Tag: Linux Host-based Intrusion Detection System

eHIDS A Linux Host-based Intrusion Detection System based on eBPF. Implementations & Functionalities： TCP network data capture UDP network data capture DNS information capture in uprobe mode Process data capture Uprobe way to achieve JAVA RASP command execution scene event capture Go framework implementation of eBPF, abstract implementation of multi-type events for the kprobe\uprobe mounting…