Esc
Application Protocol Command Analysis
Definition
Analyzing application protocol level remote commands to detect unauthorized activity.
How it works
This technique requires the ability to parse application layer protocols to understand the commands being sent to a remote service. Signature-based or statistical analysis may be employed to identify unauthorized commands being sent. These commands can be observed by monitoring network traffic or application logs.
loading...
Technique Subclasses
There are 2 techniques in this category, Application Protocol Command Analysis.
Name | ID | Definition | Synonyms |
---|---|---|---|
Application Protocol Command Analysis | D3-APCA | Analyzing application protocol level remote commands to detect unauthorized activity. | |
- Remote Firmware Update Monitoring | D3-RFUM | Monitoring of remote firmware update commands to identify unauthorized software installations. |
loading...
References
All
Patent
The following references were used to develop the Application Protocol Command Analysis knowledge-base article.
(Note: the consideration of references does not imply specific functionality exists in an offering.)
Method and apparatus for detecting anomalies of an infrastructure in a network
Reference Type: Patent Organization: Nozomi Networks
Protocol based detection of suspicious network traffic
Reference Type: Patent Organization: Fortinet