[ShroudedNight]

Will there be attempts to hide system call patterns from intrusion detection / prevention systems if they take off? Probably, yes: https://www.eecs.berkeley.edu/~daw/papers/mimicry.pdf

Will they work? Maybe: https://web.cs.dal.ca/~zincir/bildiri/pst08-gn.pdf

Disclaimer: I was one of Anil Somayaji's grad students at one point in the not so distant past.