Revision as of 17:18, 17 December 2006 edit Intgr (talk \| contribs) Autopatrolled, Extended confirmed users, New page reviewers, Pending changes reviewers 32,266 edits m →Overview: rephrase ← Previous edit		Revision as of 18:34, 28 March 2007 edit undo 67.164.250.143 (talk) →Monitoring dynamic behavior Next edit →
Line 9: As a basic level an APIDS would look for, and enforce the correct (legal) use of the protocol. However at a more advanced level the APIDS can learn, be taught or even reduce what itis often an infinite protocol set, to an acceptable understanding of the [[subset]] of that application protocol that is used by the application being monitored/protected. Thus, an APIDS, correctly configured, will allow an application to be "[[fingerprint]]ed", thus should that application be subverted or changed, so will the fingerprint change.

Application protocol-based intrusion detection system: Difference between revisions