Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
Quick links:
Download Slips from our GitHub repository: https://github.com/stratosphereips/StratosphereLinuxIPS
Access Slips documentation through Read the Docs: https://stratospherelinuxips.readthedocs.io/en/develop/
What We Are Particularly Excited About
In this release we are particularly excited about these new Slips features:
- - Add a relation between related evidence in alerts.json
- Better unit tests. Thanks to @Sekhar-Kumar-Dash
- Discontinued MacOS m1 docker images, P2p images, and slips dependencies image.
- Fix the problem of the progress bar stopping before analysis is done, causing Slips to freeze when analyzing large PCAPs. - Improve how Slips recognizes the current host IP.
- Increase the speed of the Flowalerts module by changing how Slips checks for DNS servers.
- Major code improvements.
- Remove redundant keys from the Redis database.
- Remove unused keys from the Redis database.
- Use IDMEFv2 format in alerts.json instead of IDEA0.
- Wait for modules to finish 1 week by default.
Check the full list of changes in our release page: https://github.com/stratosphereips/StratosphereLinuxIPS/releases/tag/v1.1.2
Learn more!
Wondering what Slips is capable of? Check out these demo presentations:
LCN conference in 2021: https://youtu.be/1KqwlxVuf48
BlackHat USA Arsenal 2022: https://youtu.be/dJuTmi2bJcI
How to contribute
For those interested in contributing to Slips:
https://stratospherelinuxips.readthedocs.io/en/develop/contributing.html
https://www.stratosphereips.org/blog/2022/6/6/writing-a-slips-module
https://stratospherelinuxips.readthedocs.io/en/develop/slips_in_action.html
Get in Touch
Feel free to join our Discord server and ask questions, suggest new features or give us feedback. PRs and Issues are welcomed in our repo.
Article Link: New Slips version v1.1.2 is here! — Stratosphere IPS