diff --git a/.gitignore b/.gitignore
index d8b48c7..3c3aac4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -24,3 +24,4 @@ go.work
 sysmonitord.code-workspace
 data/
 config.yaml
+dist/
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..21bb045
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,25 @@
+APP_NAME = sysmonitord
+VERSION = V0.1.0
+BUILD_TIME = $(shell date +%Y-%m-%d_%H:%M:%S)
+GIT_COMMIT = $(shell git rev-parse --short HEAD 2>/dev/null || echo "unknown")
+
+LDFLAGS = -ldflags "-X 'sysmonitord/internal/version.Version=$(VERSION)' \
+-X 'sysmonitord/internal/version.BuildTime=$(BUILD_TIME)' \
+-X 'sysmonitord/internal/version.GitCommit=$(GIT_COMMIT)'"
+
+all: build
+
+build:
+	@echo "开始编译 $(APP_NAME) 版本: $(VERSION)"
+	go build $(LDFLAGS) -o dist/$(APP_NAME) main.go
+	@echo "编译完成: dist/$(APP_NAME)"
+
+install:
+	@echo "安装 $(APP_NAME) 到/usr/local/bin..."
+	cp dist/$(APP_NAME) /usr/local/bin/
+	@echo "安装完成"
+
+clean:
+	@echo "清理编译产物..."
+	rm -rf dist/$(APP_NAME)
+	@echo "清理完成"
diff --git a/config.yaml.example b/config.yaml.example
index a043bbb..8e36a01 100644
--- a/config.yaml.example
+++ b/config.yaml.example
@@ -19,7 +19,7 @@ scanner:
     algorithm: "xxhash64"
   file:
     include_paths:
-      - /home/wuko233/Downloads
+      - /
     exclude_paths:
       - /proc
       - /sys
@@ -27,10 +27,22 @@ scanner:
     fast_hash_size: 100MB
     fast_hash_chunk: 2MB
   process:
-    interval: 30 # seconds
+    interval: 300 # seconds
 
 storage:
   data_dir: "./data"
   process_system_file: "process_system.data"
   file_system_file: "file_system.data"
-  dubious_file_list_file: "dubious_files.data"
\ No newline at end of file
+  dubious_file_list_file: "dubious_files.data"
+  dubious_process_list_file: "dubious_processes.data"
+
+notification:
+  email:
+    enabled: true
+    recipients:
+      - admin@wuko.top
+    smtp:
+      server:
+      port: 465
+      username:
+      password:
\ No newline at end of file
diff --git a/install.sh b/install.sh
new file mode 100644
index 0000000..ee0152b
--- /dev/null
+++ b/install.sh
@@ -0,0 +1,59 @@
+#!/bin/bash
+# sysmonitord 安装脚本
+set -e
+echo "正在安装 sysmonitord..."
+
+# 检测是否为 root 用户
+if [ "$EUID" -ne 0 ]; then
+    echo "请使用 root 用户运行此安装脚本。"
+    exit 1
+fi
+
+# 路径设置
+BIN_NAME="sysmonitord"
+INSTALL_DIR="/usr/local/bin"
+CONFIG_DIR="/etc/sysmonitord"
+DATA_DIR="/var/lib/sysmonitord"
+LOG_DIR="/var/log/sysmonitord"
+
+# 编译
+echo "正在编译 sysmonitord..."
+make build
+
+# 创建目录
+echo "正在创建目录..."
+mkdir -p "$CONFIG_DIR"
+mkdir -p "$DATA_DIR"
+mkdir -p "$LOG_DIR"
+
+# 复制文件
+echo "正在复制文件..."
+cp "dist/$BIN_NAME" "$INSTALL_DIR/"
+chmod +x "$INSTALL_DIR/$BIN_NAME"
+
+# 初始化配置文件
+if [ ! -f "$CONFIG_DIR/config.yaml" ]; then
+    echo "==> 初始化配置文件..."
+    cp config.yaml.example $CONFIG_DIR/config.yaml
+else
+    echo "==> 配置文件已存在，跳过覆盖..."
+fi
+
+# 安装systemd服务
+echo "正在安装 systemd 服务..."
+cp scripts/sysmonitord.service /etc/systemd/system/
+systemctl daemon-reload
+systemctl enable sysmonitord
+echo ""
+echo "安装完成！"
+echo ""
+echo "配置文件路径: $CONFIG_DIR/config.yaml"
+echo "数据目录: $DATA_DIR"
+echo "日志目录: $LOG_DIR"
+echo ""
+echo "您可以使用以下命令来管理 sysmonitord 服务："
+echo "启动: systemctl start sysmonitord"
+echo "停止: systemctl stop sysmonitord"
+echo "重启: systemctl restart sysmonitord"
+echo "查看状态: systemctl status sysmonitord"
+echo "查看日志: journalctl -u sysmonitord -f"
\ No newline at end of file
diff --git a/main.go b/main.go
index 9a6c79f..79a6d6b 100644
--- a/main.go
+++ b/main.go
@@ -13,11 +13,23 @@ import (
 	"go.uber.org/zap"
 )
 
+func getConfigPath() string {
+	if _, err := os.Stat("./config.yaml"); err == nil {
+		return "./config.yaml"
+	}
+
+	if _, err := os.Stat("/etc/sysmonitord/config.yaml"); err == nil {
+		return "/etc/sysmonitord/config.yaml"
+	}
+
+	return "./config.yaml"
+}
+
 func main() {
 	logger.InitLogger()
 	defer logger.Sync()
 
-	cfg, err := config.LoadConfig("./config.yaml")
+	cfg, err := config.LoadConfig(getConfigPath())
 	if err != nil {
 		logger.Log.Error("加载配置文件失败", zap.Error(err))
 		os.Exit(1)
diff --git a/scripts/sysmonitord.service b/scripts/sysmonitord.service
new file mode 100644
index 0000000..4235035
--- /dev/null
+++ b/scripts/sysmonitord.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Sysmonitord - Linux System Security Monitor Daemon
+Documentation=https://github.com/wuko233/sysmonitord
+After=network.target
+
+[Service]
+Type=simple
+User=root
+Group=root
+ExecStart=/usr/local/bin/sysmonitord start
+Restart=on-failure
+RestartSec=10
+LimitNOFILE=65536
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file