What is a common disadvantage of Intrusion Detection Systems (IDS)?

Intrusion Detection Systems (IDS) are essential tools for cybersecurity, but they do come with certain disadvantages, one of which is the potential to drain defender resources due to false positives. Such systems monitor network traffic and analyze data packets against predefined rules or behavior patterns. However, when they incorrectly flag benign activity as malicious (false positives), this can overwhelm security personnel and divert them from legitimate threats. As a result, defenders may spend significant time investigating these alerts rather than addressing real security incidents, ultimately straining resources and reducing overall effectiveness.

While the other options touch on various aspects of intrusion detection systems, they do not encapsulate this issue as effectively. Inaccuracy in alerts can be a broader issue but does not specifically emphasize the resource drain aspect. The assertion that IDS requires no maintenance or tuning is misleading, as systems often need fine-tuning to optimize their detection rates and minimize false positives. Lastly, stating that IDS are only effective against known malware ignores their broader capability to detect unusual behavior or anomalies, thereby reducing the relevance of that option in relation to common disadvantages.