Catalogo dei prodotti della ricerca

racing the sequence of library calls and system calls that a program makes is very helpful to characterize its interactions with the surrounding environment and, ultimately, its semantics. However, due to the entanglements of real-world software stacks, accomplishing this task can be surprisingly challenging as we take accuracy, reliability, and transparency into the equation. In this article, we identify six challenges that API monitoring solutions should overcome in order to manage these dimensions effectively and outline actionable design points for building robust API tracers that can be used even for security research. We then detail and evaluate SNIPER, an open-source API tracing system available in two variants based on dynamic binary instrumentation (for simplified in-guest deployment) and hardware-assisted virtualization (realizing the first general user-space tracer of this kind), respectively.

Designing Robust API Monitoring Solutions / D'Elia, Daniele Cono; Nicchi, Simone; Mariani, Matteo; Marini, Matteo; Palmaro, Federico. - In: IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING. - ISSN 1545-5971. - 20:1(2023), pp. 392-406. [10.1109/TDSC.2021.3133729]

Designing Robust API Monitoring Solutions

D'Elia, Daniele Cono
Primo
;Nicchi, Simone;Marini, Matteo;
2023

Abstract

racing the sequence of library calls and system calls that a program makes is very helpful to characterize its interactions with the surrounding environment and, ultimately, its semantics. However, due to the entanglements of real-world software stacks, accomplishing this task can be surprisingly challenging as we take accuracy, reliability, and transparency into the equation. In this article, we identify six challenges that API monitoring solutions should overcome in order to manage these dimensions effectively and outline actionable design points for building robust API tracers that can be used even for security research. We then detail and evaluate SNIPER, an open-source API tracing system available in two variants based on dynamic binary instrumentation (for simplified in-guest deployment) and hardware-assisted virtualization (realizing the first general user-space tracer of this kind), respectively.
2023
API monitoring; API hooking; anti-analysis; call interposition; binary instrumentation; hardware virtualization; malware
01 Pubblicazione su rivista::01a Articolo in rivista
Designing Robust API Monitoring Solutions / D'Elia, Daniele Cono; Nicchi, Simone; Mariani, Matteo; Marini, Matteo; Palmaro, Federico. - In: IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING. - ISSN 1545-5971. - 20:1(2023), pp. 392-406. [10.1109/TDSC.2021.3133729]
01a Articolo in rivista
File allegati a questo prodotto
File Dimensione Formato  
ConoDElia_postprint_Designing_2021.pdf

accesso aperto

Note: DOI: 10.1109/TDSC.2021.3133729
Tipologia: Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 4.27 MB
Formato Adobe PDF
4.27 MB Adobe PDF
ConoDElia_Designing-Robust-API_2023.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 914.39 kB
Formato Adobe PDF
  Contatta l'autore
914.39 kB Adobe PDF   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1621158
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? 2
social impact