Pisa: Protocol Identification Via Statistical Analysis presented at Blackhat USA 2007

by Rob King,

Tags: Security Analysis

Summary : A growing number of proprietary
protocols are using end-to-end encryption to avoid being detected via
network-based systems performing Intrusion Detection/Prevention and
Application Rate Shaping. Attackers frequently use well known ports that
are open through most firewalls to tunnel commands for controlling
zombie systems.