GI LogoGI Logo
  • Login
Digital Library
    • All of DSpace

      • Communities & Collections
      • Titles
      • Authors
      • By Issue Date
      • Subjects
    • This Collection

      • Titles
      • Authors
      • By Issue Date
      • Subjects
Digital Library Gesellschaft für Informatik e.V.
GI-DL
    • English
    • Deutsch
  • English 
    • English
    • Deutsch
View Item 
  •   DSpace Home
  • Lecture Notes in Informatics
  • Proceedings
  • IMF - IT-Incident Management & IT-Forensics
  • P140 - IMF 2008 – IT-Incident Management & IT Forensics
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
  •   DSpace Home
  • Lecture Notes in Informatics
  • Proceedings
  • IMF - IT-Incident Management & IT-Forensics
  • P140 - IMF 2008 – IT-Incident Management & IT Forensics
  • View Item

Building a runtime state tracing kernel

Author:
Chakravarthy, Ananth [DBLP] ;
Vaidya, Vinay G. [DBLP]
Abstract
A process is run by executing a sequence of instuctions by the processor However it is probable that not all of the instructions are executed as there are hundreds of paths that can be taken by the executable to complete ist execution. The path chosen is dependent on a host of factors like the environment, user input, the platform etc. As such, at any given instant of time, the process might be in any of the possible states Sn after traversing states S1, S2, S3 .. where S1, S2, S3 .....Sn, Sn+1, Sn+2,..SM depict the total M states that can be taken by the executable. There is no mechanism currently inside the LINUX kernel to peek into the state of the process to find out which if these states is it currently in and what are the states it has "traversed" to reach the current state while is is executing. If such an effective tracing can be achieved, it would lead to better operating system security. Other advantages are better logs or even building a verifiable software system. This paper looks at the infrastructure that has been developed to realize such a functionality in the Linux kernel and thereby increase the security of the running process. Of particular mention is the framework that has been developed to peek into the state of a running process as it executes and the various mechanisms that could be used to ascertain the state of the running process.
  • Citation
  • BibTeX
Chakravarthy, A. & Vaidya, V. G., (2008). Building a runtime state tracing kernel. In: Göbel, O., Frings, S., Günther, D., Nedon, J. & Schadt, D. (Hrsg.), IMF 2008 – IT Incident Management & IT Forensics. Bonn: Gesellschaft für Informatik e.V.. (S. 173-196).
@inproceedings{mci/Chakravarthy2008,
author = {Chakravarthy, Ananth AND Vaidya, Vinay G.},
title = {Building a runtime state tracing kernel},
booktitle = {IMF 2008 – IT Incident Management & IT Forensics},
year = {2008},
editor = {Göbel, Oliver AND Frings, Sandra AND Günther, Detlef AND Nedon, Jens AND Schadt, Dirk} ,
pages = { 173-196 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
DateienGroesseFormatAnzeige
gi-proc-140-013.pdf748.5Kb PDF View/Open

Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback

More Info

ISBN: 978-3-88579-234-5
ISSN: 1617-5468
xmlui.MetaDataDisplay.field.date: 2008
Language: en (en)
Content Type: Text/Conference Paper

Keywords

  • Security
  • State tracing
  • ELF
  • Reverse Engineering
  • Linux
  • System Calls
  • dynamorio
Collections
  • P140 - IMF 2008 – IT-Incident Management & IT Forensics [15]

Show full item record


About uns | FAQ | Help | Imprint | Datenschutz

Gesellschaft für Informatik e.V. (GI), Kontakt: Geschäftsstelle der GI
Diese Digital Library basiert auf DSpace.

 

 


About uns | FAQ | Help | Imprint | Datenschutz

Gesellschaft für Informatik e.V. (GI), Kontakt: Geschäftsstelle der GI
Diese Digital Library basiert auf DSpace.