Subversive Technologies & Countermeasures
 Intrusion detection systems
|
| Intrusion detection systems (IDS) monitor network and system activity in an attempt to detect subversive behavior. Many IDS systems rely upon patterns or signatures that can be matched against network traffic. Such systems are easily subverted because many attacks can be refactored or re-encoded in multiple ways. IDS systems also suffer from performance issues. Most large networks operating at over 300 MB/ sec are far beyond tha capabilities of IDS equipment. IDS equipment cannot usually keep up with the network stream and will drop packets. IDS equipment that is designed to be as fast as the network sacrifice accuracy and are prone to false positives, and are thus filtered or shunted reducing their value. IDS equipment typically does not offer much value other than revealing script-kiddie level scanning operations. Commerical off-the-shelf IDS equipment has, for the most part, already been subverted by serious attackers in a lab scenario before actual attacks are executed.
|
|
Articles in category "Intrusion detection systems"
There is one article in this category.
D
