Kernel monitoring is often a hard task, requiring external debuggers and/or modules to be successfully performed. These requirements make analysis procedures more complicated because multiple machines, although virtualized ones, are required. This requirements also make analysis procedures more expensive. In this paper, we present the Lightweight Kernel Tracer (LKT), an alternative solution for tracing kernel from within by leveraging branch monitors for data collection and an address-based introspection procedure for context reconstruction. We evaluated LKT by tracing distinct machines powered by x64 Windows kernels and show that LKT may be used for understanding kernel's internals (e.g., graphics and USB subsystems) and for system profili...
Distributed tracing allows tracking user requests that span across multiple services and machines in...
Embedded systems in applications that include GPS, airplanes, life support devices, video de-coders ...
Abstract—Memory trace analysis is an important technology for architecture research, system software...
This paper introduces the new Linux Trace Toolkit Next Generation (LTTng) kernel tracer and its anal...
Increasingly complex systems are being developed and put in production. Developers therefore face in...
This paper presents an overview of tracing re-quirements stated by the LTTng user-base. It presents ...
This presentation discusses the upcoming changes to be proposed to the kernel tracing field by the L...
Abstract—Unified tracing is the process of collecting trace logs across the boundary of kernel and u...
Several tools for program tracing and introspection exist. These tools can be used to analyze potent...
Live system call traces provide essential information in analyzing modern malware. Prior work demons...
Fay is a flexible platform for the efficient collection, processing, and analysis of software execut...
International audienceTracing is a popular method for evaluating, investigating, and modeling the pe...
Dynamic kernel memory is difficult to analyze due to its volatile status; numerous kernel objects ar...
Recently, many tracing infrastructures, like kprobes, tra-cepoints, ftrace, etc. have been merged in...
Distributed tracing allows tracking user requests that span across multiple services and machines in...
Embedded systems in applications that include GPS, airplanes, life support devices, video de-coders ...
Abstract—Memory trace analysis is an important technology for architecture research, system software...
This paper introduces the new Linux Trace Toolkit Next Generation (LTTng) kernel tracer and its anal...
Increasingly complex systems are being developed and put in production. Developers therefore face in...
This paper presents an overview of tracing re-quirements stated by the LTTng user-base. It presents ...
This presentation discusses the upcoming changes to be proposed to the kernel tracing field by the L...
Abstract—Unified tracing is the process of collecting trace logs across the boundary of kernel and u...
Several tools for program tracing and introspection exist. These tools can be used to analyze potent...
Live system call traces provide essential information in analyzing modern malware. Prior work demons...
Fay is a flexible platform for the efficient collection, processing, and analysis of software execut...
International audienceTracing is a popular method for evaluating, investigating, and modeling the pe...
Dynamic kernel memory is difficult to analyze due to its volatile status; numerous kernel objects ar...
Recently, many tracing infrastructures, like kprobes, tra-cepoints, ftrace, etc. have been merged in...
Distributed tracing allows tracking user requests that span across multiple services and machines in...
Embedded systems in applications that include GPS, airplanes, life support devices, video de-coders ...
Abstract—Memory trace analysis is an important technology for architecture research, system software...