A single line of defence is not enough
Evasion techniques evade the exiting network security devices such as signature based IPS and firewalls to enter the internal network to deliver exploits in servers. Most of the Intrusion detection and prevention system rely on attack signatures to identify malicious strings in the traffic. The strings used to evade the devices are not malicious themselves. Their main purpose is to pass through IDS without triggering alarms.
Cybercriminals are constantly developing new ways to make themselves invisible to threat detection. Using some evasion techniques, criminals can hide malicious indicators during the malware analysis and software monitoring, both on the network layer and host-based detection.
In detail, evasion is one of the crucial steps in the malware landscape. It can be done in various ways with various techniques. Although we will not cover all the techniques used, the following compiles some of the evasion strategies used by criminals in the wild.
Shape Divider - Style clouds