Metody sledování chování procesů na Windows
| Autor: | Matoušek, David |
|---|---|
| Jazyk: | čeština |
| Rok vydání: | 2010 |
| Druh dokumentu: | masterThesis |
| Popis: | The thesis summarizes selected methods of process behavior monitoring on Windows operating systems. The thesis is focused especially on using virtualization as a support tool for process behavior checking. The main goal of the thesis was evaluation of process behavior checking methods and designing a virtualization based monitoring system. The designed system is based on VirtualBox virtualization software by Sun Microsystems and operating system Windows XP Service Pack 3. The execution of the virtualized Windows system is modified so that in precisely defined states the monitoring system creates elementary events based on the current state of the system memory. These events can then be analyzed in order to simulate the operating system objects and their interactions. The interactions between the monitored processes and other objects in the system then determine the behavior of these processes. |
| Databáze: | Networked Digital Library of Theses & Dissertations |
| Externí odkaz: |
|