[Oisf-devel] Suricata extension for layer 2 attacks
awaisali901 at gmail.com
Fri Mar 6 15:36:59 UTC 2020
I am master student working in intrusion detection domain, now a days I am
working on possible extension of Suricata for layer 2 attacks.
I want to detect attacks in special layer 2 protocols like Goose, CDP etc.
If I want to detect the attacks in the payload of the Goose protocol then
there is no such solution since Suricata detects payload of layer 3 and
There are many such special protocols in in layer 2 where if you want to
detect regular expressions/content in the payload then there is no such
I want to extend suricata in this domain by writing decoders of that
particular protocol the way we have for other protocols like tcp/udp above
I need to know how i can extend Suricata for layer 2?
I hope you will cooperate in this regard. I am looking forward to hearing
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Oisf-devel