tests are promising, they are limited in scope and further testing is required to increase their scope. Furthermore, based on analysis of MOMS, vulnerabilities exist, but they are straightforward to fix with further development.

AFIT Designator

AFIT-GCE-ENG-12-05

DTIC Accession Number

ADA557377

Recommended Citation

Gilligan, Martin A., "Magnesium Object Manager Sandbox, A More Effective Sandbox Method for Windows 7" (2012). Theses and Dissertations. 1111.
https://scholar.afit.edu/etd/1111