http://www.rstcorp.com/research/sandboxing.html -- Additional project information provided by the performing organization 

Quad Chart - PPT Format

Mobile code is quickly becoming the dominant computing paradigm in today's Internet-enabled environments. Any Internet-enabled environment, including civilian and military defense, business, and academic, is susceptible to threats posed by mobile code. Today, organizations have little protection against malicious mobile code. The objective of this project is to protect mobile code host software and host systems from malicious or misbehaving mobile code. In particular, we are focusing on protecting mobile code hosts from malicious active scripts, for which there currently exist no protection technology.

The approach is to effectively constrain the behavior of active scripts, such as Javascript, Jscript, and VBscript, such that they can perform their intended benign functions, but cannot otherwise corrupt the scripting host or the system. Currently, active scripting is often used in concert with other desktop applications to perpetrate malicious behavior and proliferate over Internet services. Our approach is to instrument the Active Scripting API on the Windows platform to protect the integrity of the host, while allowing active scripts to perform benign tasks. Our approch works with commercial-off-the-shelf (COTS) software without requiring access to source code.

We have successfully instrumented the Active Scripting API on the Windows 32-bit (Win32) platform. As a result, we can observe and control the interactions of all scripts that run on the platform. We have developed a library that is automatically loaded into every executable that runs on the Windows platform. Therefore, if an application makes a call through the Active Scripting API, we intercept it and can execute call-back processing functions such as blocking, error message passing, or pass-through functions. We have demonstrated the capability to block malicious active scripting on several popular Windows applications such as Microsoft Internet Explorer and Microsoft Outlook. Our approach applies to the class of active scripting attacks best represented by Melissa and LoveLetter style viruses. 

We are now researching machine learning approaches to automatically inferring policies from audit logs. The goal is to be able to determine which features from the Active Scripting API audit logs distinguish malicious scripts from benign scripts, then extract rules that can be applied by our policy enforcer. We believe this approach is more robust, user-friendly, and manageable than current policy-writing approaches that require users to develop complex policies of allowable or disallowed behavior. 

Reliable Software Technologies is exploring transitioning this technology into the military commands via the DARPA IRD office. In addition, Reliable Software Technologies is exploring transition this technology to a leading anti-virus product vendor. 

Dr. Anup K. Ghosh