Restrict system Calls

I want to implement a docker container which restrict system call. Like any process running in the container should be blocked if it does a system call