Application Protocol-based Intrusion Detection System - Monitoring Dynamic Behavior

Monitoring Dynamic Behavior

At a basic level an APIDS would look for, and enforce, the correct (legal) use of the protocol.

However at a more advanced level the APIDS can learn, be taught or even reduce what is often an infinite protocol set, to an acceptable understanding of the subset of that application protocol that is used by the application being monitored/protected.

Thus, an APIDS, correctly configured, will allow an application to be "fingerprinted", thus should that application be subverted or changed, so will the fingerprint change.

Read more about this topic:  Application Protocol-based Intrusion Detection System

Famous quotes containing the words dynamic and/or behavior:

    Knowledge about life is one thing; effective occupation of a place in life, with its dynamic currents passing through your being, is another.
    William James (1842–1910)

    There are ... two minimum conditions necessary and sufficient for the existence of a legal system. On the one hand those rules of behavior which are valid according to the system’s ultimate criteria of validity must be generally obeyed, and on the other hand, its rules of recognition specifying the criteria of legal validity and its rules of change and adjudication must be effectively accepted as common public standards of official behavior by its officials.
    —H.L.A. (Herbert Lionel Adolphus)