Windows XP Kernel Crash Analysis
نویسندگان
چکیده
PC users have started viewing crashes as a fact of life rather than a problem. To improve operating system dependability, systems designers and programmers must analyze and understand failure data. In this paper, we analyze Windows XP kernel crash data collected from a population of volunteers who contribute to the Berkeley Open Infrastructure for Network Computing (BOINC) project. We found that OS crashes are predominantly caused by poorly-written device driver code. Users as well as product developers will benefit from understanding the crash behaviors elaborated in this paper.
منابع مشابه
Harvesting Error Reports from Windows Systems
Microsoft provides infrastructure to harvest and analyze error reports from Windows XP systems. This infrastructure makes it possible for IT professionals to harvest and analyze their organization’s error reports with relatively modest investments, even on networks not connected to the Internet. This paper introduces this infrastructure and describes how it can be harnessed. 1. Error Reporting ...
متن کاملA Quick Take on Windows Security Evolution
A while back I wondered how software developers’ concerns about security evolved over time. Obviously, studying under-the-hood changes would be a major research undertaking—and frankly beyond my interest. But mightn’t there be a feasible shortcut, a sort of poor man’s time-series analysis of security concerns? Behind this question was my speculation that the tightening user-controlled security ...
متن کاملTracking Rootkit Footprints with a Practical Memory Analysis System
In this paper, we present MAS, a practical memory analysis system for identifying a kernel rootkit’s memory footprint in an infected system. We also present two large-scale studies of applying MAS to 848 real-world Windows kernel crash dumps and 154,768 potential malware samples. Error propagation and invalid pointers are two key challenges that stop previous pointer-based memory traversal solu...
متن کاملCAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems
Discovering the security vulnerabilities of commercial off-the-shelf (COTS) operating systems (OSes) is challenging because they not only are huge and complex, but also lack detailed debug information. Concolic testing, which generates all feasible inputs of a program by using symbolic execution and tests the program with the generated inputs, is one of the most promising approaches to solve th...
متن کاملA Host Intrusion Prevention System for Windows Operating Systems
We propose an intrusion prevention system called WHIPS that controls, entirely in kernel mode, the invocation of the critical system calls for the Windows OS security. WHIPS is implemented as a kernel driver, also called kernel module, by using kernel structures of the Windows OS. It is integrated without requiring changes to either the kernel data structures or to the kernel algorithms. WHIPS ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006