Sadly, the answer is no.
Just like bad guys don’t usually knock on your front door, identify themselves truthfully, and wait to be invited in, many of the security threats disguise themselves well and aren’t immediately known to us.
So how do we get rid of these threats without building the walls so high that we no longer see the sun? It’s all about philosophy.
It all happened at a lunch, where our Senior Director of R&D, Jason Fredrickson, suddenly went all philosophical and started to discuss the relationship between deductive/inductive reasoning and intrusion detection mechanisms. Deductive reasoning, the basis of traditional signature-based intrusion detection solutions, is used to reach logically certain conclusions based on general statements. For example:
- If a man with a knife shows up at your door, then he will rob your house.
- The man coming in did not have a knife.
- The man will not rob your house.
Inductive reasoning, used by behavior-based intrusion detection, however, states it this way:
- If a woman unknown to you appears in your house, there is a 60% chance that she will rob your house.
- There is a woman unknown to you in your house.
- There is a 60% chance that this woman will rob your house. Consider calling the police?