GitHub

linux-syscall-2.md

System calls in the Linux kernel. Part 2. How does the Linux kernel handle a system call The previous [part](https://0xax.gitbook.io/linux-insides/summary/syscall ...
Cloud Security Alliance

Exploring Syscall Evasion – Linux Shell Built-ins

This is the first article in a series focusing on syscall evasion as a means to work around detection by security tools and what we can do to combat such efforts. We’ll be starting out the series ...
Security Boulevard

A deep dive into Linux’s new mseal syscall

If you love exploit mitigations, you may have heard of a new system call named mseal landing into the Linux kernel’s 6.10 release, providing a protection called “memory sealing.” Beyond notes from the ...
Linux Journal

Removing All Syscall Invocations from Kernel Space

There's an effort under way to reduce and ultimately remove all system call invocations from within kernel space. Dominik Brodowski was leading this effort, and he posted some patches to remove a lot ...
theregister

Watch out for any Linux malware sneakily evading syscall-watching antivirus

A proof-of-concept program has been released to demonstrate a so-called monitoring "blind spot" in how some Linux antivirus and other endpoint protection tools use the kernel's io_uring interface.
IEEE

Android Malware Detection Based on Informative Syscall Subsequences

Abstract: The Android operating system commands a dominant market share of over 70% in the smartphone industry. However, this widespread usage has resulted in a concerning increase in malware ...