Evasion is bypassing an information security device in order to deliver an exploit, attack, or other forms of malware to a target network or system, without detection. Evasions are typically used to counter network-based intrusion detection and prevention systems (IPS, IDS) but can also be used to bypass firewalls and defeat malware analysis. A further target of evasions can be to crash a network security device, rendering it in-effective to subsequent targeted attacks.

Categories

• Protocol vulnerabilities
• Covert channels
• Anti-forensics

Well known techniques

• Encoding
• Encryption
• Network tunneling

Matrix techniques

• Anonymous services
• Public services
• Encryption
• Encoding
• Custom protocol
• Custom obfuscation
• Compression

References

• WikiPedia - Evasion