Network data traffic models can be used to show unique characteristics of specific network data traffic. These models can also be used for detecting network data traffic content anomalies, such as malicious code. This is because the characteristics of normal data traffic differ from the characteristics of data traffic harboring malicious code, such as viruses, worms, Trojan horses, spyware, and/or other data that can cause harmful effects. Some network content anomaly detectors that generate, train, and/or use such models can monitor and detect malicious code hidden in network traffic. However, they can still be vulnerable to mimicry attacks and training attacks.
A mimicry attack can be defined as a willful attempt to craft malicious code, or a package in which it is embedded, to look normal with respect to a network data traffic model associated with an anomaly detector, thereby managing to escape the detector's scrutiny. For example, an attacker can craft malicious code by padding the malicious code with a large amount of data bytes that can compose a normal distribution. For instance, one network worm designed to monitor a flow of byte streams into a network can craft an attack worm to appear normal to the detector that monitors the network. Because the network worm can monitor and learn the characteristics of the normal data flow into the network that may also be being used by the detector to train its data traffic models, the characteristics of the attack worm's composition may appear to be normal to the detector when the detector compares the characteristics of the attack worm to the characteristics of the normal network data traffic.
A training attack is an attack whereby an attacker sends a stream of data that deviates from the normal data incrementally or continuously to a target site in order to influence the site's content anomaly detector such that the detector would regard the attacker's malicious code as normal. A content anomaly detector can, and often does, use incoming data traffic to train its content anomaly detection model upon confirming that the data traffic does not cause harmful effects. An attacker can send a stream of data containing sparsely scattered bits and pieces of malicious code that does not cause immediate harms to a target site, but instead continuously trains that site's detector over a period of time to ignore the attack's threat.