Behavioral Defense at Ring Zero Under Active Development

KERNEL
BORDERLANDS

A kernel-level runtime defense framework for Linux. KB detects, classifies, and contains anomalous process behavior at Ring 0 — using eBPF instrumentation, a Behavioral Scoring Engine, and an optional multi-agent AI coordination layer (AADS).

Linux 5.8+ eBPF · CO-RE / BTF libbpf Go · Python · Rust Status: Under Active Development
eBPF CO-RE · Compile Once Run Everywhere
Behavioral Risk Score · 6 weighted dimensions
Judge · Jury · Executor agent architecture
Seccomp · Namespaces · cgroup v2 enforcement
SHA-256 chained tamper-evident audit log
Kafka · ZeroMQ inter-agent messaging
QLoRA fine-tuning · Phi-3 Mini · Qwen2.5-3B
Under Active Development · Open Source
eBPF CO-RE · Compile Once Run Everywhere
Behavioral Risk Score · 6 weighted dimensions
Judge · Jury · Executor agent architecture
Seccomp · Namespaces · cgroup v2 enforcement
SHA-256 chained tamper-evident audit log
Kafka · ZeroMQ inter-agent messaging
QLoRA fine-tuning · Phi-3 Mini · Qwen2.5-3B
Under Active Development · Open Source
The Problem

GAPS IN
LINUX DEFENSE

Modern Linux systems underpin critical infrastructure ranging from cloud servers to containerized microservices. Existing defense mechanisms share a fundamental blind spot: they cannot see behavioral transitions — only individual events in isolation.

KB was designed to close that gap by observing and enforcing behavior at its source — inside the kernel — without requiring intrusive kernel modifications or custom modules.

GAP 01

Signature-based tools (antivirus, IDS/IPS) are reactive by design and fail against novel or obfuscated zero-day attacks that have no known signature.

GAP 02

Policy-based LSMs (SELinux, AppArmor) enforce static administrator-defined rules that cannot adapt when a legitimate binary is hijacked or an attacker operates entirely within permitted syscalls.

GAP 03

Userland monitoring (audit daemons, SIEM agents) lacks the vantage point for true behavioral analysis — a sufficiently privileged attacker can silence userland observers without touching the kernel log.

GAP 04

Kernel rootkits operate beneath every userland control plane, manipulating the very data structures defenders rely upon.

The Design Insight

BEHAVIORAL
TRANSITIONS,
NOT EVENTS

An execve following a privilege escalation inside an unexpected process lineage after a burst of mmap calls is an attack. The same execve in isolation is not.

KB evaluates behavioral transitions over time across six weighted dimensions — enabling detection of sophisticated multi-stage attacks that appear innocuous at each individual step.

The system simultaneously functions as a production-grade runtime defense platform and a research instrument for studying post-exploitation process behavior under live attack conditions.

01
<3%
Runtime overhead on standard server workloads (target)
02
<5ms
Namespace isolation latency (P99 enforcement target)
03
6
Weighted behavioral dimensions in the scoring engine
04
5.8+
Minimum Linux kernel with BTF + CO-RE support
Four-Layer Architecture

BUILT IN
STRICT LAYERS

Each layer communicates only with its immediate neighbors, limiting blast radius in the event of component failure. The AADS layer is optional and advisory — enforcement continues without it.

LAYER 01 C · eBPF
eBPF Observability (Ring 0)
eBPF programs loaded into the kernel and verified by the built-in verifier — guaranteed safe, no crashes, no infinite loops. Six hook points capture the full behavioral surface of every process.
tracepoint:syscalls tracepoint:sched kprobe:commit_creds bpf_lsm tracepoint:net kprobe:mmap_region perf ring buffer CO-RE / BTF
in dev
LAYER 02 Go
Control Plane — kbd daemon
Consumes ring buffer events, manages a dual-tiered state topology (L1 lock-free Go heap cache backed by an asynchronous L2 embedded SQLite WAL data engine), evaluates YAML-defined operator policies, and exposes a gRPC-over-UDS API. All enforcement actions are authorized and executed exclusively through this layer. To mitigate ephemeral eBPF ring buffer volatility on boot, a cold-start initialization routine synchronizes current state by direct scraping of the /proc file system. Validated audit logs are committed out-of-band to an immutable, append-only SHA-256 chained JSON ledger within the L2 persistent layer.
gRPC SQLite SHA-256 chain Cobra CLI seccomp · namespaces · cgroup v2
in dev
LAYER 03 Python
AADS — Autonomous Agentic Defense System
Optional, advisory only. No enforcement action may be taken solely on the basis of an agent recommendation without corresponding policy authorization. Three agents — Judge, Jury, Executor — coordinate via a brokerless ZeroMQ mesh over Unix Domain Sockets with Protocol Buffers serialization. Agents operate with scoped capability tokens.
Judge · Jury · Executor ZeroMQ Ray RLlib QLoRA fine-tuning
in dev
LAYER 04 React · Go
Operator Interface
React + TypeScript dashboard for real-time zone distribution, per-process behavioral scores, and swarm topology visualization via D3.js force graph over WebSockets. The kbctl CLI exposes the full gRPC API for scripted management. kb-tui provides SSH-accessible terminal interface via Bubble Tea + Wish.
React 18 · TypeScript 5 D3.js · Recharts WebSockets kbctl CLI Bubble Tea · Wish
in dev
Compile Once · Run Everywhere

ONE BINARY.
EVERY KERNEL.

