The new HTTPS anomaly detection module in Slips builds per-host adaptive baselines in traffic time, then detects deviations at two levels: per-flow (for bytes to known servers) and per-hour (for host behavior like new servers, unique servers, JA3 changes, and flow volume). It uses online statistics and z-scores for transparent scoring, plus controlled adaptation states (training_fit, drift_update, suspicious_update) to keep learning while reducing poisoning risk.
The result is explainable, operational evidence in clear human text: what changed, confidence, and why it is anomalous.
Our research identifies sixteen fundamental principles of biological immunity and translates them into cybersecurity defense architectures that emphasize multi-dimensional coordination over single- point tactics.
We are pleased to announce the publication of our latest paper, “Building adaptive and transparent cyber agents with local language models,” in the Journal of Expert Systems with Applications.
Can a Raspberry Pi 5 run Large Language Models? In this post, we share the results of our experiments, analyzing how LLMs perform on this low-cost hardware and exploring the challenges and performance trade-offs.
The complete automation of cyber-attacks has become one of the areas of greatest interest since the introduction of Large Language Models (LLMs) to the public. The creation of attacking LLM agents that can act independently is among the most popular options.
In this blog, we introduce a brand-new agent: ARACNE. We also share the results of attack tests and what they mean in terms of the agent’s current capabilities.
Week 3 of GSoC finished, and some nice work has been done so far. The contributors keep working after classes, and we are conducting mentorship. The hard part of mentorship is to actually teach to do things in a certain way and not to provide all the answers.
With the second week of GSoC gone, in this blog, we bring updates on what has been happening, with news from our mentors and contributors.
In this blog, we bring updates on what has been happening during the Google Summer of Code at Stratosphere, with news from our admins, mentors and contributors.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine-learning intrusion detection system.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
After evaluating all the works sent by the candidates, at the end of the September 2022, the winner was selected! The award and money prize was given to Estelle Ruellan a master student of criminology from the Université de Montréal!
In this blog we will describe how to install h0neytr4p [1] honeypot in a cloud server instance. This blog is divided in three parts: (i) how to create a new Digital Ocean instance, (ii) how to install h0neytr4p on it, and (iii) a brief walkthrough to some of the data captured by h0neytr4p.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
We are happy to announce that Slips will be presented at BlackHat USA 2022 Arsenal in Las Vegas on Thursday, August 11, from 1:00 pm to 2:30 pm: https://bit.ly/SlipsBHUSA22.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
Slips is a machine learning-based intrusion prevention system for Linux and MacOS, developed at the Stratosphere Laboratories from the Czech Technical University in Prague. Slips reads network traffic flows from several sources, applies multiple detections (including machine learning detections) and detects infected computers and attackers in the network. It is easy to extend the functionality of Slips by writing a new module. This blog shows how to create a new module for Slips from scratch.
Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
In this blog we will describe how to install Glutton [1] honeypot in a cloud server instance. This blog is divided in three parts: (i) how to create a new Digital Ocean instance, (ii) how to install Glutton on it, and (iii) a walkthrough to some of the data captured by Glutton.
