SlideShare una empresa de Scribd logo

Implementing process forensic for system calls

IAEME Publication
IAEME Publication

This document summarizes a research paper that proposes a kernel-level mechanism for determining if a process is executing a system call during process checkpointing or forensic investigation. It begins with an abstract describing process checkpointing and dynamic process migration. It then describes the challenge of determining the system call details of a process being checkpointed. The paper presents an algorithm and implementation in the Linux kernel to check the system call number and instruction pointer of a process to identify if it is currently executing a system call, and if so, provide the system call details. This mechanism could help support applications like process migration, load balancing, and fault tolerance.

Tecnología
1 de 6
Descargar para leer sin conexión
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 77 IMPLEMENTATION OF PROCESS FORENSIC FOR SYSTEM CALLS Dr. Narayan A. Joshi Associate Professor, CSE Department, NIRMA University, Ahmedabad, Gujarat, India. Dr. D. B. Choksi Professor, Department of Computer Science, Sardar Patel University, Vallabh Vidyanagar, Gujarat, India. ABSTRACT Mechanisms such as dynamic process migration, process forensic, process checkpoint-restart are concerned with process-state checkpointing. Dynamic process migration mechanism migrates a partially executed process from its originating workstation to other workstation, thereby it supports load balancing in distributed & networked systems letting applications to access computing resources spread across the network; such workload relocation among workstations may result into substantial improvements in overall system performance. The process checkpointing mechanism is responsible for identifying current dynamic and static state information of a desired process. However, determination of information of a particular system call under execution by a process to be checkpointed is one of the challenging tasks for the process checkpointing and migration mechanisms. A kernel-level solution for checkpointing the system call details is described in this paper. Keywords: System Call, Process Forensic, Process Checkpointing, Process Migration. 1. INTRODUCTION From an application developer’s perspective, the LINUX kernel appears to be a transparent layer in the operating system environment. In general, the presence of LINUX kernel is not noticed, however it always exists and continuously serves its best. In order to carry out assigned computing tasks, user-level processes are not required to know about which regions of memory and region address-ranges are occupied by them, which region-pages are swapped to the disk, though the processes remain in nearly continuous interaction with the underlying kernel to avail required services and thereby to get their work done. INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND TECHNOLOGY (IJARET) ISSN 0976 - 6480 (Print) ISSN 0976 - 6499 (Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME: http://www.iaeme.com/IJARET.asp Journal Impact Factor (2014): 7.8273 (Calculated by GISI) www.jifactor.com IJARET © I A E M E
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 78 For the sake of getting the assigned work done, the user-level processes take services provided by library routines. The library routines, in turn call the kernel-level functions. The role of standard library routines becomes significant as they act as an intermediate layer between the user- space process and the underlying kernel. Moreover, they help to standardize and simplify the distribution and usage of kernel level routines across diversified kernels. In order to make its capabilities and routines available to the user-level processes, the kernel facilitates system calls through which the kernel-level functions can be accessed in the user-space. A user-level process is an instance of a binary executable program file under execution. Every process has a certain unique state comprising of static and dynamic components. The static state of a process comprises of the binary executable program file itself; whereas the dynamic process-state comprises of the process’s address space (both of physical and virtual memory), CPU registers (both of user- space and kernel-space), I/O devices, files opened, sockets opened, pipes opened, signals received, blocked and pending, and many other things including system call under execution (if any) [2]. Sometimes, it may be required by the administrator, application developer, operating system kernel or system programs to determine the complete state information of a desired process. The paper describes a mechanism to determine system call information being executed by a desired process. Section 2 describes motivating scenarios concerned with determination of dynamic state information of a process. The problem statement and scope of the paper is in mentioned section 3. Proposed solution is discussed in section 4. The paper concludes with remarks and future directions in section 5. 2. MOTIVATION As seen in the above section, process state comprises of static and dynamic state components of a process. The requirement of process state identification and checkpointing becomes substantial during many situations, some of which are listed here [9]. Sometimes, it may be desired to pause the execution of a partially executed process, preserve its current state, kill the process, and later on according to user’s convenience and needs, restore the preserved state in a new process, and resume the restored process for execution. Such a process checkpoint-restart mechanism becomes advantageous for process migration also [3]. Process migration and load balancing can be applied to a system of interconnected computers to distribute the load of overloaded workstations among idle or lightly-loaded workstations [1]. The load balancing activity may result into utilization of a plenty of distributed computing power that usually goes unused. Instead of letting some machines be overloaded with several tasks, it makes sense to relocate some of these tasks to under-utilized machines from the overloaded ones. This allows such tasks to complete quickly and improve the overall system performance [6], [7]. Another area of applications where process migration could be beneficial is- it may be used to relocate a distant process closer to the big data that it is processing, thereby ensuring that it spends most of its time in doing useful work; and not wasting its time performing communication between nodes for sake of accessing the required data. Moreover, process migration may be beneficial in achieving fault tolerance. A process could be migrated from a partially failed workstation to some other healthy workstation in the network to avail process continuity. The same can be made applicable to the long-running processes whose workstations are to be disconnected from the network or turned-off later after some time because of lack of battery backup. Thus, the process migration can make the process available even after machine-failure or disconnection [4]. Furthermore, certain machines may possess better capabilities such as higher computing power, more amount of primary memory, availability of graphical processing unit, etc. which can be
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 79 utilized by moving a needy process to that machine. In this case, the process can be started on the source machine and then migrated to a more powerful machine later when it becomes available. 3. PROBLEM The operating system maintains the dynamic state information of a process in a kernel-level process descriptor data structure task_struct. The LINUX process control block task_struct maintains process state information such as process id, process group id, address space, current execution state, memory regions, credentials, opened files information and many other details including process scheduling and management [8]. Being such information available in the process descriptor and other supporting kernel-level data structures, various mechanisms such as process forensic, process checkpointing and process migration may carry out their tasks. However, at the time of process state investigation, checkpointing and migration, chances are there that the process could be running in some kernel-space function such as some system call handler. However, such mechanisms need to determine the related information of the system call currently being executed by the desired process. Moreover, the kernel doesn’t maintain such information in the process descriptor and other supporting kernel-level data structures. Furthermore, the kernel doesn’t provide a kernel-level mechanism to determine whether the process is running in some system call handler or not. It is desirable to avail kernel-level mechanism with which one can determine whether a process is running in some system call or not, and if the process is running some system call, then the related details about the system call should also be made available by the said mechanism. We have already proposed a partial solution overview of some of the algorithmic steps for the above described problem in our paper [5]. In this paper we have provided a comprehensive solution algorithm for the above said problem. Furthermore, a working implementation mechanism is also presented in this paper. 