Abstract
The threat of intrusion has become a reality in modern network infrastructures, especially with the increased usage of IoT devices, cloud computing and wireless telecommunications. In this context, Network intrusion detection systems (NIDS) are becoming strategic security solutions, offering thorough defence against potential threats to the integrity, confidentiality, and availability of the data on a network. Many NIDS systems have been proposed in the literature, but Snort and Suricata are the most known in the open-source market. This paper compares the performance of the two NIDS, especially with the release of Snort 3 which is considered as the next generation of the Snort NIDS by integrating new ideas such as multithreading, expanded bindings and better cross-platform support. The quantitative study is done in a virtualised network environment in order to measure the performance of each NIDS in terms of accuracy, memory and processor usage, packet processing rate and the number of packet losses of each NIDSs. From this study, we have concluded that Snort 3 has better performance than Snort 2 and both Snort 3 and Suricata perform well but are not perfect and have some limitations that should be tackled.
Original language | English |
---|---|
Title of host publication | 2023 IEEE IAS Global Conference on Emerging Technologies, GlobConET 2023 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Number of pages | 6 |
ISBN (Electronic) | 9798350331790 |
ISBN (Print) | 9798350331806 |
DOIs | |
Publication status | Published - 16 Jun 2023 |
Event | 2023 IEEE IAS Global Conference on Emerging Technologies, GlobConET 2023 - London, United Kingdom Duration: 19 May 2023 → 21 May 2023 |
Conference
Conference | 2023 IEEE IAS Global Conference on Emerging Technologies, GlobConET 2023 |
---|---|
Country/Territory | United Kingdom |
City | London |
Period | 19/05/23 → 21/05/23 |
Keywords
- Multithreaded
- Network Security
- NIDS
- Signature-based detection
- Snort
- Suricata