BTF relocations let a single compiled kb-core.o load correctly across kernel versions at boot — no per-kernel rebuilds, no DKMS, no header matching at deploy time.

Stable Build
kb-core.o
compiled once · clang / LLVM
5.8 – 5.14
Supported
5.15 – 6.x
Recommended
Latest Mainline
Full Support
Execution Zone Model

THREE ZONES.
CONTINUOUS SCORING.

Every process is continuously assigned to one of three execution zones based on its smoothed Behavioral Risk Score St. Zone transition is the unit of analysis — not individual syscalls.

0–39
Safe
Score: 0 – 39

Passive observation. The process exhibits normal behavioral patterns within expected bounds. No enforcement action is taken.

Continuous monitoring active
Score updated on every event
40–74
Suspicious
Score: 40 – 74

Elevated risk detected. Network syscalls blocked via seccomp filter. Increased monitoring frequency. Alerting raised to AADS layer.

seccomp filter applied (<1ms)
connect / bind / sendto blocked
AADS Judge notified
75–100
Borderlands
Score: 75 – 100

Critical behavioral anomaly. Process is isolated using Linux namespaces and cgroup v2 throttling. Termination is available as a final enforcement step.

namespace isolation (<5ms P99)
mnt · net · user namespaces
cgroup v2 CPU/mem throttle
SIGKILL if policy authorizes
AADS — Autonomous Agentic Defense System

JUDGE. JURY.
EXECUTOR.

Optional. Strictly advisory. No enforcement action ever occurs on an agent's word alone — the Control Plane always has final authority. Disable AADS entirely and deterministic enforcement keeps running.

Judge Agent
Pattern Correlation
THE HONOURABLE COURT

Consumes the KB event stream and correlates behavioral patterns across time windows, producing structured alerts with confidence scores.

READ-ONLY
Jury Agent
Cross-Validation
EVIDENCE CASE #KB-0x4F EXH.A VALIDATED

Cross-validates Judge alerts against historical process profiles, suppresses known false positives, and produces validated decision records.

READ-ONLY
Executor Agent
Policy Execution
EXECUTE ORDER

Translates validated decisions into Control Plane API calls within its scoped capability token — and nothing outside it.

SCOPED WRITE
directs the swarm
Swarm Layer

FIVE AGENT
CLASSES

JJE doesn't act alone. Each decision is carried out by a swarm of scoped sub-agents, coordinating over Kafka and ZeroMQ.

Patroller

Continuous behavioral surveillance across the live process tree.

Hunter

Actively tracks flagged processes — lineage, lateral movement, escalation.

Healer

Remediation and recovery — restores Safe-zone state once a threat clears.

Containment Militia

Executes isolation — namespaces, cgroup throttling, the physical perimeter.

Signal Relays

Carries telemetry and consensus messages across the swarm mesh.

Control & Communication

HOW THE
LAYERS TALK

Every hop between layers is a named, typed pipeline — never a shared file, never a polling loop.

eBPF
Ring 0
kbd
Control Plane
AADS
JJE + Swarm
Dashboard
Operator
Inter-Agent
ZeroMQ/IPC
State Store
SQLite — process state
Audit Trail
SHA-256 chained · SQLite-WAL
Transport Security
TLS 1.3 · JWT · RBAC
Repository Structure

EIGHT
SUBSYSTEMS

Each subsystem owns a complete vertical slice of the stack. No shared mutable state across boundaries. Full contributor workflow in docs/.

01
kb-core/
Kernel Instrumentation

eBPF programs loaded at Ring 0 — six hook points capturing the full behavioral surface of every running process. Perf ring buffer transport, CO-RE / BTF relocations, compiled once and deployed anywhere Linux 5.8+ runs.

tracepoint:syscalls kprobe:commit_creds bpf_lsm perf ring buffer CO-RE · BTF
C · eBPF
in dev
02
kb-control-plane/
Control Plane Daemon

The kbd daemon — Consumes ring buffer events, manages a dual-tiered state topology (L1 lock-free Go heap cache backed by an asynchronous L2 embedded SQLite WAL data engine), evaluates YAML-defined operator policies, and exposes a gRPC-over-UDS API. All enforcement actions are authorized and executed exclusively through this layer. To mitigate ephemeral eBPF ring buffer volatility on boot, a cold-start initialization routine synchronizes current state by direct scraping of the /proc file system. Validated audit logs are committed out-of-band to an immutable, append-only SHA-256 chained JSON ledger within the L2 persistent layer.

gRPC SQLite seccomp namespaces cgroup v2
Go
in dev
03
kb-aads/
Agent Defense Swarm

Behavioral reasoning and multi-agent coordination — Judge, Jury, Executor over a decentralized, brokerless ZeroMQ mesh utilizing native Unix Domain Sockets with protobuf serialization. Optional and advisory: no enforcement occurs on agent recommendation alone. MARL infrastructure, QLoRA fine-tuning, Ray RLlib.

