limitations in signature analysis

only work against known attacks
new attacks mean blind spots
work only against static signatures
K2's ADMmutate
polymorphic threats
have difficulty with fragments
ptacek and newsham's paper
dugsong's fragroute
have difficulty detecting success
false positives

we will avoid signature based methods ...