[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
Signature Attack Objects
Signature attack objects detect known attacks using stateful
attack signatures. An attack signature is a pattern that always exists
within an attack; if the attack is present, so is the attack signature.
With stateful signatures, IDP can look for the specific protocol or
service used to perpetrate the attack, the direction and flow of the
attack, and the context in which the attack occurs. Stateful signatures
produce few false positives because the context of the attack is defined,
eliminating huge sections of network traffic in which the attack would
not occur.
[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
