<![CDATA[In recent years, Snort and Suricata have become based open source IDS which are progressing rapidly. However, there has been a problem among users to select both IDS in the case of TCP SYN Flood attack detection. Previous researches have compared both IDS in terms of POD and Social Engineering attacks on a sophisticated scope. Therefore, this study will be conducted within the scope of a single core and an apple-to-apple scenario.There are three methods that have been applied to the test environment. These methods are launching packets with normal traffic and bad traffic. Another method is to combine the two traffic and launch it into the research environment. The use of these three methods aims to determine the performance of IDS Snort and IDS Suricata in dealing with TCP SYN Flood attacks. The parameters to be tested in this research are detection accuracy, detection rate, detection effectiveness and use of system resources.Methods such as calculating percentage accuracy and standard deviation calculations are used to analyzing and discussing the results obtained in this test. From the discussion it was found that Snort IDS excel in aspects such as detection accuracy, detection speed and detection effectiveness. However, IDS Suricata is more efficient in resource usage compared to Snort IDS.]]>
Copyrights © 2018
