Access and use control using externally controlled reference monitors
ACM SIGOPS Operating Systems Review
Maintaining Consistency and Bounding Capacity of Software Code Caches
Proceedings of the international symposium on Code generation and optimization
Host-based detection of worms through peer-to-peer cooperation
Proceedings of the 2005 ACM workshop on Rapid malcode
A feather-weight virtual machine for windows applications
Proceedings of the 2nd international conference on Virtual execution environments
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Ad hoc extensibility and access control
ACM SIGOPS Operating Systems Review
Proceedings of the 4th ACM workshop on Recurring malcode
Operating System Modifications for Task-Based Speed and Voltage
Proceedings of the 1st international conference on Mobile systems, applications and services
NetHost-sensor: Monitoring a target host's application via system calls
Information Security Tech. Report
Prevention of information attacks by run-time detection of self-replication in computer codes
Journal of Computer Security
Extending applications using an advanced approach to DLL injection and API hooking
Software—Practice & Experience
Extending .NET security to unmanaged code
ISC'06 Proceedings of the 9th international conference on Information Security
A survey on automated dynamic malware-analysis techniques and tools
ACM Computing Surveys (CSUR)
Behavioral distance for intrusion detection
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Transparent dynamic instrumentation
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Prevention of information attacks by run-time detection of self-replication in computer codes
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
A quantitative study of accuracy in system call-based malware detection
Proceedings of the 2012 International Symposium on Software Testing and Analysis
Hi-index | 0.00 |
From the Publisher:The Windows NT native application programming interface is the set of system services provided by the Windows NT executive to both user mode and kernel mode programs. These API routines are the equivalent of Unix system calls or VMS system services. The Windows NT/2000 Native API Reference provides the first comprehensive look at these so-far undocumented services. A unique tool for software developers who need to create or maintain utility applications under Windows NT 4.0 and 2000, this reference includes: documentation of the over 200 routines included in the native API, detailed description of those routines either not directly accessible via the Win32 API or that offer substantial additional functionality; example library routines and utility programs to demonstrate functionality of particular routines; coverage of kernel functions to support the debugging of user mode applications; and pointers to relevant documented functionality within the DDK.Because of its distance from the Windows NT operating system internals, the Win32 API does not allow access to the full functionality of operating system itself. The APIs native to Windows NT and 2000 provide a long-sought foothold into this functionality. This reference will help you to: write user mode code to interact with kernel mode applications; develop critical tools and technologies such as real-time systems, debuggers, analysis tools and device drivers; deepen your understanding of Windows NT internals; and learn what API changes are made with the release of Windows 2000.About the Author:Gary Nebbett first started working with operating systems when he joined the MultiMIRTOS development team at Standard Telecommunication Laboratories immediately after graduating from London University in 1982. (MultiMIRTOS was a real-time embedded operating system for the Intel 8086 processor.) Gary has served as a Senior Research Engineer in various organizations, since that time. He has focused on developing kernel-mode code for operating systems including Unix, VMS and Windows NT, and is practiced in modifying the behavior of applications for which only binary code is available. Through his investigation of system internals, he has developed applications not typically possible for a given operating system, including tools to trace system calls, reconstruct deleted files, and capture network traffic. Gary holds a BSc (Engineering) from Queen Mary College, University of London and lives in Basel, Switzerland. In his free time he enjoys squash, cross-country skiing, walking in the Alps, mountain biking in the Black Forest.