Could you please clarify the first step in installation.
(1.1) Compile and run task-info/task-info.c in the guest OS (1.2) Copy the output to the ./target-i386/PEMU/linux.c { 0xC1731F60, /* task struct root / 432, / offset of task_struct list / 460, / offset of mm / 40, / offset of pgd in mm / 732, / offset of comm */ }; Note: the new process detection approach listed in the paper is not that stable. Instead, we use some process information to help new process detection.
How to compile task-info/task-info.c and which executable to execute ?
Could you please clarify the first step in installation.
(1.1) Compile and run task-info/task-info.c in the guest OS (1.2) Copy the output to the ./target-i386/PEMU/linux.c { 0xC1731F60, /* task struct root / 432, / offset of task_struct list / 460, / offset of mm / 40, / offset of pgd in mm / 732, / offset of comm */ }; Note: the new process detection approach listed in the paper is not that stable. Instead, we use some process information to help new process detection.
How to compile task-info/task-info.c and which executable to execute ?