what piece of the processor connects to the OS API calls or RUN statements?
Printable View
what piece of the processor connects to the OS API calls or RUN statements?
All of it?
What do you mean? Do you have any idea how a computer works?
i am thinking about making some type of coprocessor board (just a design idea) that will work with existing hardware and software that can collect info and report security related events to a monitoring station.
I understand that rootkits and spyware attack statements in windows api and make everything seem normal. I know nothing about internal OS operations, so I asked how this specific piece is related or (could) relate to hardware. Maybe this is still confusing, i dont know.
That would not work effectively at the processor level, as OS API commands translate into many many consecutive processor instructions. You would have to have a list of OS API commands and their translated processor opcode instructions. You would then have to read directly from the processors registers/BUS the opcode of the instruction being executed and pattern match a consecutive string of opcodes against your stored list. This also does not take into account that most modern day processors are pipelined, which would me you would have to account for NOP buffers/fillers and smashing the pipe. Good thought, but not a practical idea.
You are asking for about 2 years worth of knowledge.
You have called this thread:
Spyware and rootkits are applications just like any other. Apart from generally residing on your hard drive, I don't think that they have any hardware requirements other than sufficient resource to run.Quote:
Spyware/Rootkits and Hardware
It doesn't.................................and if you are thinking of a hardware security design you should look at EEPROM chipsQuote:
I asked how this specific piece is related or (could) relate to hardware.
:)
thx all