I am trying to make a restriction to procfs like only a certain groups of members can perform read and write actions.
kernel document says we can do that by setting hidepid and gid in /etc/fstab. It will restrict the malicious user from making read and write on procfs but I have a doubt whether it is possible for malicious user (restricted in the /etc/fstab) to access content in profs using syscall instead of fs operation like read and write.
In general, hidepid mentioned in the comments is the best way.
If you need more security than that, use a mandatory access control system like SELinux or AppArmor, and possibly systrace. These tools let you restrict file system access, syscalls and more. I think most of the info in /proc is not available from syscalls, but I'm not up-to-date on this.
MAC tools are not "click and go" solutions and require quite a lot of work to configure. Before you embark on this, have a think about whether this is the best way to invest your security resources.
