Evaluating Techniques for Full System Memory Tracing

Prof. Dr. Frank Bellosa
Marc Rittinghaus

Bearbeiter:Thomas Schmidt


The creation of memory traces for full system analysis is very time-consuming, yet it is a vital part of nowadays toolchain for improving software performance as well as for increasing the security of software, by enhancing the understanding of the software behavior.

This thesis examines the use of hardware-assisted virtualization as an alternative to memory tracing based on dynamic binary translation, using Intel’s Extended Page Table to restrict the access to memory. Further, both approaches are implemented, comparing them regarding performance and the quality of the data recorded. The experiments show that dynamic binary translation outperforms the proposed system significantly regarding its performance and also has an edge concerning accuracy.


