Tracing the sequence of library and system calls made by a program is very helpful in the characterization of its interactions with the environment and ultimately of its semantics. Due to entanglements of real-world software stacks, this task can become challenging as we take accuracy, reliability, and transparency aspects into the equation. In this paper we report on our experience in designing and implementing API tracing solutions for software security research. We discuss two implementation variants based on hardware-assisted virtualization and on dynamic binary translation to realize API call interposition robustly.

中文翻译：

---

设计强大的 API 监控解决方案

跟踪程序执行的库和系统调用的序列对于表征其与环境的交互以及最终的语义非常有帮助。由于现实世界软件堆栈的纠缠，当我们将准确性、可靠性和透明度方面纳入等式时，这项任务可能变得具有挑战性。在本文中，我们报告了我们为软件安全研究设计和实施 API 跟踪解决方案的经验。我们讨论了基于硬件辅助虚拟化和动态二进制转换的两种实现变体，以稳健地实现 API 调用插入。