ComputationWorld 2017
February 19 - 23, 2017 - Athens, Greece

  • SERVICE COMPUTATION 2017, The Ninth International Conferences on Advanced Service Computing
  • CLOUD COMPUTING 2017, The Eighth International Conference on Cloud Computing, GRIDs, and Virtualization
  • FUTURE COMPUTING 2017, The Ninth International Conference on Future Computational Technologies and Applications
  • COGNITIVE 2017, The Ninth International Conference on Advanced Cognitive Technologies and Applications
  • ADAPTIVE 2017, The Ninth International Conference on Adaptive and Self-Adaptive Systems and Applications
  • CONTENT 2017, The Ninth International Conference on Creative Content Technologies
  • PATTERNS 2017, The Ninth International Conferences on Pervasive Patterns and Applications
  • COMPUTATION TOOLS 2017, The Eighth International Conference on Computational Logics, Algebras, Programming, Tools, and Benchmarking
  • BUSTECH 2017, The Seventh International Conference on Business Intelligence and Technology

DigitalWorld 2017
March 19 - 23, 2017 - Nice, France

  • ICDS 2017, The Eleventh International Conference on Digital Society and eGovernments
  • ACHI 2017, The Tenth International Conference on Advances in Computer-Human Interactions
  • GEOProcessing 2017, The Ninth International Conference on Advanced Geographic Information Systems, Applications, and Services
  • eTELEMED 2017, The Ninth International Conference on eHealth, Telemedicine, and Social Medicine
  • DIGITAL HEALTHY LIVING 2017, A Multidisciplinary View on Digital Support for Healthy Living and Self-management for Health
  • MATH 2017, The International Symposium on Mobile and Assistive Technology for Healthcare
  • eLmL 2017, The Ninth International Conference on Mobile, Hybrid, and On-line Learning
  • eKNOW 2017, The Ninth International Conference on Information, Process, and Knowledge Management
  • ALLSENSORS 2017, The Second International Conference on Advances in Sensors, Actuators, Metering and Sensing

NexComm 2017
April 23 - 27, 2017 - Venice, Italy

  • ICDT 2017, The Twelfth International Conference on Digital Telecommunications
  • SPACOMM 2017, The Ninth International Conference on Advances in Satellite and Space Communications
  • ICN 2017, The Sixteenth International Conference on Networks
  • SOFTNETWORKING 2017, The International Symposium on Advances in Software Defined Networking and Network Functions Virtualization
  • ICONS 2017, The Twelfth International Conference on Systems
  • MMEDIA 2017, The Ninth International Conferences on Advances in Multimedia
  • PESARO 2017, The Seventh International Conference on Performance, Safety and Robustness in Complex Systems and Applications
  • CTRQ 2017, The Tenth International Conference on Communication Theory, Reliability, and Quality of Service
  • COCORA 2017, The Seventh International Conference on Advances in Cognitive Radio
  • ALLDATA 2017, The Third International Conference on Big Data, Small Data, Linked Data and Open Data
  • KESA 2017, The International Workshop on Knowledge Extraction and Semantic Annotation
  • SOFTENG 2017, The Third International Conference on Advances and Trends in Software Engineering

 


ThinkMind // ICDS 2011, The Fifth International Conference on Digital Society // View article icds_2011_7_40_90007


A Performance Analysis of Snort and Suricata Network Intrusion Detection and Prevention Engines

Authors:
David Day
Benjamin Burns

Keywords: snort; suricata; performance; NIDS; NIDPS;

Abstract:
Recently, there has been shift to multi-core processors and consequently multithreaded application design. Multithreaded Network Intrusion Detection and Prevention Systems (NIDPS) are now being considered. Suricata is a multithreaded open source NIDPS, being developed via the Open Information Security Forum(OISF). It is increasing in popularity, as it free to use under the General Public Licence (GPL), with open source code. This paper describes an experiment, comprising of a series of innovative tests to establish whether Suricata shows an increase in accuracy and system performance over the de facto standard, single threaded NIDPS Snort. Results indicate that Snort has a lower system overhead than Suricata and this translates to fewer false negatives utilising a single core, stressed environment. However, Suricata is shown to be more accurate in environments where multi-cores are available. Suricata is shown to be scalable through increased performance when running on four cores; however, even when running on four cores its ability to process a 2Mb pcap file is still less than Snort. In this regard, there is no benefit to utilising multi-cores whenrunning a single instance of Snort.

Pages: 187 to 192

Copyright: Copyright (c) IARIA, 2011

Publication date: February 23, 2011

Published in: conference

ISSN: 2308-3956

ISBN: 978-1-61208-116-8

Location: Gosier, Guadeloupe, France

Dates: from February 23, 2011 to February 28, 2011

SERVICES CONTACT
2010 - 2015 © ThinkMind. All rights reserved.
Read Terms of Service and Privacy Policy.