Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system. 

Quick links:

• Download Slips from our GitHub repository: https://github.com/stratosphereips/StratosphereLinuxIPS

• Access Slips documentation through Read the Docs: https://stratospherelinuxips.readthedocs.io/en/develop/

What We Are Particularly Excited About

In this release we are particularly excited about these new Slips features:

- - Add a relation between related evidence in alerts.json

- Better unit tests. Thanks to @Sekhar-Kumar-Dash

- Discontinued MacOS m1 docker images, P2p images, and slips dependencies image.

- Fix the problem of the progress bar stopping before analysis is done, causing Slips to freeze when analyzing large PCAPs. - Improve how Slips recognizes the current host IP.

- Increase the speed of the Flowalerts module by changing how Slips checks for DNS servers.

- Major code improvements.

- Remove redundant keys from the Redis database.

- Remove unused keys from the Redis database.

- Use IDMEFv2 format in alerts.json instead of IDEA0.

- Wait for modules to finish 1 week by default.

Check the full list of changes in our release page: https://github.com/stratosphereips/StratosphereLinuxIPS/releases/tag/v1.1.2

Learn more!

Wondering what Slips is capable of? Check out these demo presentations:

• LCN conference in 2021: https://youtu.be/1KqwlxVuf48 

• BlackHat USA Arsenal 2022: https://youtu.be/dJuTmi2bJcI 

How to contribute

For those interested in contributing to Slips:

• https://stratospherelinuxips.readthedocs.io/en/develop/contributing.html 

• https://www.stratosphereips.org/blog/2022/6/6/writing-a-slips-module 

• https://stratospherelinuxips.readthedocs.io/en/develop/slips_in_action.html 

Get in Touch

Feel free to join our Discord server and ask questions, suggest new features or give us feedback. PRs and Issues are welcomed in our repo.