writing a program for hiding processes from ps command result

Question

I want to write a kernel module that can hide a process from user view by removing it from ps command result and able me to view hidden processes.

Can anyone give me

Answer 1

I believe most root-kits would include something like this, and that root-kits are the only reason I can think of for writing something like this.

If you see some other, more valid, use, please enlighten me. (Honey pots are not a good answer, since you're much better off running them in a virtual machine observed from the outside in the first place.)