Judge · Jury · Executor ZeroMQ Ray RLlib QLoRA
Python
in dev
04
kb-dashboard/
Web Dashboard

React + TypeScript operator dashboard. Real-time zone distribution, per-process behavioral scores, and swarm topology as a live D3.js force graph over WebSockets. The primary human-in-the-loop interface for live defense operations.

React 18 TypeScript 5 D3.js Recharts WebSockets
React · TS
in dev
05
kb-tui/
Terminal Interface

SSH-accessible terminal operator interface built with Bubble Tea and Wish. No browser required — full system visibility and control from any machine that can reach port 2222. Designed for headless server environments and rapid incident response.

Go Bubble Tea Wish SSH
Go · BubbleTea
in dev
06
kb-checker/
Safety Engine

Rust-native static analysis and safety verification engine. Pre-execution script analysis, policy constraint checking, and enforcement gate validation — ensuring no action violates the operator-defined safety boundary before it reaches the Control Plane.

Rust static analysis policy validation
Rust
in dev
07
docs/
Documentation

Technical architecture notes, installation guides, hook point references, contributor workflows, and project whitepapers. Read in order: README → installation → requirements → hookpoints → kb-team.

Markdown PDF whitepaper synopsis
Markdown
live
08
scripts/
Tooling & Automation

Installation utilities, test orchestration, CI helpers, and attack-lab tooling for controlled adversarial simulation. Everything needed to bring up the full KB stack on a fresh Ubuntu 22 or 24.04 LTS machine.

Bash Python attack-lab CI
Bash · Python
in dev
Operator Interface & Management

SEE IT.
STEER IT.

Three surfaces for watching and overriding the system. Each built for a different context — browser, shell, or headless server. The system never stops if one is absent.

01
React · TypeScript · D3.js · WebSockets
Dashboard

Real-time zone distribution, per-process behavioral scores, and the swarm as a living D3 force graph — nodes shifting, edges tightening, threat state made visible. Everything over a persistent WebSocket. No polling. No stale state.

React 18 · TS 5
Zone distribution heat
Per-process score stream
D3 force swarm topology
Soft kill · Hard kill actions
02
Go · Cobra CLI · gRPC · protobuf
kbctl

The full Control Plane gRPC API from the shell. Policy reload, manual zone override, process isolation, audit export. Designed for scripted playbooks, CI pipelines, and rapid incident automation — every operation is a typed protobuf call.

Go · Cobra
Policy reload without restart
Manual zone override
Audit log export
Scriptable · CI-native
03
Go · Bubble Tea · Wish · SSH
kb-tui

SSH into a live operator terminal from any machine, on port 2222. No browser. No agent install. Full visibility and control rendered in a Bubble Tea TUI, served over Wish — the Charm SSH server. Built for headless environments and zero-overhead incident response.

BubbleTea · Wish
ssh -p 2222 localhost
Zero browser dependency
Headless · containerized
Full control surface
The Team

WHO'S
BUILDING THIS

Four engineers working across Linux kernel development, eBPF, AI/MARL, distributed systems, security research, and frontend engineering. Full ownership breakdown lives in docs/kb-team.md.

PV
Pardhu Varma

Systems Architecture · Linux Kernel · eBPF · Rust

KK
Karthik

AI & Agentic Systems · MARL · Offensive Security

KT
Tejaswini

Control Plane · Defensive Security · TUI · Go

KR
Rupa

Dashboard · Frontend Engineering · UI/UX · CLI

Getting Started

BEGIN WITH
THE DOCS

Complete installation instructions, architecture docs, and development workflow live in docs/. Start here, read in order.

Primary Services
bash — kernel-borderlands
# Control Plane
$ cd kb-control-plane
$ go run cmd/kbd/main.go
# Autonomous Agent Defense Swarm
$ cd kb-aads
$ python main.py
# Dashboard
$ cd kb-dashboard
$ npm run dev
# TUI (SSH)
$ ssh -p 2222 localhost
$
Open Source · Under Active Development

VIEW THE
SOURCE

GitHub Repository ↗ Documentation
git clone https://github.com/pardhuvarmax/kernel-borderlands

Requires: Linux 5.8+ · BTF support · Ubuntu 22/24.04 LTS recommended

Kernel Borderlands · Open Source Under Active Development — Ring Zero