Sandboxing
An isolation technique that executes suspicious programs or code in a sandboxed environment without compromising real systems. A core concept of modern malware analysis and browser security.
Sandboxing refers to the technique of running software or code in an isolated environment—the "sandbox." The sandbox has no access to the actual system, real data, or the network. If the software behaves maliciously, the damage is confined to the sandbox.
The concept is similar to a sandbox for children: what happens in the sandbox stays in the sandbox.
Areas of Application
Browser Sandbox
Modern browser security standard: Each tab runs in its own isolated process.
Browser process (privileged)
├── Tab 1 (low privileges, sandboxed)
├── Tab 2 (low privileges, sandboxed)
└── Tab 3 (low privileges, sandboxed)Even if a website exploits a browser vulnerability, the exploit only has sandbox privileges—no access to the file system or other processes without a sandbox escape.
Browser Sandbox Escapes (very rare, highly valuable to attackers):
- CVE-2024-0519: Chrome V8 Sandbox Escape
- Typically used for high-value targets (APT, espionage)
Email Attachment Sandbox
Email security gateways (Proofpoint, Mimecast, Microsoft Defender) execute suspicious attachments in a cloud sandbox:
Incoming email with .xlsx attachment
→ Gateway detects macros in the document
→ Document is opened in a cloud VM
→ Sandbox observes: Macro runs → PowerShell launches → Connection to C2
→ Classification: Malicious → Blocked, quarantinedMalware evasion techniques:
- Sandbox detection: Check VM artifacts (VMware registry keys, CPUID tricks)
- Sleep delays: Malware waits longer than the sandbox timeout (10 min+)
- User interaction: Waits for mouse movement or click (no real user in the sandbox)
- Anti-debugging: Detects debug hooks
Malware Analysis Sandbox
For forensic analysis in security teams:
Cuckoo Sandbox (Open Source):
# Analyze suspicious file
cuckoo submit --timeout 120 --platform windows malware.exe
# Result: complete report on
# - API calls
# - Network connections
# - File system changes
# - Registry changes
# - ProcessesCommercial solutions:
- ANY.RUN (interactive online sandbox)
- VirusTotal (static + multi-AV + sandbox)
- Hybrid Analysis (Falcon Sandbox, Crowdstrike)
- Joe Sandbox
- VMRay
OS-Level Sandboxing
Operating systems use sandbox concepts for app isolation:
Linux:
- namespaces: Isolation of PID, network, file system
- seccomp: Restriction of allowed syscalls
- AppArmor/SELinux: Mandatory Access Control (MAC)
- Containers (Docker): Combination of all (not a true security sandbox without additional measures)
Windows:
- Windows Sandbox: Temporary VM directly within Windows (Windows 10/11 Pro)
- Windows App Container: UWP apps with restricted privileges
- WSL 2: Linux in Hyper-V isolation
macOS:
- App Sandbox: Required for App Store apps
- Gatekeeper: Only launch signed/notarized apps
Kubernetes / Container Security
Containers are not sandboxes—they share the host kernel:
Container escape risk:
CVE-2019-5736 (runc) → Host root from container
CVE-2020-15257 (containerd) → Container-to-containerTrue isolation: gVisor (Google), Kata Containers (VM kernel per container), Firecracker (AWS Lambda).
Sandbox Evasion: Malware that detects sandboxes
Sophisticated malware checks whether it is running in a sandbox:
# Example: Simple VM detection (simplified)
import os, sys
def is_sandbox():
# Check for VMware artifacts
if os.path.exists("C:\\Windows\\System32\\vmGuestLib.dll"):
return True
# Insufficient RAM for a real system
import psutil
if psutil.virtual_memory().total < 2 * 1024**3: # < 2GB
return True
# Too few running processes
if len(psutil.pids()) < 50:
return True
return False
if is_sandbox():
sys.exit(0) # Exit harmlessly
else:
# Start actual malicious behavior
...Countermeasures for sandbox operators:
- Realistic VM configuration (4GB RAM, 100GB disk, real user profiles)
- Simulate mouse movements and browser history
- Longer analysis timeouts (15 min+)
- Bare-metal analysis for highly sophisticated malware
Sandboxing as standard in modern products
| Product | Sandbox mechanism |
|---|---|
| Chrome/Firefox | Process isolation via OS sandbox |
| Windows Defender | Cloud-based sandbox analysis |
| Adobe Reader | Protected Mode (sandbox) |
| iOS Apps | Mandatory App Sandbox |
| Android Apps | SELinux + App isolation |
| AWS Lambda | Firecracker MicroVM |
