<![CDATA[Analyze attack detection accuracy and CPU Resource usage efficiency of Snort and Suricata attack detection tools installed on the Web Server..Snort and Suricata are IDS tools used to detect network attacks. Snort Snort is an Open Source Intrusion Prevention System (IPS) using a set of rules that help determine malicious network activity and uses those rules to find packets that match it and generate alerts for users. Suricata is a leading independent open source threat detection engine. By combining intrusion detection (IDS), intrusion prevention (IPS), network security monitoring (NSM) and PCAP processing, Suricata can quickly identify, stop, and assess the most advanced attacks.From the results of this study that at the time of flood DOS Attack Snort had an average of 93.5% while Suricata had 94.2% in the CPU section on port 80. This explains that Suricata is superior in efficiency compared to Snort during flood DOS Attack. As for the port 443, Snort has an average of 94.5% and Suricata has 95.67% in the CPU section on port 443, proving that Suricata is superior in CPU activity. For the memory section, Snort has an average of 19.9% for memory usage or is efficient compared to Suricata which has an average memory usage of 69.3% on port 80. On port 443 Snort has an average memory usage of 30.3% compared to with Suricata which has an average memory usage of 30.5%, it means that Suricata has less usage than Snort]]>
