Snort Versus Suricata in Intrusion Detection

Authors

  • Dhuha Sabri Ghazi Middle Technically University
  • Hamood Shehab Hamid Electrical Engineering Technical College, Middle Technical University, Baghdad, Iraq
  • Mhammed Joudah Zaiter
  • Ahmed Sabri Ghazi Behadili

DOI:

https://doi.org/10.31987/ijict.7.2.290

Keywords:

Snort, Suricata, Intrusion, Detection, Cyber-Security

Abstract

In the contemporary digital age, the increasing complexity and frequency of cyber threats underscore the need for efficient network intrusion detection systems (NIDS). This paper provides a comprehensive comparative analysis of two prominent NIDS, Snort and Suricata, focusing on their architecture, detection capabilities, and performance metrics. It explores the historical development, operational frameworks, and technological foundations of these systems, highlighting their respective benefits and limitations in different network environments. Snort, known for its extensive rule-based detection, and Suricata, which leverages multi-threading for high-speed traffic handling, are evaluated based on specific security requirements, including traffic volumes, processing speeds, and threat types. The paper also discusses future advancements in NIDS, particularly through the integration of machine learning and AI, to enhance predictive and adaptive capabilities. This analysis aims to inform cybersecurity professionals about the qualifications and capabilities of Snort and Suricata, providing insights for their effective deployment in modern network security infrastructures. The discussion on future trends emphasizes the importance of continuous improvement in NIDS to address evolving cyber threats)

Author Biographies

  • Hamood Shehab Hamid, Electrical Engineering Technical College, Middle Technical University, Baghdad, Iraq

     Asst. Prof Dr. Hamood Shehab Hamid born in 1965, he holds a bachelor’s degree in electrical and electronic engineering in 1986- from the University of Sarajevo / Yugoslavia, a master’s degree in electronics and communications engineering University of Belgrade / Yugoslavia in 1988,  a doctorate in wireless communications engineering from University Sains Malaysia, Penang Malaysia in 2010. He currently works as a faculty member in preliminary and postgraduate studies in the Department of Computer Engineering Techniques at the College of Electrical Engineering Technology at the Middle Technical University / Baghdad. He supervised several master’s students and evaluated many master’s and doctoral research. His research interests include Wireless Communication Systems, Communication Engineering, DSP, Antenna Design, SDR, SFF SDR, RF and RF Microwave. Work Email: drhamood@mtu.edu.iq.

  • Mhammed Joudah Zaiter

    Mohammed Joudah Zaiter  has Master’s degree in Electronic  Engineering (2004)  University of technology –Baghdad AL-Rasheed College of Engineering & Science  (Iraq) and Ph.D. in Communication Engineering (2014) Universiti Tenaga Nasional (UNITEN), working in the Department of Computer Engineering Techniques / Electrical Engineering Technical College / Middle Technical University. He has experience in computer network, security, embedded systems and communication systems.

  • Ahmed Sabri Ghazi Behadili

    Ahmed Sabri Ghazi has Master’s degree in Information Technology and Communication Systems Engineering (2016) from Kazan National Research Technical University, Russia. He is currently a Lecturer of the Department of Renewable Energy/ Energy and Environment College/ Al-Karkh University of Science, Iraq. He has experience in computer network, security, information technology and communication systems

Downloads

Published

2024-09-01

How to Cite

Snort Versus Suricata in Intrusion Detection. (2024). Iraqi Journal of Information and Communication Technology, 7(2), 73-88. https://doi.org/10.31987/ijict.7.2.290

Most read articles by the same author(s)

<< < 1 2 3 4 5 6 7 8 9 10 > >>