Client side attacks have increased a great deal in recent years. Inserting some malicious code through browser vulnerabilities to execute arbitrary code attack is called website embedded Trojan. Website embedded Trojan is a major threat that browsers face nowadays. Apart from antivirus software, browser vendors developed a number of techniques to counter website embedded Trojan, including using a sandbox.
For example, in Windows systems, browsers can defend memory attacks by closely combining the protection measures provided by the operating systems like data execution prevention (DEP), address space layout randomization (ASLR), SafeSEH, etc. At the same time, browsers have also developed a multiprocess architecture, which greatly improved the security level.
Multiprocess architecture of a browser will separate each module and each browser instance; in this way, when a process crashes, it will not affect other processes.
Google Chrome is the first browser to adopt a multiprocess architecture. The main process of Google Chrome is divided into four: the browser process, the rendering process, the plug-in process, and the expansion process. Plug-in processes such as Flash, Java, PDF, etc., are distinctively isolated from the browser process and will not affect each other. The rendering engine is isolated from the Sandbox. The web page code needs to communicate with the browser kernel process and the operating system only through the IPC channel, which will go through a number of security checks.
Sandbox, with the development of computer technology, is now generally referred to as resource isolation class module. Sandbox is designed to allow untrusted code to run in a certain environment, restricting it to access resources outside the quarantine area. If you must cross the border of Sandbox to generate data exchange, then data can only go through designated channels, for example, through encapsulated API in which the legality of the request will be strictly checked.
IE8 is a multiprocess architecture, in which each tab page is a separate process. Though the browsers today have multiple process architectures and Sandbox to ensure security, third-party plug-ins loaded by the browser can often bypass the Sandbox. For example, the browsers in the Pwn2Own conference were attacked due to loading of third-party plug-ins. Attacks using Flash, Java, PDF, and .Net Framework have become the trend in recent years. Perhaps future browser security models will pay more attention to these third-party plug-ins. Browser vendors should work together to improve the standard of security strengthen their browsers.