4. MECHANISM We describe here the working of system calls first. For simplicity, we have considered here the open source operating system and the freely available kernel. In order to provide its various services including efficiency, security and consistency to the user-space programs, the kernel facilitates a very powerful tool in the form of system calls. The user- space programs can avail the privileged kernel-level facilities and resources by means of system calls which normally appear as like as ordinary functions. Therefore, the system calls are the gateways for user-space programs to penetrate into the kernel space to avail its services. The system makes the system calls available to the user-space by means of software interrupts. While the user-space program is running in user-space and invocation of system call causes a maskable interrupt or exception class transfer from user-mode to the kernel-mode; which happens as a result of execution of the instruction int 0x80. Here, the vector 0x80 is used for transferring the control from user mode to the kernel mode by means of software interrupt. The in memory data structure interrupt vector gets initialized during system boot time. Further, the number of system call is required to be communicated to the kernel-space which normally is achieved by means of setting the orig_ax register with the appropriate system call number; sometimes it also depends on the underlying architecture and the version of the kernel. The execution flow of system calls is shown in figure 1[5]. As described above, the instruction int 0x80, is responsible to raise a software interrupt 128. It represents a call gate to the kernel’s specific service, thereby causing execution mode switching from user-mode to the kernel- mode. In the kernel-space, for the interrupt 128, a specific handle routine is registered to carry out execution of the requested system call. It suggests that during the time of process forensic or
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 80 migration, if the process was passing through the stage of execution of some system call, then the CPU would just have executed the instruction 0xcd 0x80 before jumping to the kernel space, and therefore, the previous value of the instruction pointer in the user-space would point to the corresponding mode switching instruction. Figure 1: The system call mechanism Here we suggest a mechanism for the steps suggested in [5]: 1. Obtain the process descriptor of the desired process whose forensic-investigation is to be done, or which is to be migrated. 2. Determine the current state of the process’s register-context from the obtained process control block. 3. Fetch the value of orig_ax register of the desired process. The value obtained may represent some system call. Determine the validity of the system call number. In case of a valid system call number, the process could be running a system call, otherwise the process was not doing a system call. 4. Obtain the previous instruction code of the instruction pointer in order to determine the two code values at the two memory addresses ptr_to_registers.ip-2 and ptr_to_registers.ip-1. a. Calculate the address of page global directory and verify its in memory validity. b. Calculate the address of the page upper directory from the global directory address and verify its in memory validity. c. Determine the page middle directory and verify its in memory validity. d. Determine the page table entry and verify its in memory validity. e. Swap in the required page if it is currently not available in memory. 5. Determine the addresses for the ptr_to_registers.ip-2 and ptr_to_registers.ip-1. 6. Fault in the page(s) containing the physical addresses determined in step 5 and obtain the values stored in those two locations. 7. Determine the nature of instruction from the values fetched in above step-6 to verify whether the process is running in some system call or not.
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 81 Some of the foremost implementation steps for the function system_call_forensic( ) are shown below [10], [11]: #include<linux/pagemap.h> #include<linux/sched.h> #include<linux/module.h> #include<linux/kernel.h> … int system_call_forensic(pid_t pid) { /*pid is process-id of the desired process which is to be migrated or whose forensic investigation is to be done*/ struct task_struct* pcb;//represents the process control //block strut pt_regs* regs; // represents the register context unsigned long k_addr;//represents kernel physical address pcb = find_task_by_pid(pid);//fetch pcb … regs = task_pt_regs(pcb); k_addr = regs.ip; if((*regs).orig_ax <= 0 || (*regs).orig_ax >= NR_syscalls) { printk(KERN_DEBUG “The process is not running system call.n”); … return 0; } //obtain the addresses of directory levels and verify their validity pgd_t* globaldir = pgd_offset(pcb->mm, k_addr); … pud_t* upperdir = pud_offset(globaldir, k_addr); … pmd_t* middledir = pmd_offset(upperdir, k_addr); … pte_t* pte = pte_offset_map(middledir, k_addr); … /*determine the presence of the page in memory, otherwise fault in the same.*/ if(!pte_present(*pte)) { //lock the table spin_lock(page_table_lock); //fault in the page … spin_unlock(page_table_lock); }
International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 82 char* physical_address = page_address(pte_page(*pte)) + k_addr & ~PAGE_MASK; pte_unmap(pte); if the type of instruction stored at physical address is associated with software interrupt return (*regs).orig_ax; else return -1; } 5. CONCLUDING REMARKS A working implementation by means of a kernel module is suggested here to determine whether a desired process is running in some system call or not. The suggested mechanism returns the system call number if the process is running in a system call. The suggested mechanism may be enhanced further to work with the modern approach of system call gateway i.e. sysenter. Moreover, the suggested mechanism involves traversal through page directories at many levels; which in future may be optimized further to obtain better performance. REFERENCES 1. A. Ali (2010), “A Guide to Dynamic Load Balancing in Distributed Computer system”, International Journal of Computer Science and Network Security, VOL.10, No.6. 2. D. P. Bovet and M. Cesati (2005), “Understanding the Linux Kernel”, 3rd edition, O’Reilly publication, ISBN 978-0-596-00565-8. 3. D. S. Milojicic, F. Douglis, Y. Paindaveine, R. Wheeler and S. Zhou (2000), “Process Migration”, ACM Journal of Computing Surveys, Vol. 2, Issue-3. 4. J. C. Sancho, F. Petrini, K. Davis, R. Gioiosa and S. Jiang (2005), “Current practice and a direction forward in checkpoint/restart implementations for fault tolerance”, Proceedings of 19th IEEE International Symposium on Parallel and Distributed Processing. 5. N. A. Joshi and D. B. Choksi (2009), “Process Forensic for System-call details on Linux Platform”, International Journal of Computer Applications in Engineering, Technology & Sciences. 6. Narayan A. Joshi and. D. B. Choksi (2012), “Mechanism for Implementation of Load Balancing using Process Migration”, International Journal of Computer Applications, Vol. 40, No. 9. 7. Narayan A. Joshi (2014), “Load Balancing in Cloud Using Process Migration”, International Journal of Advanced Research in Engineering & Technology, ISSN Print: 0976-6480, ISSN Online: 0976-6499, Vol. 5, Issue 4. 8. W. Mauerer, “Professional Linux Kernel Architecture”, Wiley Publishing Inc., ISBN: 978-0-470- 34343-2, 2008. 9. Y. Wang, Y. Huang, K. Vo, P. Chung and C. Kintala (1995), “Checkpointing and its applications”, Proceedings of the 25th International Symposium on Fault-tolerant computing. 10. LINUX reference manual, section 2 & 5. 11. LINUX kernel source: http://kernel.org. 12. Dr. Narayan Joshi and Parjanya Vyas (2014), “Performance Evaluation of Parallel Computing Systems”, International Journal of Advanced Research in Engineering & Technology, ISSN Print: 0976-6480, ISSN Online: 0976-6499, Vol. 5, Issue 5.

