Designing Robust API Monitoring Solutions.

Tracing the sequence of library and system calls made by a program is very helpful in the characterization of its interactions with the environment and ultimately of its semantics. Due to entanglements of real-world software stacks, this task can become challenging as we take accuracy, reliability, and transparency aspects into the equation. In this paper we report on our experience in designing and implementing API tracing solutions for software security research. We discuss two implementation variants based on hardware-assisted virtualization and on dynamic binary translation to realize API call interposition robustly.