RIDS (Runtime Intrusion Detection System) is an advanced runtime intrusion detection system that uses virtualization techniques to monitor and protect systems in real-time. The project is based on the Bareflank framework to implement a custom hypervisor that provides an additional security layer.
- 🛡️ Real-Time Detection: Continuous system monitoring during execution
- 🔧 Custom Hypervisor: Based on Bareflank for maximum flexibility
- 📊 Performance Analysis: Detailed metrics of system impact
- 🏗️ Modular Architecture: Extensible and maintainable design
- 🔍 Granular Monitoring: System-level event capture
RIDS/
├── hypervisor/ # Custom hypervisor code
│ ├── bfack/ # Recognition component
│ ├── bfdriver/ # System driver
│ ├── bfvmm/ # Hypervisor virtual machine
│ └── bfsdk/ # Development kit
├── Analisis/ # Performance analysis and metrics
│ ├── perf/ # Performance data
│ └── cpuTest/ # CPU tests
└── RIDS-whitepaper.pdf # Complete technical documentation
- Bareflank: Open-source hypervisor framework
- C++: Primary language for hypervisor development
- Assembly: Low-level optimizations for x64 and ARM64
- CMake: Cross-platform build system
The project includes detailed analysis of system performance impact:
- CPU Metrics: Analysis before, during, and after implementation
- Performance Charts: System behavior visualizations
- Comparisons: Impact evaluation in different configurations
- Compatible operating system (Linux, Windows, EFI)
- C++17 compatible compiler
- CMake 3.15 or higher
- Hardware with virtualization support
# Clone the repository
git clone https://github.com/xdaniortega/RIDS.git
cd RIDS
# Configure and compile
mkdir build && cd build
cmake ..
make -j$(nproc)- 📄 Complete Whitepaper: Detailed technical analysis of the project
- 🔬 Performance Analysis: Performance metrics and charts
- 💻 Source Code: Hypervisor implementation
Contributions are welcome. Please:
- Fork the project
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License. See the LICENSE file for details.
- Daniel Ortega - Initial development - RIDS
- Bareflank Team for the hypervisor framework
- Security community for feedback and testing
- Contributors who have helped improve the project
⭐ If this project is useful to you, consider giving it a star on GitHub
For more technical information, check our complete whitepaper