Skip to main content
Article thumbnail
Location of Repository

Performance Evaluation Study of Intrusion Detection Systems.

By Adeeb M. Alhomoud, Rashid Munir, Jules F. Pagna Disso, A. Al-Dhelaan and Irfan U. Awan

Abstract

With the thriving technology and the great increase in the usage of computer networks, the risk of having these network to be under attacks have been increased. Number of techniques have been created and designed to help in detecting and/or preventing such attacks. One common technique is the use of Network Intrusion Detection / Prevention Systems NIDS. Today, number of open sources and commercial Intrusion Detection Systems are available to match enterprises requirements but the performance of these Intrusion Detection Systems is still the main concern. In this paper, we have tested and analyzed the performance of the well know IDS system Snort and the new coming IDS system Suricata. Both Snort and Suricata were implemented on three different platforms (ESXi virtual server, Linux 2.6 and FreeBSD) to simulate a real environment. Finally, in our results and analysis a comparison of the performance of the two IDS systems is provided along with some recommendations as to what and when will be the ideal environment for Snort and Suricata

Topics: Attacks, ; Intrusion Detection Systems (IDS), ; Traffic, ; Performance evaluation, ; Packet drops, ; Suricata, ; Snort, ; Alerts, ; Network security
Year: 2011
DOI identifier: 10.1016/j.procs.2011.07.024
OAI identifier: oai:bradscholars.brad.ac.uk:10454/5224
Provided by: Bradford Scholars
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://hdl.handle.net/10454/52... (external link)
  • http://dx.doi.org/10.1016/j.pr... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.