Monitoring Dynamic Behavior
At a basic level an APIDS would look for, and enforce, the correct (legal) use of the protocol.
However at a more advanced level the APIDS can learn, be taught or even reduce what is often an infinite protocol set, to an acceptable understanding of the subset of that application protocol that is used by the application being monitored/protected.
Thus, an APIDS, correctly configured, will allow an application to be "fingerprinted", thus should that application be subverted or changed, so will the fingerprint change.
Read more about this topic: Application Protocol-based Intrusion Detection System
Famous quotes containing the words dynamic and/or behavior:
“Knowledge about life is one thing; effective occupation of a place in life, with its dynamic currents passing through your being, is another.”
—William James (1842–1910)
“One never gets to know a person’s character better than by watching his behavior during decisive moments.... It is always only danger which forces the most deeply hidden strengths and abilities of a human being to come forth.”
—Stefan Zweig (18811942)