[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
Protocol Anomaly Attack Objects
Protocol anomaly attack objects identify unusual activity on
the network. They detect abnormal or ambiguous messages within a connection
according to the set of rules for the particular protocol being used.
Protocol anomaly detection works by finding deviations from protocol
standards, most often defined by RFCs and common RFC extensions. Most
legitimate traffic adheres to established protocols. Traffic that
does not, produces an anomaly, which may be created by attackers for
specific purposes, such as evading an IPS.
[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
