Look Up Another Term

Definition: protocol anomaly


A deviation from the standard protocol. An intrusion detection system (IDS) may look for protocol anomalies in order to identify attacks without a signature. Protocol anomalies reduce false positives with well-understood protocols, but may cause false positives with poorly understood or complex protocols. See IDS.