I’m currently looking for materials about suricata’s internal design ,implemention and algorithms. Not much was found after googling related topic and looking through the official configuration documenttion(yaml and rules specs) which I think provide some interesting and brief introduction about these stuff.
Reading the source code might be a good start ,that might take some time . So I am wondering is there any such kind of resources/references out there ?