Recomendados

Operating system concepts ninth edition (2012), chapter 2 solution e1
Operating system concepts ninth edition (2012), chapter 2 solution e1Operating system concepts ninth edition (2012), chapter 2 solution e1
Operating system concepts ninth edition (2012), chapter 2 solution e1Navid Daneshvaran
 
SOLUTION MANUAL OF OPERATING SYSTEM CONCEPTS BY ABRAHAM SILBERSCHATZ, PETER B...
SOLUTION MANUAL OF OPERATING SYSTEM CONCEPTS BY ABRAHAM SILBERSCHATZ, PETER B...SOLUTION MANUAL OF OPERATING SYSTEM CONCEPTS BY ABRAHAM SILBERSCHATZ, PETER B...
SOLUTION MANUAL OF OPERATING SYSTEM CONCEPTS BY ABRAHAM SILBERSCHATZ, PETER B...vtunotesbysree
 
Advanced Operating System- Introduction
Advanced Operating System- IntroductionAdvanced Operating System- Introduction
Advanced Operating System- IntroductionDebasis Das
 
Ppt project process migration
Ppt project process migrationPpt project process migration
Ppt project process migrationjaya380
 
Final jaypaper linux
Final jaypaper linuxFinal jaypaper linux
Final jaypaper linuxjaya380
 
Efficient Resource Management Mechanism with Fault Tolerant Model for Computa...
Efficient Resource Management Mechanism with Fault Tolerant Model for Computa...Efficient Resource Management Mechanism with Fault Tolerant Model for Computa...
Efficient Resource Management Mechanism with Fault Tolerant Model for Computa...Editor IJCATR
 
50120130406041 2
50120130406041 250120130406041 2
50120130406041 2IAEME Publication
 
A NOVEL SLOTTED ALLOCATION MECHANISM TO PROVIDE QOS FOR EDCF PROTOCOL
A NOVEL SLOTTED ALLOCATION MECHANISM TO PROVIDE QOS FOR EDCF PROTOCOLA NOVEL SLOTTED ALLOCATION MECHANISM TO PROVIDE QOS FOR EDCF PROTOCOL
A NOVEL SLOTTED ALLOCATION MECHANISM TO PROVIDE QOS FOR EDCF PROTOCOLIAEME Publication
 

Recomendados

Operating system concepts ninth edition (2012), chapter 2 solution e1
Operating system concepts ninth edition (2012), chapter 2 solution e1Operating system concepts ninth edition (2012), chapter 2 solution e1
Operating system concepts ninth edition (2012), chapter 2 solution e1Navid Daneshvaran
 
SOLUTION MANUAL OF OPERATING SYSTEM CONCEPTS BY ABRAHAM SILBERSCHATZ, PETER B...
SOLUTION MANUAL OF OPERATING SYSTEM CONCEPTS BY ABRAHAM SILBERSCHATZ, PETER B...SOLUTION MANUAL OF OPERATING SYSTEM CONCEPTS BY ABRAHAM SILBERSCHATZ, PETER B...
SOLUTION MANUAL OF OPERATING SYSTEM CONCEPTS BY ABRAHAM SILBERSCHATZ, PETER B...vtunotesbysree
 
Advanced Operating System- Introduction
Advanced Operating System- IntroductionAdvanced Operating System- Introduction
Advanced Operating System- IntroductionDebasis Das
 
Ppt project process migration
Ppt project process migrationPpt project process migration
Ppt project process migrationjaya380
 
Final jaypaper linux
Final jaypaper linuxFinal jaypaper linux
Final jaypaper linuxjaya380
 
Efficient Resource Management Mechanism with Fault Tolerant Model for Computa...
Efficient Resource Management Mechanism with Fault Tolerant Model for Computa...Efficient Resource Management Mechanism with Fault Tolerant Model for Computa...
Efficient Resource Management Mechanism with Fault Tolerant Model for Computa...Editor IJCATR
 
50120130406041 2
50120130406041 250120130406041 2
50120130406041 2IAEME Publication
 
A NOVEL SLOTTED ALLOCATION MECHANISM TO PROVIDE QOS FOR EDCF PROTOCOL
A NOVEL SLOTTED ALLOCATION MECHANISM TO PROVIDE QOS FOR EDCF PROTOCOLA NOVEL SLOTTED ALLOCATION MECHANISM TO PROVIDE QOS FOR EDCF PROTOCOL
A NOVEL SLOTTED ALLOCATION MECHANISM TO PROVIDE QOS FOR EDCF PROTOCOLIAEME Publication
 
Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...
Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...
Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...Igor Oliveira
 
Unit 2 part 2(Process)
Unit 2 part 2(Process)Unit 2 part 2(Process)
Unit 2 part 2(Process)WajeehaBaig
 
Software rejuvenation
Software rejuvenationSoftware rejuvenation
Software rejuvenationRVCE
 
PI-Tool To Improve Performance of Application In Multi-core Architecture
PI-Tool To Improve Performance of Application In Multi-core ArchitecturePI-Tool To Improve Performance of Application In Multi-core Architecture
PI-Tool To Improve Performance of Application In Multi-core ArchitectureCSCJournals
 
OS Memory Management
OS Memory ManagementOS Memory Management
OS Memory Managementanand hd
 
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...vtunotesbysree
 
Os overview
Os overviewOs overview
Os overviewanand hd
 
COMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMS
COMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMSCOMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMS
COMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMSijcsit
 
Distributed Operating System_2
Distributed Operating System_2Distributed Operating System_2
Distributed Operating System_2Dr Sandeep Kumar Poonia
 
process management
process management process management
process managementAshish Kumar
 
OS virtual memory
OS virtual memoryOS virtual memory
OS virtual memoryanand hd
 
Processor Allocation (Distributed computing)
Processor Allocation (Distributed computing)Processor Allocation (Distributed computing)
Processor Allocation (Distributed computing)Sri Prasanna
 
Process
ProcessProcess
Processkavitha muneeshwaran
 
Distributed Operating System_1
Distributed Operating System_1Distributed Operating System_1
Distributed Operating System_1Dr Sandeep Kumar Poonia
 
Operating Systems Part I-Basics
Operating Systems Part I-BasicsOperating Systems Part I-Basics
Operating Systems Part I-BasicsAjit Nayak
 
Operating Systems Part II-Process Scheduling, Synchronisation & Deadlock
Operating Systems Part II-Process Scheduling, Synchronisation & DeadlockOperating Systems Part II-Process Scheduling, Synchronisation & Deadlock
Operating Systems Part II-Process Scheduling, Synchronisation & DeadlockAjit Nayak
 
Operating system
Operating systemOperating system
Operating systemJessore University of Science & Technology, Jessore.
 
Lei municipal n 324 de 18 de dezembro de 2009
Lei municipal n 324 de 18 de dezembro de 2009Lei municipal n 324 de 18 de dezembro de 2009
Lei municipal n 324 de 18 de dezembro de 2009visa343302010
 
Cercle du lac
Cercle du lacCercle du lac
Cercle du lacPatrick Willemarck
 
Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...
Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...
Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...UWU Solutions, Lda.
 
2º workshop de ti
2º workshop de ti2º workshop de ti
2º workshop de tiRenato A. Castro
 
UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...
UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...
UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...Manuais Formação
 

Más contenido relacionado

La actualidad más candente

Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...
Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...
Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...Igor Oliveira
 
Unit 2 part 2(Process)
Unit 2 part 2(Process)Unit 2 part 2(Process)
Unit 2 part 2(Process)WajeehaBaig
 
Software rejuvenation
Software rejuvenationSoftware rejuvenation
Software rejuvenationRVCE
 
PI-Tool To Improve Performance of Application In Multi-core Architecture
PI-Tool To Improve Performance of Application In Multi-core ArchitecturePI-Tool To Improve Performance of Application In Multi-core Architecture
PI-Tool To Improve Performance of Application In Multi-core ArchitectureCSCJournals
 
OS Memory Management
OS Memory ManagementOS Memory Management
OS Memory Managementanand hd
 
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...vtunotesbysree
 
Os overview
Os overviewOs overview
Os overviewanand hd
 
COMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMS
COMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMSCOMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMS
COMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMSijcsit
 
process management
process management process management
process managementAshish Kumar
 
OS virtual memory
OS virtual memoryOS virtual memory
OS virtual memoryanand hd
 
Processor Allocation (Distributed computing)
Processor Allocation (Distributed computing)Processor Allocation (Distributed computing)
Processor Allocation (Distributed computing)Sri Prasanna
 
Operating Systems Part I-Basics
Operating Systems Part I-BasicsOperating Systems Part I-Basics
Operating Systems Part I-BasicsAjit Nayak
 
Operating Systems Part II-Process Scheduling, Synchronisation & Deadlock
Operating Systems Part II-Process Scheduling, Synchronisation & DeadlockOperating Systems Part II-Process Scheduling, Synchronisation & Deadlock
Operating Systems Part II-Process Scheduling, Synchronisation & DeadlockAjit Nayak
 

La actualidad más candente (17)

Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...
Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...
Combating Software Aging: Use Two-Level Rejuvenation to Maximize Average Reso...
 
Unit 2 part 2(Process)
Unit 2 part 2(Process)Unit 2 part 2(Process)
Unit 2 part 2(Process)
 
Software rejuvenation
Software rejuvenationSoftware rejuvenation
Software rejuvenation
 
PI-Tool To Improve Performance of Application In Multi-core Architecture
PI-Tool To Improve Performance of Application In Multi-core ArchitecturePI-Tool To Improve Performance of Application In Multi-core Architecture
PI-Tool To Improve Performance of Application In Multi-core Architecture
 
OS Memory Management
OS Memory ManagementOS Memory Management
OS Memory Management
 
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
 
Os overview
Os overviewOs overview
Os overview
 
COMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMS
COMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMSCOMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMS
COMPARATIVE ANALYSIS OF FCFS, SJN & RR JOB SCHEDULING ALGORITHMS
 
Distributed Operating System_2
Distributed Operating System_2Distributed Operating System_2
Distributed Operating System_2
 
process management
process management process management
process management
 
OS virtual memory
OS virtual memoryOS virtual memory
OS virtual memory
 
Processor Allocation (Distributed computing)
Processor Allocation (Distributed computing)Processor Allocation (Distributed computing)
Processor Allocation (Distributed computing)
 
Process
ProcessProcess
Process
 
Distributed Operating System_1
Distributed Operating System_1Distributed Operating System_1
Distributed Operating System_1
 
Operating Systems Part I-Basics
Operating Systems Part I-BasicsOperating Systems Part I-Basics
Operating Systems Part I-Basics
 
Operating Systems Part II-Process Scheduling, Synchronisation & Deadlock
Operating Systems Part II-Process Scheduling, Synchronisation & DeadlockOperating Systems Part II-Process Scheduling, Synchronisation & Deadlock
Operating Systems Part II-Process Scheduling, Synchronisation & Deadlock
 
Operating system
Operating systemOperating system
Operating system
 

Destacado

Lei municipal n 324 de 18 de dezembro de 2009
Lei municipal n 324 de 18 de dezembro de 2009Lei municipal n 324 de 18 de dezembro de 2009
Lei municipal n 324 de 18 de dezembro de 2009visa343302010
 
Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...
Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...
Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...UWU Solutions, Lda.
 
UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...
UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...
UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...Manuais Formação
 
Novidades fiscais-para-empresas-ebook
Novidades fiscais-para-empresas-ebookNovidades fiscais-para-empresas-ebook
Novidades fiscais-para-empresas-ebookUWU Solutions, Lda.
 
