Capture – A behavioral analysis tool for applications and documents

@inproceedings{SeifertaCaptureA,
  title={Capture – A behavioral analysis tool for applications and documents},
  author={Christian Seiferta and Ramon Steensona and Ian Welcha and Peter Komisarczuka and Barbara Endicott-Popovskyb}
}
  • Christian Seiferta, Ramon Steensona, +2 authors Barbara Endicott-Popovskyb
In this paper, we present Capture, a tool for behavioral analysis of applications for the Win32 operating system family. Capture is able to monitor the state of a system during the execution of applications and processing of documents, which provides the analyst with insights on how the software operates even if no source code is available. Capture differs from existing behavioral analysis tools in its ability to monitor state changes on a low kernel level and its ability to be easily used… CONTINUE READING
Highly Cited
This paper has 36 citations. REVIEW CITATIONS

Citations

Publications citing this paper.
Showing 1-10 of 21 extracted citations

References

Publications referenced by this paper.
Showing 1-4 of 4 references

An introduction to kernel patch protection

  • S Field
  • 1996

Hooking the kernel directly

  • A. Bassov

Similar Papers

Loading similar papers…