A System for Program Execution Identification on the Microsoft Windows Platforms
نویسندگان
چکیده
This paper describes a system for identification execution of programs using execution events of the programs. This system is based on a model of program execution for security purposes, and is implemented on the Microsoft Windows platforms using an operating system technique called DLL (Dynamic Linked Library) replacement. Compared to other related works, this paper has two key contributions: It describes a systematic way to retain all system DLLs made by application programs dynamically and in real-time on the Microsoft Windows platforms. It also presents a new model of program execution, in which frequencies of program execution events are considered in addition to their patterns. Our experiment data indicate improved results.
منابع مشابه
.NET to Java Comparison
Microsoft’s .NET Framework, and Sun’s Java HotSpot Virtual Machine are latest achievements in platforms independent of underlying system. Both platforms provide runtime environment that is independent of the underlying operating system and computer architecture, and/or programming language used in application development. .NET Framework provides the crosslanguage operability, but can currently ...
متن کاملModerating the Execution of Applications on Win32 Platforms
This paper describes an approach and tool for providing administrative control over the execution of software on a Windows NT/2000 system. The kerneldriver–based approach provides the system administrator with a way of restricting users to running only approved applications. As a result, illegal, pirated, personal, and malicious software executables can be prevented from running on corporate ma...
متن کاملEvaluation of Java Thread Performance on Two Di erentMultithreaded
Modern programming languages and operating systems encourage the use of threads to exploit concurrency and simplify program structure. An integral and important part of the Java language is its multithreading capability. Despite the portability of Java threads across almost all platforms, the performance of Java threads varies according to the multithreading support of the underlying operating ...
متن کاملSmile Analyzer: A Software Package for Analyzing the Characteristics of the Speech and Smile
Taking into account the factors related to lip-tooth relationships in orthodontic diagnosis and treatment planning is of prime importance. Manual quantitative analysis of facial parameters on photographs during smile and speech is a difficult and time-consuming job. Since there is no comprehensive and user-friendly software package, we developed a software program called "Smile Analyzer" in the...
متن کاملTracing and Characterization of Windows NT-based System Workloads
Vol. 10 No. 1 1998 The computer architecture research community commonly uses trace-driven simulation in pursuing answers to a variety of design issues. Architects spend a significant amount of time studying the characteristics of benchmark programs by examining traces, i.e., samples taken from program execution. Popular benchmark programs include the SPEC and the BYTEmark benchmark test suites...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005