Skip to content

Parameters to generate warning #6

Description

@utkarsh-1905

What should be the parameters to generate a threat flag?

Initial thoughts:

  • The rate of syscall invocation is rising significantly
  • System (CPU, memory) usage is rising significantly
  • Unusual call pattern

Some material that can help in research:
UCLA Research Paper
Palo Alto Networks Blog
Datadog Blog

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions