protocol anomaly


Also found in: Medical.

protocol anomaly

A deviation from the standard protocol. An intrusion detection system (IDS) may look for protocol anomalies in order to identify attacks without a signature. Protocol anomalies reduce false positives with well-understood protocols, but may cause false positives with poorly understood or complex protocols. See IDS.
Mentioned in ?
References in periodicals archive ?
Symantec's new ManHunt product is an advanced network-based IDS solution that provides protocol anomaly detection for known and unknown or "zero day" attacks, signature detection with custom signature support, and behavioral anomaly analysis or statistical flow analysis intrusion detection for denial of service attacks, at speeds of up to 2 gigabits per second, dependent upon system configuration.