We are happy to announce that Slips will be presented at BlackHat USA 2022 Arsenal in Las Vegas on Thursday, August 11, from 1:00 pm to 2:30 pm: https://bit.ly/SlipsBHUSA22. The authors of Slips are Alya Gomaa, Sebastian Garcia, and Kamila Babayeva.

Slips is a behavioral intrusion prevention system that uses machine learning to detect malicious behaviors in the network traffic. It is designed to focus on targeted attacks, detection of command and control channels, and provide good visualization for the analyst. It can analyze network traffic in real-time, network captures such as pcap files, and network flows produced by Suricata, Zeek/Bro, and Argus. Slips processes the input data, analyzes it, and highlights suspicious behavior that needs the analyst's attention.

You can download Slips here: https://bit.ly/SlipsIDS.

New Slips Features

Some of the main Slips features presented in the arsenal are going to be:

• The local P2P network of slips peers

• New web interface

• The use of whitelists to reduce errors, including whitelisting of organizations

• The Slips architecture and modes of operations

• Slips daemon

• Threat Intelligence files in Slips

And many more! Stay tuned!

Slips in Action

You can check out the analysis of several malicious PCAPs using Slips at https://stratospherelinuxips.readthedocs.io/en/develop/slips_in_action.html 

Get in Touch

Feel free to join our Discord server and ask questions, suggest new features, or give us feedback. GitHub PRs and issues are welcomed!