In network security, evasion is bypassing an information security defense in order to deliver an exploit, attack, or other form of malware to a target network or system, without detection.
Evasions are typically used to counter network-based intrusion detection and prevention systems (IPS, IDS) but can also be used to by-pass firewalls and defeat malware analysis.
Attacks carried in such sessions will happen right under the nose of the network and service administrators.
Various advanced and targeted evasion attacks have been known since the mid-1990s: The 1997 article[1] mostly discusses various shell-scripting and character-based tricks to fool an IDS.
The Phrack Magazine article[3] and the technical report from Ptacek et al.[2] discusses TCP/IP protocol exploits, evasions and others.