Track 1: Sentinel Runtime
Domain: Host / Process / Syscall
Mechanism: ptrace + Anomaly Detection
Focus: Enforcing intent at the execution boundary. Sentinel prevents unauthorized syscall patterns and behavioral anomalies.
Systems Security Research Dossier
Unifying Runtime Process Control & Kernel Datapath Enforcement
The Research Question
Section titled “The Research Question”Modern defense often treats the Host (OS/Process) and the Network (Packet/Wire) as separate silos. This research portfolio explores the composition of these two domains to create a unified defense architecture.
Track 2: Hyperion (Network)
Domain: Network / Driver / Packet
Mechanism: eBPF + XDP
Focus: Enforcing policy at the wire. Hyperion rejects malicious traffic in the NIC driver before the OS allocates memory.
Technical Stack
Section titled “Technical Stack”| Dimension | Sentinel (Host) | Hyperion (Network) |
|---|---|---|
| Language | Python / C | C (eBPF) / Go |
| Hook Point | ptrace (Syscall) | XDP (Ingress) |
| Latency | Millisecond | Nanosecond |
| State | Active (Phase M3.4) | Active (Phase M4.6) |