Many organizations are deploying intrusion detection systems today, with mixed results. Why? IDS is a fairly well-understood technology and
problem, yet many organizations don’t feel that it is paying off. In this talk, we’ll examine the big challenges that are holding IDS back, and will describe some of the (fairly simple) techniques by which the situation can be improved.