当前位置:
X-MOL 学术
›
arXiv.cs.OS
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Designing Robust API Monitoring Solutions
arXiv - CS - Operating Systems Pub Date : 2020-05-01 , DOI: arxiv-2005.00323 Simone Nicchi, Matteo Mariani, Matteo Marini, Federico Palmaro, Daniele Cono D'Elia
arXiv - CS - Operating Systems Pub Date : 2020-05-01 , DOI: arxiv-2005.00323 Simone Nicchi, Matteo Mariani, Matteo Marini, Federico Palmaro, Daniele Cono D'Elia
Tracing the sequence of library and system calls made by a program is very
helpful in the characterization of its interactions with the environment and
ultimately of its semantics. Due to entanglements of real-world software
stacks, this task can become challenging as we take accuracy, reliability, and
transparency aspects into the equation. In this paper we report on our
experience in designing and implementing API tracing solutions for software
security research. We discuss two implementation variants based on
hardware-assisted virtualization and on dynamic binary translation to realize
API call interposition robustly.
中文翻译:
设计强大的 API 监控解决方案
跟踪程序执行的库和系统调用的序列对于表征其与环境的交互以及最终的语义非常有帮助。由于现实世界软件堆栈的纠缠,当我们将准确性、可靠性和透明度方面纳入等式时,这项任务可能变得具有挑战性。在本文中,我们报告了我们为软件安全研究设计和实施 API 跟踪解决方案的经验。我们讨论了基于硬件辅助虚拟化和动态二进制转换的两种实现变体,以稳健地实现 API 调用插入。
更新日期:2020-05-04
中文翻译:
设计强大的 API 监控解决方案
跟踪程序执行的库和系统调用的序列对于表征其与环境的交互以及最终的语义非常有帮助。由于现实世界软件堆栈的纠缠,当我们将准确性、可靠性和透明度方面纳入等式时,这项任务可能变得具有挑战性。在本文中,我们报告了我们为软件安全研究设计和实施 API 跟踪解决方案的经验。我们讨论了基于硬件辅助虚拟化和动态二进制转换的两种实现变体,以稳健地实现 API 调用插入。