racing the sequence of library calls and system calls that a program makes is very helpful to characterize its interactions with the surrounding environment and, ultimately, its semantics. However, due to the entanglements of real-world software stacks, accomplishing this task can be surprisingly challenging as we take accuracy, reliability, and transparency into the equation. In this article, we identify six challenges that API monitoring solutions should overcome in order to manage these dimensions effectively and outline actionable design points for building robust API tracers that can be used even for security research. We then detail and evaluate SNIPER, an open-source API tracing system available in two variants based on dynamic binary instrumentation (for simplified in-guest deployment) and hardware-assisted virtualization (realizing the first general user-space tracer of this kind), respectively.
2021, IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, Pages 1-15
Designing Robust API Monitoring Solutions (01a Articolo in rivista)
D'Elia Daniele Cono, Nicchi Simone, Mariani Matteo, Marini Matteo, Palmaro Federico
Gruppo di ricerca: Cybersecurity