Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
Quick links:
Download Slips from our GitHub repository: https://github.com/stratosphereips/StratosphereLinuxIPS
Access Slips documentation through Read the Docs: https://stratospherelinuxips.readthedocs.io/en/develop/
What We Are Particularly Excited About
In this release we are particularly excited about these new Slips features:
1.1.20 (Apr 30th, 2026)
* Add optional live Slips auto-update feature.
* Fix daemon shutdown with `-S`.
* Fix web interface startup, along with flow view and profile refresh handling.
* Move Kalipso to a submodule.
* Add DoS protection for high-throughput Zeek input, with configurable sampling windows and skip thresholds.
* Reorganize Slips output directory so alerts, databases, and persistent artifacts are stored in dedicated directories.
* Improve bloom filters.
* Update the organizations IPs, domains and ASNs lists.
* Improve Whitelists.
* Improve ASN lookups.
Check the full list of changes in our release page: https://github.com/stratosphereips/StratosphereLinuxIPS/releases/tag/v1.1.20
Learn more!
Wondering what Slips is capable of? Check out these demo presentations:
LCN conference in 2021: https://youtu.be/1KqwlxVuf48
BlackHat USA Arsenal 2022: https://youtu.be/dJuTmi2bJcI
How to contribute
For those interested in contributing to Slips:
https://stratospherelinuxips.readthedocs.io/en/develop/contributing.html
https://www.stratosphereips.org/blog/2022/6/6/writing-a-slips-module
https://stratospherelinuxips.readthedocs.io/en/develop/slips_in_action.html
Get in Touch
Feel free to join our Discord server and ask questions, suggest new features or give us feedback. PRs and Issues are welcomed in our repo.