Rule support on Audio Video Bridging (AVB) protocol

[Rostanin Gleb SBR DIRCS via Snort-sigs <snort-sigs () lists snort org>]

Internal

Hey Snort team,

is there any information on which additional protocols apart of the standard protocols are supported by snort 2 and 3 
(support of version differs)? I am interested in analyzing the AVB Transportation protocol with SNORT, by, e.g., using 
the dataset of an IDS Automotive Ethernet 
Paper<https://ocslab.hksecurity.net/Datasets/automotive-ethernet-intrusion-dataset>. After Layer 2, the AVB protocol, 
concretely IEEE 1722 (AVTP) protocol follows directly after Layer 2 and 802.1Q VLAN layer. For the IEEE 1588 protocol, 
which is used together with AVB, it is nearly the same.
Is there any possibility on analyzing the packets with Snort? My goal would be to detect injections to the AVTP used by 
a Video stream. Also is possible to detect MAC Flooding attacks with Snort, as Snort does not give the option on 
analyzing Layer 2?

Sincerely

Gleb Rostanin

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!