Browser Security Technology Uses Virtualization to Protect PCs | eWeek

Browser Security Technology Uses Virtualization to Protect PCs

Écrit par
Brian Prince
Brian Prince
Sep 16, 2010
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

A security company is going to market with a plan to bring virtualization to the browser to bolster security against Web-based threats.

Arguing that firewalls and antivirus software fail to adequately protect enterprises, Invincea’s strategy is to move Internet Explorer “into a virtual environment in a manner that is transparent to users,” the company said Sept. 13. Invincea Browser Protection runs the browser “non-natively as a virtual appliance on the user’s desktop.

“Most attacks take advantage of browser vulnerabilities to implant software in the OS. In IBP this happens in a virtual OS that is disposed of after use,” said Anup Ghosh, chief scientist at Invincea.

Any changes made by malware-including to the file system, system libraries/DLLs, registry and memory-are made in a virtual environment and not the host, Ghosh explained. Users can download files to a specific directory shared with the host OS, he said, and the “directory is non-executable and malware cannot install or run software on the host OS.”

Adding to the company’s virtualization approach is behavioral malware detection. Arming the browser with low-level sensors, IBP starts in the exact same state down to the bit level on start-up.

“Since the state is the same on each start-unlike your desktop, for instance-our behavioral sensors monitor for changes to this state during operation,” Ghosh said. “If, for instance, a heap spray attack against the browser is used to run code in the browser stack that in turn launches a command shell or forks a new process, our sensors detect this abnormal behavior for the browser and will call a foul.

“At this point, the corrupted browser environment is disposed [of] (file system and memory) while a new clean instance of the browser environment is brought back,” he continued. “Meanwhile, detailed cyber-forensics about the infection event are recorded and sent to a database including the source of the infection, its system changes it made and where it reached out to on the network.”

“Originally funded by the Defense Advanced Research Projects Agency (DARPA) to build a prototype of a virtualized Web browsing solution,” the Invincea release said, the company “then developed its patent-pending technology with George Mason University’s Center for Secure Information Systems. Today, Invincea is venture-backed” and it released its first version of IBP in April.

“The feedback has been positive and we’re ready to go to market now … We have over a dozen deployments of various sizes currently,” Ghosh said.

Right now, IBP supports Windows XP and Vista, with Windows 7 support coming soon.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.