In the absence of detailed knowledge about the
various applications, normalizations will tend to be restricted to the
internetwork and transport layers. However,
even at the transport level a normalizer cannot remove all possible
ambiguities. For example, the semantics of the TCP urgent pointer
cannot be understood without knowing the semantics of the application
If the sender sends the text ``robot'' with the TCP urgent pointer set to point to the letter ``b'', then the application may receive either ``robot'' or ``root,'' depending on the socket options enabled by the receiving application. Without knowledge of the socket options enabled, the normalizer cannot correctly normalize such a packet because either interpretation of it could be valid.
In this case, the problem is likely not significant in practice, because all protocols of which we are aware either enable or disable the relevant option for the entire connection--so the NIDS can use a bifurcating analysis without the attacker being able to create an exponential increase in analysis state. However, the example highlights that normalizers, while arguably very useful for reducing the evasion opportunities provided by ambiguities, are not an all-encompassing solution.