A system and method for network security using a kernel based network security infrastructure is disclosed. The method comprises the installation of a computer code set into the operating system kernel of each computer on a network and use of the computer code set to detect and stop unwanted or malicious intrusions into the kernel. Because the security feature is kernel based, a broader range of security features, such as security of communication between user-space applications and the kernel, can be implemented.