Search code, repositories, users, issues, pull requests...
⚠️ Not a final product: This is the final result of a research project. It is not intended to be a final product/solution to use in any productions environment whatsoever, it is simply the byproduct of research and therefore is intended to use as so.
ebpfangel is a ransomware detection system that leverages the power of eBPF and machine learning to provide real-time monitoring and protection against ransomware attacks on Linux-based systems. By integrating dynamic analysis techniques with the capabilities of eBPF, ebpfangel offers a flexible, low-overhead solution for identifying and mitigating ransomware threats.
ebpfangel operates by attaching eBPF programs to key system calls and user-space functions. These programs are triggered by specific events, such as file operations and encryption activities, allowing for comprehensive monitoring of system behavior. The collected data is then processed and analyzed using machine learning algorithms to detect patterns indicative of ransomware activity.
To foster progress in the field of ransomware detection, collaboration and knowledge sharing within the research community are essential. Encouraging open collaboration, sharing of datasets, methodologies, and findings will enable researchers to collectively combat the growing threat of ransomware attacks. By fostering collaboration, we can pool resources and expertise to develop more advanced and robust ransomware detection techniques, ultimately enhancing the overall security posture against this persistent threat.