Etapas aspectos metodos_instrumentos_primera_vez_ba
Etapas aspectos metodos_instrumentos_primera_vez_baEtapas aspectos metodos_instrumentos_primera_vez_ba
Etapas aspectos metodos_instrumentos_primera_vez_baEnio Maldonado
 
El sector productivo y la importancia de la educación terciaria - Congreso A...
El sector productivo y la importancia de la educación terciaria - Congreso A...El sector productivo y la importancia de la educación terciaria - Congreso A...
El sector productivo y la importancia de la educación terciaria - Congreso A...Camilo Montes
 
Silverstripe
SilverstripeSilverstripe
Silverstripewendylg
 
UFCD_3532_Atendimento personalizado_índice
UFCD_3532_Atendimento personalizado_índiceUFCD_3532_Atendimento personalizado_índice
UFCD_3532_Atendimento personalizado_índiceManuais Formação
 
Laura Sans Ricino
Laura Sans RicinoLaura Sans Ricino
Laura Sans RicinoJon Marín
 
Educacion tambien en crisis
Educacion tambien en crisisEducacion tambien en crisis
Educacion tambien en crisistxemy
 
Panayotis Nellas - Omul, animal indumnezeit
Panayotis Nellas - Omul, animal indumnezeitPanayotis Nellas - Omul, animal indumnezeit
Panayotis Nellas - Omul, animal indumnezeitFrescatiStory
 
Ficha guión técnico
Ficha guión técnicoFicha guión técnico
Ficha guión técnicoavrmoda
 
N.Produto-portaria nº 802 1998 empresas produtoras e distribuidoras de medica...
N.Produto-portaria nº 802 1998 empresas produtoras e distribuidoras de medica...N.Produto-portaria nº 802 1998 empresas produtoras e distribuidoras de medica...
N.Produto-portaria nº 802 1998 empresas produtoras e distribuidoras de medica...visa343302010
 
QP Estadísticas Otoño 2010
QP Estadísticas Otoño 2010 QP Estadísticas Otoño 2010
QP Estadísticas Otoño 2010 raulcervantes
 
Bases de Datos / Historia Mundo Moderno
Bases de Datos / Historia Mundo ModernoBases de Datos / Historia Mundo Moderno
Bases de Datos / Historia Mundo ModernoEdith M Torres-Gracia
 

Destacado (20)

Lei municipal n 324 de 18 de dezembro de 2009
Lei municipal n 324 de 18 de dezembro de 2009Lei municipal n 324 de 18 de dezembro de 2009
Lei municipal n 324 de 18 de dezembro de 2009
 
Cercle du lac
Cercle du lacCercle du lac
Cercle du lac
 
Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...
Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...
Recibos de Renda Eletrónicos – FAQ’s - Perguntas Frequentes - http://bit.ly/1...
 
2º workshop de ti
2º workshop de ti2º workshop de ti
2º workshop de ti
 
UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...
UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...
UFCD_6666_Publicidade_um discurso de sedução_mundo atual_cursos de aprendizag...
 
Novidades fiscais-para-empresas-ebook
Novidades fiscais-para-empresas-ebookNovidades fiscais-para-empresas-ebook
Novidades fiscais-para-empresas-ebook
 
Etapas aspectos metodos_instrumentos_primera_vez_ba
Etapas aspectos metodos_instrumentos_primera_vez_baEtapas aspectos metodos_instrumentos_primera_vez_ba
Etapas aspectos metodos_instrumentos_primera_vez_ba
 
El sector productivo y la importancia de la educación terciaria - Congreso A...
El sector productivo y la importancia de la educación terciaria - Congreso A...El sector productivo y la importancia de la educación terciaria - Congreso A...
El sector productivo y la importancia de la educación terciaria - Congreso A...
 
Silverstripe
SilverstripeSilverstripe
Silverstripe
 
UFCD_3532_Atendimento personalizado_índice
UFCD_3532_Atendimento personalizado_índiceUFCD_3532_Atendimento personalizado_índice
UFCD_3532_Atendimento personalizado_índice
 
Laura Sans Ricino
Laura Sans RicinoLaura Sans Ricino
Laura Sans Ricino
 
Educacion tambien en crisis
Educacion tambien en crisisEducacion tambien en crisis
Educacion tambien en crisis
 
Panayotis Nellas - Omul, animal indumnezeit
Panayotis Nellas - Omul, animal indumnezeitPanayotis Nellas - Omul, animal indumnezeit
Panayotis Nellas - Omul, animal indumnezeit
 
Ficha guión técnico
Ficha guión técnicoFicha guión técnico
Ficha guión técnico
 
Salvador ruiz rodriguez
Salvador ruiz rodriguezSalvador ruiz rodriguez
Salvador ruiz rodriguez
 
Body parts
Body partsBody parts
Body parts
 
RESULT HSNS566
RESULT HSNS566RESULT HSNS566
RESULT HSNS566
 
N.Produto-portaria nº 802 1998 empresas produtoras e distribuidoras de medica...
N.Produto-portaria nº 802 1998 empresas produtoras e distribuidoras de medica...N.Produto-portaria nº 802 1998 empresas produtoras e distribuidoras de medica...
N.Produto-portaria nº 802 1998 empresas produtoras e distribuidoras de medica...
 
QP Estadísticas Otoño 2010
QP Estadísticas Otoño 2010 QP Estadísticas Otoño 2010
QP Estadísticas Otoño 2010
 
Bases de Datos / Historia Mundo Moderno
Bases de Datos / Historia Mundo ModernoBases de Datos / Historia Mundo Moderno
Bases de Datos / Historia Mundo Moderno
 

Similar a Implementing process forensic for system calls

Operating system (OS) itself is a process, what approaches are there.pdf
Operating system (OS) itself is a process, what approaches are there.pdfOperating system (OS) itself is a process, what approaches are there.pdf
Operating system (OS) itself is a process, what approaches are there.pdfJUSTSTYLISH3B2MOHALI
 
Basic features of distributed system
Basic features of distributed systemBasic features of distributed system
Basic features of distributed systemsatish raj
 
CS 301 Computer ArchitectureStudent # 1 EID 09Kingdom of .docx
CS 301 Computer ArchitectureStudent # 1 EID 09Kingdom of .docxCS 301 Computer ArchitectureStudent # 1 EID 09Kingdom of .docx
CS 301 Computer ArchitectureStudent # 1 EID 09Kingdom of .docxfaithxdunce63732
 
Operating system - Process and its concepts
Operating system - Process and its conceptsOperating system - Process and its concepts
Operating system - Process and its conceptsKaran Thakkar
 
DevOps_SelfHealing
DevOps_SelfHealingDevOps_SelfHealing
DevOps_SelfHealingAtul Dhingra
 
MODERN OPERATING SYSTEM
MODERN OPERATING SYSTEMMODERN OPERATING SYSTEM
MODERN OPERATING SYSTEMkhanz2012
 
Virtual Machine Migration Techniques in Cloud Environment: A Survey
Virtual Machine Migration Techniques in Cloud Environment: A SurveyVirtual Machine Migration Techniques in Cloud Environment: A Survey
Virtual Machine Migration Techniques in Cloud Environment: A Surveyijsrd.com
 
