Computer systems, such as operating system(s) (OS) for a computer or network device, can be subject to various attacks. For example, such attacks can be directed at execution paths or executable files of an operating system. Fortunately, there are existing modifications that can make attacks more difficult. Specifically, preventative technologies like address space layout randomization (ASLR) have been used to randomize memory locations of OS components making it more difficult for attackers to find specific code. Other data security technologies, such as whole disk encryption, also make it more difficult for attackers to find specific code.
Another form of OS security is software monitoring, which can include solutions from the very simple to the complex. One problem with monitoring solutions is that they generally lack a secure place to stand. In other words, such monitoring systems typically monitor the OS that they require for support. For example, typical antivirus software is subject to being circumvented because it is trying to run on a platform that it is attempting to monitor. In other cases where there is a secure place to stand, monitoring techniques are complex and processor intensive. Additionally, preventative techniques, such as ASLR, make monitoring even more complex and problematic.