update:The rule will be triggered if I use byte_test directly, while extracting bytes to a variable and then applying byte_test to it does not work. 
#works
alert tcp any any -> any any (msg:"Windows 8";tcp.flags:S,CE;window:65535;tcp.hdr;content:"|02 04 05 b4 01 03 03 08 01 01 04 02|";offset:20;byte_test:1,=,0x80,0;ttl:128,12;sid:1104780; rev:1;)
#does not work
alert tcp any any -> any any (msg:"Windows 8";tcp.flags:S,CE;window:65535;tcp.hdr;content:"|02 04 05 b4 01 03 03 08 01 01 04 02|";offset:20;byte_extract:1,12,tcphdrlen;byte_test:tcphdrlen,=,0x80,0;ttl:128;sid:1104781; rev:1;)