Operating system
Operating systemOperating system
Operating systemMark Muhama
 
Operating System-Concepts of Process
Operating System-Concepts of ProcessOperating System-Concepts of Process
Operating System-Concepts of ProcessShipra Swati
 
Real Time Operating System ,Structures of Operating System (Monolithic, Micro...
Real Time Operating System ,Structures of Operating System (Monolithic, Micro...Real Time Operating System ,Structures of Operating System (Monolithic, Micro...
Real Time Operating System ,Structures of Operating System (Monolithic, Micro...VIJETHAK2
 
Procesamiento multinúcleo óptimo para aplicaciones críticas de seguridad
Procesamiento multinúcleo óptimo para aplicaciones críticas de seguridad Procesamiento multinúcleo óptimo para aplicaciones críticas de seguridad
Procesamiento multinúcleo óptimo para aplicaciones críticas de seguridadMarketing Donalba
 
operating system for computer engineering ch3.ppt
operating system for computer engineering ch3.pptoperating system for computer engineering ch3.ppt
operating system for computer engineering ch3.pptgezaegebre1
 
Linux process management
Linux process managementLinux process management
Linux process managementRaghu nath
 

Similar a Implementing process forensic for system calls (20)

Operating system (OS) itself is a process, what approaches are there.pdf
Operating system (OS) itself is a process, what approaches are there.pdfOperating system (OS) itself is a process, what approaches are there.pdf
Operating system (OS) itself is a process, what approaches are there.pdf
 
Basic features of distributed system
Basic features of distributed systemBasic features of distributed system
Basic features of distributed system
 
50120140501006 2
50120140501006 250120140501006 2
50120140501006 2
 
Operating system
Operating systemOperating system
Operating system
 
CS 301 Computer ArchitectureStudent # 1 EID 09Kingdom of .docx
CS 301 Computer ArchitectureStudent # 1 EID 09Kingdom of .docxCS 301 Computer ArchitectureStudent # 1 EID 09Kingdom of .docx
CS 301 Computer ArchitectureStudent # 1 EID 09Kingdom of .docx
 
Operating system - Process and its concepts
Operating system - Process and its conceptsOperating system - Process and its concepts
Operating system - Process and its concepts
 
Os
OsOs
Os
 
Os
OsOs
Os
 
DevOps_SelfHealing
DevOps_SelfHealingDevOps_SelfHealing
DevOps_SelfHealing
 
p850-ries
p850-riesp850-ries
p850-ries
 
MODERN OPERATING SYSTEM
MODERN OPERATING SYSTEMMODERN OPERATING SYSTEM
MODERN OPERATING SYSTEM
 
Virtual Machine Migration Techniques in Cloud Environment: A Survey
Virtual Machine Migration Techniques in Cloud Environment: A SurveyVirtual Machine Migration Techniques in Cloud Environment: A Survey
Virtual Machine Migration Techniques in Cloud Environment: A Survey
 
Operating system
Operating systemOperating system
Operating system
 
Chapter 3 chapter reading task
Chapter 3 chapter reading taskChapter 3 chapter reading task
Chapter 3 chapter reading task
 
Operating System-Concepts of Process
Operating System-Concepts of ProcessOperating System-Concepts of Process
Operating System-Concepts of Process
 
Real Time Operating System ,Structures of Operating System (Monolithic, Micro...
Real Time Operating System ,Structures of Operating System (Monolithic, Micro...Real Time Operating System ,Structures of Operating System (Monolithic, Micro...
Real Time Operating System ,Structures of Operating System (Monolithic, Micro...
 
Procesamiento multinúcleo óptimo para aplicaciones críticas de seguridad
Procesamiento multinúcleo óptimo para aplicaciones críticas de seguridad Procesamiento multinúcleo óptimo para aplicaciones críticas de seguridad
Procesamiento multinúcleo óptimo para aplicaciones críticas de seguridad
 
operating system for computer engineering ch3.ppt
operating system for computer engineering ch3.pptoperating system for computer engineering ch3.ppt
operating system for computer engineering ch3.ppt
 
Live migration
Live migrationLive migration
Live migration
 
Linux process management
Linux process managementLinux process management
Linux process management
 

Más de IAEME Publication

IAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME_Publication_Call_for_Paper_September_2022.pdfIAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME_Publication_Call_for_Paper_September_2022.pdfIAEME Publication
 
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...IAEME Publication
 
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURSA STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURSIAEME Publication
 
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURSBROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURSIAEME Publication
 
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONSDETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONSIAEME Publication
 
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONSANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONSIAEME Publication
 
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINOVOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINOIAEME Publication
 
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...IAEME Publication
 
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMYVISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMYIAEME Publication
 
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...IAEME Publication
 
GANDHI ON NON-VIOLENT POLICE
GANDHI ON NON-VIOLENT POLICEGANDHI ON NON-VIOLENT POLICE
GANDHI ON NON-VIOLENT POLICEIAEME Publication
 
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...IAEME Publication
 
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...IAEME Publication
 
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...IAEME Publication
 
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...IAEME Publication
 
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...IAEME Publication
 
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...IAEME Publication
 
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...IAEME Publication
 
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...IAEME Publication
 
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENTA MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENTIAEME Publication
 

Más de IAEME Publication (20)

IAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME_Publication_Call_for_Paper_September_2022.pdfIAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME_Publication_Call_for_Paper_September_2022.pdf
 
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
 
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURSA STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
 
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURSBROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
 
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONSDETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
 
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONSANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
 
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINOVOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
 
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
 
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMYVISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
 
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
 
GANDHI ON NON-VIOLENT POLICE
GANDHI ON NON-VIOLENT POLICEGANDHI ON NON-VIOLENT POLICE
GANDHI ON NON-VIOLENT POLICE
 
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
 
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
 
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
 
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
 
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
 
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
 
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
 
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
 
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENTA MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
 

Último

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Último (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Implementing process forensic for system calls

