Quantitative analysis of intrusion detection systems: Snort and Suricata

Joshua S. White; Thomas Fitzsimmons; Jeanna N. Matthews

doi:10.1117/12.2015616

28 May 2013 Quantitative analysis of intrusion detection systems: Snort and Suricata

Joshua S. White, Thomas Fitzsimmons, Jeanna N. Matthews

Proceedings Volume 8757, Cyber Sensing 2013; 875704 (2013) https://doi.org/10.1117/12.2015616
Event: SPIE Defense, Security, and Sensing, 2013, Baltimore, Maryland, United States

Abstract

Given competing claims, an objective head-to-head comparison of the performance of both the Snort R and Suricata Intrusion Detection Systems is needed. In this paper, we present a comprehensive quantitative comparison of the two systems. We have developed a rigorous testing framework that examines the performance of both systems as we scale system resources. Our results show that a single instance of Suricata is able to deliver substantially higher performance than a corresponding single instance of Snort. This paper describes in detail both the testing framework capabilities, tests performed and results found.

Citation Download Citation

Joshua S. White, Thomas Fitzsimmons, and Jeanna N. Matthews "Quantitative analysis of intrusion detection systems: Snort and Suricata", Proc. SPIE 8757, Cyber Sensing 2013, 875704 (28 May 2013); https://doi.org/10.1117/12.2015616

ACCESS THE FULL ARTICLE

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available