A kernel driver monitoring system calls invoked by all the processes running in a Windows 7 32bit SP1 system.
- monitoring system calls invoked at the kernel level, through a driver
- 151 system calls are monitored (by far the largest set to our best knowledge)
- automated driver signing, installing and uninstalling
- system calls can be stored locally or in the cloud