1. Field of the Invention
This disclosure relates to a probe construction technique, and, more particularly, to an automatic probe construction system and an automatic probe construction method.
2. Description of Related Art
Information security is an inevitable need for every enterprise or organization.
Therefore, industrial and academic circles have made a great amount of effort in analyzing malicious programs.
Currently, a probe mechanism is one of the most popular mechanisms to monitor and sniff behaviors of an operating system. However, the existing probes are heavily relied on human labors to conduct a reverse engineering to realize analysis of the operating system. Further, in order to implement a probe corresponding to a core data structure of an operating system that is not published, such as the Microsoft operating system, engineers have to conduct a reverse engineering on an unpublished core data structure.
However, the above engineering is heavily relied on human labors, and the results of the reverse engineering lack practicability. When the environment in which the operating system runs is changed or the edition of the operating system is changed, the engineers have to conduct the reverse engineering once again, which wastes a great amount of labor costs and time resources.
Therefore, how to solve the problems of the prior art is becoming one of the most urgent issues in the art.