HTTP/2 control-frame flood (SETTINGS/PING — CVE-2019-9515/9512)
net.h2_control_flood · convicts
networklayer
automationcategory
1evaders caught
What it catches
CVE-2019-9515 (SETTINGS flood) / CVE-2019-9512 (PING flood) — control-frame amplification DoS
Signals it reads
network.h2_control_flood
How it fires
present
Evaders it caught 1
Bypassed by 10
Frontier evaders that reach the detector uncaught (scored only suspicious, defeating every convicting tell) — this check is not one that stops them. The red-team frontier this detection still has to convict.