1. 7

The final paragraph mentions a very interesting idea about understanding the distribution of syscalls for a process and alerting when current set of syscalls for that running process deviates for security reasons. IMHO, it’s a pretty neat idea!

  1.