My Bitdefender
  • 0 Shopping Cart

Bitdefender Blog

Is Antivirus Sandboxing Effective?

by Dan Lowe, on 16 October 2013

In general, Sandboxing is a simulated environment which programs and processes can run in an isolated setting while allowing limited access to your files and system.

Antivirus Sandbox

In general, Sandboxing is a simulated environment which programs and processes can run in an isolated setting while allowing limited access to your files and system. You can download Sandboxing tools to your computer to add an extra layer of security to your devices. I have posted an article that lists a few Sandbox environments that you can try.

There are different Sandboxing implementation such as using a virtual machine that simulates the hardware, operating system, and applications on top of the simulated hardware. Another Sandbox variation allows simulated access to files or registry so every time a request is made to access those elements, it access a only a copy of these items. Sandboxing does not have to occur only at the file or system level, but Sandboxing is used at the browser level where you can run a Sandbox or virtual environment within your browser to prevent the site from capturing login credentials or payment information.

Sandboxing is just one method of detecting unknown malware, but it does slow your system down as it does require memory and processor cycles. Not all Sandboxing products are equal as no antivirus products are equal. Some antivirus products integrate sandboxing technology within their product, but I think you should always look a product that shows consistently strong malware detection rates and is speedy enough to get you working in the morning. Most people need to find the winning combination for their particular usage.

Criminals have been finding inventive ways to circumventing the sandbox antimalware technique. Some malware will check if the system is running in a sandbox environment, other malware will do some useless task and wait until the sandbox times out then insert malware into the system[1]. There are many more creative ways malware authors are getting around these defenses and they will continue to get better over time.

I believe Sandboxing within the browser or secure virtual browsers can be a particularly effective tool as it can isolate your web session. This will prevent existing malware already within the system from logging key strokes, screen scraping, or using other credential capturing approaches. These technologies can also prevent man in the browser, phishing, packet sniffing, and identify malicious or fraudulent sites. Since there are over 200,000 unique malware every day, you can safely assume that some of the malware will bypass your existing antivirus program. Companies that offer Bring Your Own Device (BYOD) programs can securely log into the network while creating a more secure environment without inhibiting a user friendly environment.

Many companies use a combination of antivirus techniques to actively protect the user. Sandboxing should always be complimented by other technologies to ensure the highest success rate, but secure browsers can definitely help to protect your web sessions.

Dan Lowe

Dan Lowe, an OEM Senior Marketing Manager, has been working with Bitdefender for the last 3 ½ years. His familiarity with multiple security products from Firewalls to Antivirus has provided him a unique perspective on the security industry.

Daily "Did you know?"

On July 31, 2008, the Koobface computer worm started to target users of Facebook and MySpace; and new variants still constantly appear.

Authors

  • Bitdefender Security Specialists
    Bitdefender Labs
  • Catalin Cosoi
    Chief Security Researcher
  • Dan Lowe
    Dan Lowe, an OEM Senior Marketing Manager, has been working with Bitdefender for the last 3 ½ years. His familiarity with multiple security products from Firewalls to Antivirus has provided him a unique perspective on the security industry.
  • Ligia Adam
    Security Evangelist and Social Media Professional
  • Loredana Botezatu
    Loredana Botezatu – E-threat Analyst – Loredana has been writing about the IT world and e-security for well over five years. She has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.

Categories

HOTforSecurity