  • 1. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 77 IMPLEMENTATION OF PROCESS FORENSIC FOR SYSTEM CALLS Dr. Narayan A. Joshi Associate Professor, CSE Department, NIRMA University, Ahmedabad, Gujarat, India. Dr. D. B. Choksi Professor, Department of Computer Science, Sardar Patel University, Vallabh Vidyanagar, Gujarat, India. ABSTRACT Mechanisms such as dynamic process migration, process forensic, process checkpoint-restart are concerned with process-state checkpointing. Dynamic process migration mechanism migrates a partially executed process from its originating workstation to other workstation, thereby it supports load balancing in distributed & networked systems letting applications to access computing resources spread across the network; such workload relocation among workstations may result into substantial improvements in overall system performance. The process checkpointing mechanism is responsible for identifying current dynamic and static state information of a desired process. However, determination of information of a particular system call under execution by a process to be checkpointed is one of the challenging tasks for the process checkpointing and migration mechanisms. A kernel-level solution for checkpointing the system call details is described in this paper. Keywords: System Call, Process Forensic, Process Checkpointing, Process Migration. 1. INTRODUCTION From an application developer’s perspective, the LINUX kernel appears to be a transparent layer in the operating system environment. In general, the presence of LINUX kernel is not noticed, however it always exists and continuously serves its best. In order to carry out assigned computing tasks, user-level processes are not required to know about which regions of memory and region address-ranges are occupied by them, which region-pages are swapped to the disk, though the processes remain in nearly continuous interaction with the underlying kernel to avail required services and thereby to get their work done. INTERNATIONAL JOURNAL OF ADVANCED RESEARCH IN ENGINEERING AND TECHNOLOGY (IJARET) ISSN 0976 - 6480 (Print) ISSN 0976 - 6499 (Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME: http://www.iaeme.com/IJARET.asp Journal Impact Factor (2014): 7.8273 (Calculated by GISI) www.jifactor.com IJARET © I A E M E
  • 2. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 78 For the sake of getting the assigned work done, the user-level processes take services provided by library routines. The library routines, in turn call the kernel-level functions. The role of standard library routines becomes significant as they act as an intermediate layer between the user- space process and the underlying kernel. Moreover, they help to standardize and simplify the distribution and usage of kernel level routines across diversified kernels. In order to make its capabilities and routines available to the user-level processes, the kernel facilitates system calls through which the kernel-level functions can be accessed in the user-space. A user-level process is an instance of a binary executable program file under execution. Every process has a certain unique state comprising of static and dynamic components. The static state of a process comprises of the binary executable program file itself; whereas the dynamic process-state comprises of the process’s address space (both of physical and virtual memory), CPU registers (both of user- space and kernel-space), I/O devices, files opened, sockets opened, pipes opened, signals received, blocked and pending, and many other things including system call under execution (if any) [2]. Sometimes, it may be required by the administrator, application developer, operating system kernel or system programs to determine the complete state information of a desired process. The paper describes a mechanism to determine system call information being executed by a desired process. Section 2 describes motivating scenarios concerned with determination of dynamic state information of a process. The problem statement and scope of the paper is in mentioned section 3. Proposed solution is discussed in section 4. The paper concludes with remarks and future directions in section 5. 2. MOTIVATION As seen in the above section, process state comprises of static and dynamic state components of a process. The requirement of process state identification and checkpointing becomes substantial during many situations, some of which are listed here [9]. Sometimes, it may be desired to pause the execution of a partially executed process, preserve its current state, kill the process, and later on according to user’s convenience and needs, restore the preserved state in a new process, and resume the restored process for execution. Such a process checkpoint-restart mechanism becomes advantageous for process migration also [3]. Process migration and load balancing can be applied to a system of interconnected computers to distribute the load of overloaded workstations among idle or lightly-loaded workstations [1]. The load balancing activity may result into utilization of a plenty of distributed computing power that usually goes unused. Instead of letting some machines be overloaded with several tasks, it makes sense to relocate some of these tasks to under-utilized machines from the overloaded ones. This allows such tasks to complete quickly and improve the overall system performance [6], [7]. Another area of applications where process migration could be beneficial is- it may be used to relocate a distant process closer to the big data that it is processing, thereby ensuring that it spends most of its time in doing useful work; and not wasting its time performing communication between nodes for sake of accessing the required data. Moreover, process migration may be beneficial in achieving fault tolerance. A process could be migrated from a partially failed workstation to some other healthy workstation in the network to avail process continuity. The same can be made applicable to the long-running processes whose workstations are to be disconnected from the network or turned-off later after some time because of lack of battery backup. Thus, the process migration can make the process available even after machine-failure or disconnection [4]. Furthermore, certain machines may possess better capabilities such as higher computing power, more amount of primary memory, availability of graphical processing unit, etc. which can be
  • 3. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 79 utilized by moving a needy process to that machine. In this case, the process can be started on the source machine and then migrated to a more powerful machine later when it becomes available. 3. PROBLEM The operating system maintains the dynamic state information of a process in a kernel-level process descriptor data structure task_struct. The LINUX process control block task_struct maintains process state information such as process id, process group id, address space, current execution state, memory regions, credentials, opened files information and many other details including process scheduling and management [8]. Being such information available in the process descriptor and other supporting kernel-level data structures, various mechanisms such as process forensic, process checkpointing and process migration may carry out their tasks. However, at the time of process state investigation, checkpointing and migration, chances are there that the process could be running in some kernel-space function such as some system call handler. However, such mechanisms need to determine the related information of the system call currently being executed by the desired process. Moreover, the kernel doesn’t maintain such information in the process descriptor and other supporting kernel-level data structures. Furthermore, the kernel doesn’t provide a kernel-level mechanism to determine whether the process is running in some system call handler or not. It is desirable to avail kernel-level mechanism with which one can determine whether a process is running in some system call or not, and if the process is running some system call, then the related details about the system call should also be made available by the said mechanism. We have already proposed a partial solution overview of some of the algorithmic steps for the above described problem in our paper [5]. In this paper we have provided a comprehensive solution algorithm for the above said problem. Furthermore, a working implementation mechanism is also presented in this paper. 