The paper presents O2C, a system designed to enforce OS kernel compartmentalization on the fly using the latest advancements of the eBPF ecosystem and machine learning. O2C provides immediate remediation for sudden threats while maintaining consistent system availability. It confines damage within the compartment and is lightweight with negligible overhead. The paper also validates that the decision tree is optimally suited for O2C due to its advantages in processing tabular data, its explainable nature, and its compliance with the eBPF ecosystem.
Publication date: 15 Jan 2024
Project Page: Not provided
Paper: https://arxiv.org/pdf/2401.05641
