New Slips version v1.0.5 is here!

MalBot · May 30, 2023, 3:25pm

Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.

Quick links:

What We Are Particularly Excited About

In this release we are particularly excited about these new Slips features:

- Fix missing flows due to modules stopping before the processing is done.

- Code improvements. Change the structure of all modules.

- Fix how we detect vertical and horizontal port scans.

- Update the whitelist by adding all the IPs of whitelisted domains.

- Fixed error whitelisting Unencrypted HTTP traffic.

- Remove the feature of creating log directories using -l, now the only logs Slips generates are stored in the output/ directory.

- Added support for reading flows from any module, not just the input process, using --input-module.

- CYST module improvements.

- Detect invalid DNS answers when querying ad servers. thanks to @ganesh-dagadi .

- Update Slips known ports.

- Prevent model.bin and scaler.bin from changing in test mode. thanks to @haleelsada.

- Use either 'ip neigh show' or 'arp -an' to get gateway MAC from the host's ARP table. thanks to @naturalnetworks.

Check the full list of changes in our release page: https://github.com/stratosphereips/StratosphereLinuxIPS/releases/tag/v1.0.5

Wondering what Slips is capable of? Check out these demo presentations:

For those interested in contributing to Slips:

Feel free to join our Discord server and ask questions, suggest new features or give us feedback. PRs and Issues are welcomed in our repo.