4. MECHANISM We describe here the working of system calls first. For simplicity, we have considered here the open source operating system and the freely available kernel. In order to provide its various services including efficiency, security and consistency to the user-space programs, the kernel facilitates a very powerful tool in the form of system calls. The user- space programs can avail the privileged kernel-level facilities and resources by means of system calls which normally appear as like as ordinary functions. Therefore, the system calls are the gateways for user-space programs to penetrate into the kernel space to avail its services. The system makes the system calls available to the user-space by means of software interrupts. While the user-space program is running in user-space and invocation of system call causes a maskable interrupt or exception class transfer from user-mode to the kernel-mode; which happens as a result of execution of the instruction int 0x80. Here, the vector 0x80 is used for transferring the control from user mode to the kernel mode by means of software interrupt. The in memory data structure interrupt vector gets initialized during system boot time. Further, the number of system call is required to be communicated to the kernel-space which normally is achieved by means of setting the orig_ax register with the appropriate system call number; sometimes it also depends on the underlying architecture and the version of the kernel. The execution flow of system calls is shown in figure 1[5]. As described above, the instruction int 0x80, is responsible to raise a software interrupt 128. It represents a call gate to the kernel’s specific service, thereby causing execution mode switching from user-mode to the kernel- mode. In the kernel-space, for the interrupt 128, a specific handle routine is registered to carry out execution of the requested system call. It suggests that during the time of process forensic or
  • 4. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 80 migration, if the process was passing through the stage of execution of some system call, then the CPU would just have executed the instruction 0xcd 0x80 before jumping to the kernel space, and therefore, the previous value of the instruction pointer in the user-space would point to the corresponding mode switching instruction. Figure 1: The system call mechanism Here we suggest a mechanism for the steps suggested in [5]: 1. Obtain the process descriptor of the desired process whose forensic-investigation is to be done, or which is to be migrated. 2. Determine the current state of the process’s register-context from the obtained process control block. 3. Fetch the value of orig_ax register of the desired process. The value obtained may represent some system call. Determine the validity of the system call number. In case of a valid system call number, the process could be running a system call, otherwise the process was not doing a system call. 4. Obtain the previous instruction code of the instruction pointer in order to determine the two code values at the two memory addresses ptr_to_registers.ip-2 and ptr_to_registers.ip-1. a. Calculate the address of page global directory and verify its in memory validity. b. Calculate the address of the page upper directory from the global directory address and verify its in memory validity. c. Determine the page middle directory and verify its in memory validity. d. Determine the page table entry and verify its in memory validity. e. Swap in the required page if it is currently not available in memory. 5. Determine the addresses for the ptr_to_registers.ip-2 and ptr_to_registers.ip-1. 6. Fault in the page(s) containing the physical addresses determined in step 5 and obtain the values stored in those two locations. 7. Determine the nature of instruction from the values fetched in above step-6 to verify whether the process is running in some system call or not.
  • 5. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 81 Some of the foremost implementation steps for the function system_call_forensic( ) are shown below [10], [11]: #include<linux/pagemap.h> #include<linux/sched.h> #include<linux/module.h> #include<linux/kernel.h> … int system_call_forensic(pid_t pid) { /*pid is process-id of the desired process which is to be migrated or whose forensic investigation is to be done*/ struct task_struct* pcb;//represents the process control //block strut pt_regs* regs; // represents the register context unsigned long k_addr;//represents kernel physical address pcb = find_task_by_pid(pid);//fetch pcb … regs = task_pt_regs(pcb); k_addr = regs.ip; if((*regs).orig_ax <= 0 || (*regs).orig_ax >= NR_syscalls) { printk(KERN_DEBUG “The process is not running system call.n”); … return 0; } //obtain the addresses of directory levels and verify their validity pgd_t* globaldir = pgd_offset(pcb->mm, k_addr); … pud_t* upperdir = pud_offset(globaldir, k_addr); … pmd_t* middledir = pmd_offset(upperdir, k_addr); … pte_t* pte = pte_offset_map(middledir, k_addr); … /*determine the presence of the page in memory, otherwise fault in the same.*/ if(!pte_present(*pte)) { //lock the table spin_lock(page_table_lock); //fault in the page … spin_unlock(page_table_lock); }
  • 6. International Journal of Advanced Research in Engineering and Technology (IJARET), ISSN 0976 – 6480(Print), ISSN 0976 – 6499(Online) Volume 5, Issue 6, June (2014), pp. 77-82 © IAEME 82 char* physical_address = page_address(pte_page(*pte)) + k_addr & ~PAGE_MASK; pte_unmap(pte); if the type of instruction stored at physical address is associated with software interrupt return (*regs).orig_ax; else return -1; } 5. CONCLUDING REMARKS A working implementation by means of a kernel module is suggested here to determine whether a desired process is running in some system call or not. The suggested mechanism returns the system call number if the process is running in a system call. The suggested mechanism may be enhanced further to work with the modern approach of system call gateway i.e. sysenter. Moreover, the suggested mechanism involves traversal through page directories at many levels; which in future may be optimized further to obtain better performance. REFERENCES 1. A. Ali (2010), “A Guide to Dynamic Load Balancing in Distributed Computer system”, International Journal of Computer Science and Network Security, VOL.10, No.6. 2. D. P. Bovet and M. Cesati (2005), “Understanding the Linux Kernel”, 3rd edition, O’Reilly publication, ISBN 978-0-596-00565-8. 3. D. S. Milojicic, F. Douglis, Y. Paindaveine, R. Wheeler and S. Zhou (2000), “Process Migration”, ACM Journal of Computing Surveys, Vol. 2, Issue-3. 4. J. C. Sancho, F. Petrini, K. Davis, R. Gioiosa and S. Jiang (2005), “Current practice and a direction forward in checkpoint/restart implementations for fault tolerance”, Proceedings of 19th IEEE International Symposium on Parallel and Distributed Processing. 5. N. A. Joshi and D. B. Choksi (2009), “Process Forensic for System-call details on Linux Platform”, International Journal of Computer Applications in Engineering, Technology & Sciences. 6. Narayan A. Joshi and. D. B. Choksi (2012), “Mechanism for Implementation of Load Balancing using Process Migration”, International Journal of Computer Applications, Vol. 40, No. 9. 7. Narayan A. Joshi (2014), “Load Balancing in Cloud Using Process Migration”, International Journal of Advanced Research in Engineering & Technology, ISSN Print: 0976-6480, ISSN Online: 0976-6499, Vol. 5, Issue 4. 8. W. Mauerer, “Professional Linux Kernel Architecture”, Wiley Publishing Inc., ISBN: 978-0-470- 34343-2, 2008. 9. Y. Wang, Y. Huang, K. Vo, P. Chung and C. Kintala (1995), “Checkpointing and its applications”, Proceedings of the 25th International Symposium on Fault-tolerant computing. 10. LINUX reference manual, section 2 & 5. 11. LINUX kernel source: http://kernel.org. 12. Dr. Narayan Joshi and Parjanya Vyas (2014), “Performance Evaluation of Parallel Computing Systems”, International Journal of Advanced Research in Engineering & Technology, ISSN Print: 0976-6480, ISSN Online: 0976-6499, Vol. 5, Issue 5.