A comparative analysis of the Snort and Suricata intrusion-detection systems
MetadataShow full item record
Our research focuses on comparing the performance of two open-source intrusion-detection systems, Snort and Suricata, for detecting malicious activity on computer networks. Snort, the de-facto industry standard open-source solution, is a mature product that has been available for over a decade. Suricata, released two years ago, offers a new approach to signature-based intrusion detection and takes advantage of current technology such as process multithreading to improve processing speed. We ran each product on a multi-core computer and evaluated several hours of network traffic on the NPS backbone. We evaluated the speed, memory requirements, and accuracy of the detection engines in a variety of experiments. We conclude that Suricata will be able to handle larger volumes of traffic than Snort with similar accuracy, and thus recommend it for future needs at NPS since the Snort installation is approaching its bandwidth limits.
Approved for public release; distribution is unlimited.
Showing items related by title, author, creator and subject.
Elazar, Moshe. (Monterey, California. Naval Postgraduate School, 1995-03);Detection of small targets in the presence of noise and sea clutter interference presents a formidable task in a radar system design. Conventional radar detection schemes, such as spectral discrimination and noncoherent ...
Brown, Charles H. (Monterey, California: U.S. Naval Postgraduate School, 1960);Attack aircraft on interdiction or deep support missions are faced with the problem of detecting their targets by visual means. Much has been written about the general theory of computing detection probabilities associated ...
Nelson, Erik J. (Monterey, California. Naval Postgraduate School, 2008-03);This study analyses the trend for initial detection times using both passive and active sonar during submarine-on-submarine operations. Specifically, it simulates a nuclear powered submarine (SSN) searching for a diesel ...