Generate bpftrace eBPF programs online with GPT or LLM

MCP server implementation for Tetragon

基于函数级污点分析的 Java 源代码漏洞审计工具JavaSinkTracer，通过 Model Context Protocol (MCP) 为 AI 助手提供安全分析能力。

[ISSTA 2025] Unlocking Low Frequency Syscalls in Kernel Fuzzing with Dependency-Based RAG

The design and implementation of an advanced BiLSTM-based model integrated with an attention mechanism for network intrusion detection using the NSL-KDD dataset.

AI-enhanced Intrusion Detection System (IDS) designed to monitor network traffic on your home Wi-Fi network

ReplicaWatcher: Training-less Anomaly Detection in Containerized Microservices - NDSS'24

A simple rootkit written in ebpf.

This utility allows users to track changes in a specified file and prints a timestamp when modifications occur.

Reuploaded the Project again.

ML analysis for paper: Intrusion Detection Monitoring for Linux

SharpEye: Advanced Linux Intrusion Detection and Threat Hunting System

exploring anomaly detection of syscalls

a labelled version of the ADFA-LD dataset for HIDS evaluation

A categorized list of system calls used by popular Unix-like operating systems

This document serves as a guide for installing and using DynBox, a dynamic system call sandbox designed to isolate vulnerable programs. It is the accompanying artifact for the OOPSLA 2023 submissio…

TU Delft CSE3000 Research Project code and artifacts

This is the repository for the code and artifacts related to the CCS2022 paper: C2C: Fine-grained Configuration-driven System Call Filtering

detect malware type by input syscalls of the malware in ML model

Kernel-level security monitoring system using eBPF and Rust (Aya framework). Hooks critical syscalls to detect security anomalies and potential Advanced Persistent Threats.

Malware detection program using system call sequencing.

An open source repository containing a list of syscalls that are blocked in the default docker seccomp profile.