[ovs-dev] Is the Open Flow switch able to calculate the gap of sequence number

Soliman Awad Alshra´a Abdullah TU Ilmenau Abdullah.Alshraa at tu-ilmenau.de
Fri Oct 23 14:38:06 UTC 2020





Dear All,
First of all , I apologize if I send my inquiry to the wrong Email list

I have read in some publication


OpenFLow switch is able to keep track of the sequence number of each traffic flow to detect MAC spoofing attack. Upon reception of a frame, the algorithm calculates the gap G between the sequence number of the current frame and that of the last frame received from the same source address. If G = 0, the current frame is considered as a re-transmitted frame, while if G = 1 or G = 2, the current frame is considered the right one. But, if the gap between the current frame and previous frame is in between 3 and 4096, then it is considered an abnormal sequence number.

In my case, I use Ryu Controller and I would like to do the same work, where the switch sends the alert to the controller after the switch detects the gap.



M.Sc Abdullah Soliman
Technische Universität Ilmenau
Fakultät für Elektrotechnik und Informationstechnik
Fachgebiet Kommunikationsnetze
Besucheradresse:
Helmholtzplatz 2
98693 Ilmenau

Postadresse:
PF 10 05 65
98684 Ilmenau


Telefon

+49 3677 69-2698

[cid:image001.png at 01D62526.1691FEE0]  Abdullah.alshraa at tu-ilmenau.de<mailto:Jochen.Seitz at tu-ilmenau.de>
[cid:image002.png at 01D62526.1691FEE0]  www.tu-ilmenau.de/it-kn<https://www.tu-ilmenau.de/it-kn>

[cid:image003.jpg at 01D62526.1691FEE0]



[cid:image004.png at 01D62526.1691FEE0]





More information about the dev mailing list