Sys call hooking - tracing
I am developing a small program to monitor the Linux kernel for any Trojan / rootkit infection. I want to monitor the kernel, if any malware changes the system calls and alert the user. How to do this or what function calls to use for monitoring system call hooking ?
|