Slips, GSoC2023
Stratosphere IPS
Announcing Google Summer of Code 2023 Projects

Stratosphere is happy to announce the accepted projects in the Google Summer of Code (GSoC) 2023!

Announcing Google Summer of Code 2023 Projects
Stratosphere IPS
Winner of the International Cybercrime Research ...

After evaluating all the works sent by the candidates, at the end of the September 2022, the winner was selected! The award and money prize was given to Estelle Ruellan a master student of criminology from the Université de Montréal!

Winner of the International Cybercrime Research Summer Award 2022
Slips
Stratosphere IPS
Slips in BlackHat US 2022 Arsenal in Las Vegas!

We are happy to announce that Slips will be presented at BlackHat USA 2022 Arsenal in Las Vegas on Thursday, August 11, from 1:00 pm to 2:30 pm: https://bit.ly/SlipsBHUSA22.

Slips in BlackHat US 2022 Arsenal in Las Vegas!
Slips
Alya Gomaa
New Slips version 0.9.0 is here!

Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system. In this blog we introduce version 0.9.0, with support of peer-to-peer threat intelligence sharing.

New Slips version 0.9.0 is here!
Aposemat Project
Stratosphere IPS
The prevalence of DNS over HTTPS By Karel Hynek

Privacy-preserving DNS protocols like DNS over HTTPS (DoH), DNS over TLS (DoT), and DNS over QUIC (DoQ) have been around since 2014 but they have only recently been brought to the attention of the general public following Firefox’s announcement to make DoH a default.

The prevalence of DNS over HTTPS By Karel Hynek

obfuscation

,

Deep Dive into an Obfuscation-as-a-Service for Android Malware

,
Deep Dive into an Obfuscation-as-a-Service for Android Malware

While confined in our homes studying the interactions of individuals involved in the spread of the Android banking Trojan botnet (known as Geost), we encountered a unique opportunity: investigate an automated obfuscation-as-a-service platform for Android malware authors.

Indeed, in a leaked chat log that involved Geost botnet operators, two individuals talked about an obfuscation service used to “protect” their malicious Android Applications (APKs) from being detected by antivirus engines. We visited the website related to the “protection” service (protection from antivirus engines -so basically obfuscation), which raised a lot of questions: How does this obfuscation service work? Is it automated? Does it really obfuscate applications well enough to avoid malicious applications being detected? How well is the service known in the underground community?

Protecting the civil society through high quality research