The rapid evolution of the emerging communication landscape prompted the rise of never seen before threats, in this way encouraging the development of more effective Network-based Intrusion Detection Systems (NIDS) able to recognize outlying behaviors. But despite the theoretical effectiveness of the existing state-of-the-art, the in-depth review of the bibliography suggests the need for their constant adaptation to the changes in their operational environment and preventing being evaded by mimicry methods. The latest threats attempt to hide the malicious actions in a tangle of statistical features that simulate the normal use of the protected network, so they acquire a greater chance of avoiding the defensive actuators. In order to contribute to their mitigation, this paper introduces a novel intrusion detection strategy resistant against mimicry. The proposal constructs models of the network usage and from them, analyzes the binary contents of the traffic payload looking for outlying patterns that may evidence malicious contents. In contrast to most previous solutions, our research overcomes the traditional strengthening via randomization, by taking advantage of scoring the suspicious packet similarity between legitimate and previously built adversarial models. Its effectiveness was evaluated on the public datasets DARPA’99 and UCM 2011, where its ability to recognize attacks obfuscated by imitation was proven.