AET

An advanced evasion technique (AET) is a type of network attack that combines several different known evasion techniques on-the-fly to create a new technique that won't be recognized by an intrusion detection system.

AETs are any evasive hacking techniques that allow an intruder to bypass security detection during a network-based attack.Advanced Evasion Techniques Stealth cyber attack methods that bypass network security Stackable through simultaneous execution on multiple protocol layers Capable of changing dynamically even during an attack High number of evasion combinations and modifications Not satisfactorily tested in published security device lab tests If your network security device (NGFW, IDS, IPS or UTM) does packet or pseudo packet-based inspection across a limited number of protocols and network layers – with signature pattern matching – you are vulnerable to AETs

Here is a very simplified explanation for how an AET works:

Let's say that the words "attack" and "intrude" represent two strings of known malicious code. When an IDS identifies those strings in a request, the system intervenes and denies entry. If, however, "kaarindtuettcr" and "tittnrrakdeuac" were part of a request, the system wouldn't recognize the code as simply being the well-known malicious strings "attack" and "intrude" combined and rearranged in a new way. The IDS would not intervene and entry would be allowed.