A Comparative Study on Function and Performance of Snort and Suricata
We have tried to compare two different IDSs which are widespread over the network
administrator, Snort and Suricata, in functional and performance aspects. Specifically, we
focused on analyzing upon what functions for detecting threat were added newly and what
Multi-Threading introduced newly for Suricata has influenced in a performance aspect. As a
result, we could discover that there are some features in Suricata which has never existed in
Snort such as Protocol Identification, HTTP Normalizer & Parser, and File Identification. Also …
administrator, Snort and Suricata, in functional and performance aspects. Specifically, we
focused on analyzing upon what functions for detecting threat were added newly and what
Multi-Threading introduced newly for Suricata has influenced in a performance aspect. As a
result, we could discover that there are some features in Suricata which has never existed in
Snort such as Protocol Identification, HTTP Normalizer & Parser, and File Identification. Also …
Abstract
We have tried to compare two different IDSs which are widespread over the network administrator, Snort and Suricata, in functional and performance aspects. Specifically, we focused on analyzing upon what functions for detecting threat were added newly and what Multi-Threading introduced newly for Suricata has influenced in a performance aspect. As a result, we could discover that there are some features in Suricata which has never existed in Snort such as Protocol Identification, HTTP Normalizer & Parser, and File Identification. Also, It was proved that the gap of PPS (Packets Per Second) becomes wider, as the number of CPU Cores which are working increase. Therefore, we could conclude that Suricata can be an efficient alternative for Snort considering the result that Suricata is more effective quantitatively as well as qualitatively.
koreascience.kr
以上显示的是最相近的搜索结果。 查看全部搜索结果