Isolation Forest + eBPF events to create a Linux based endpoint detection system [P]
Hey everyone. I’ve been working on a machine learning project called guardd and wanted to get some feedback on the ML side of it. It’s basically a host-based anomaly detection system for Linux using Isolation Forest. I’m collecting exec and network eve…