Performance Analysis and Comparison of Snort on Various Platforms

Authors

  • Alka Gupta Department of Computer Science and IT, University of Jammu
  • Lalit Sen Sharma Department of Computer Science and IT, University of Jammu

Keywords:

NIDS, NIDPS, Snort v2.X, D-ITG, Performance, virtual server

Abstract

Snort has emerged as a reliable technology for identifying malicious activities in networks. In this paper, a systematic approach has been followed to estimate the performance offered by Snort, an open-source network intrusion detection and prevention system on different platforms. Extensive experiments are conducted on Windows Server 2016, Ubuntu Server 16.04 and Virtual Windows Server 2016 to identify the characteristics of the network traffic that affects Snort’s performance. The study establishes the incapacity of Snort to cope up with the large packet sizes and high-speed traffic. It is also found that Snort has tendency to drop packets on all the Servers for normal as well as malicious traffic but shows better performs on Ubuntu Server for both high-speed traffic and different packet sizes. The study experimentally exhibits poor performance of Snort on Virtual Windows Server.

Downloads

Download data is not yet available.

Downloads

Published

2020-01-01

How to Cite

Alka Gupta, & Lalit Sen Sharma. (2020). Performance Analysis and Comparison of Snort on Various Platforms. International Journal of Computer Information Systems and Industrial Management Applications, 12, 10. Retrieved from https://cspub-ijcisim.org/index.php/ijcisim/article/view/397

Issue

Vol. 12 (2020)

Section

Original Articles

License

Copyright (c) 2023 International Journal of Computer Information Systems and Industrial Management Applications

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.