设计健壮的API监控方案（CS CR）---Elva

跟踪程序发出的库调用和系统调用的序列对于描述程序与环境之间的交互以及描述语义非常有帮助。由于现实世界中软件堆栈的纠缠，当我们将准确性、可靠性和透明性因素纳入方程时，这项任务可能变得具有挑战性。本文介绍了我们为软件安全研究设计并实现的API跟踪方案，分别讨论了基于有硬件辅助的虚拟化和基于动态二进制翻译的两种实现方式，从而实现了API调用的健壮插入。

原文题目：Designing Robust API Monitoring Solutions

原文：Tracing the sequence of library and system calls made by a program is very helpful in the characterization of its interactions with the environment and ultimately of its semantics. Due to entanglements of real-world software stacks, this task can become challenging as we take accuracy, reliability, and transparency aspects into the equation. In this paper we report on our experience in designing and implementing API tracing solutions for software security research. We discuss two implementation variants based on hardware-assisted virtualization and on dynamic binary translation to realize API call interposition robustly.

原文作者：Simone Nicchi, Matteo Mariani, Matteo Marini, Federico Palmaro, Daniele Cono D'Elia

原文链接：https://arxiv.org/abs/2005.00323