No title
This thesis investigates the possibility of leveraging eBPF to audit containerized workloads to produce data equivalent to AppArmor auditing, with the goal of later using that data to automatically generate AppArmor profiles to protect those workloads. The report presents several challenges posed by the restrictive nature of eBPF as well as how these challenges were addressed in the implementation
