Site Policy Awareness:
An IDS’s ability to dynamically modify its site policies in reaction or
response to environmental activity.
True attack stimulus:
An event that triggers alarms and causes an IDS to react as if a real attack
is in progress.
Attack protocol :
is series of steps or processes used by an attacker, in a logical sequence, to
launch attack against a target system or network
Confidence Value:
A value associated with an IDS’s ability to detect and identify an attack
correctly.
Alarm Filtering:
The process of classifying the attack alerts that an IDS produces in order to
distinguish/sort false positives from actual attacks more efficiently.
Footprinting
: Identification of the network architecture and Internet addresses that are owned or
controlled by the target organization
Doorknob rattling
:
is an initial estimation of the defensive capabilities and/or state of an
organizations networks and system
