1 Process Information for guest OS:

1.1 Compile and run task-info/task-info.c in the guest OS

sudo insmod task-info.ko
dmesg

1.2 Copy the output to the ./target-i386/PEMU/linux.c

{
	0xC1731F60, /* task struct root */
	432, /* offset of task_struct list */
	460, /* offset of mm */
	40, /* offset of pgd in mm */
	732, /* offset of comm */
};

Note: the new process detection approach listed in the paper is not that stable. Instead, we use some process information to help new process detection.

2 Compile PEMU:

sudo apt-get build-dep qemu
cd pemu && mkdir build && cd build
../myconfig && make install

3 Compile PIN plugins

cd pemu/plugins && make

4 Run testcases:

4.1 Launch PEMU:

cd pemu/build/bin && ./qemu-system-i386 -m 512 image -monitor stdio

4.2 Specify PIN plugin and target program (eg. ls):

(QEMU) pemu ls strace.so

4.3 Run target program in guest OS (eg. ls):

guestos:~$ ls

About

PEMU: A PIN Highly Compatible Out-of-VM Dynamic Binary Instrumentation Framework with some patches

Other

Languages

Language:C 73.0%Language:Assembly 10.7%Language:HTML 6.4%Language:C++ 3.6%Language:Groff 1.2%Language:Objective-C 0.9%Language:Scheme 0.8%Language:Shell 0.6%Language:Makefile 0.6%Language:Forth 0.4%Language:Python 0.4%Language:Perl 0.2%Language:TeX 0.2%Language:R 0.2%Language:SuperCollider 0.2%Language:Yacc 0.2%Language:Lex 0.2%Language:Haxe 0.1%Language:PHP 0.0%Language:Logos 0.0%Language:Common Lisp 0.0%Language:Verilog 0.0%Language:Awk 0.0%Language:GDScript 0.0%Language:Perl 6 0.0%Language:DIGITAL Command Language 0.0%Language:XSLT 0.0%Language:Rebol 0.0%Language:CSS 0.0%Language:Pure Data 0.0%Language:PicoLisp 0.0%Language:Scala 0.0%Language:GAP 0.0%Language:MATLAB 0.0%Language:NSIS 0.0%Language:Emacs Lisp 0.0%Language:Tcl 0.0%Language:SourcePawn 0.0%Language:Coq 0.0%Language:Ruby 0.0%Language:E 0.0%Language:Eiffel 0.0%Language:QMake 0.0%Language:Batchfile 0.0%Language:Mathematica 0.0%Language:Elixir 0.0%