Which attack technique can effectively bypass an IDS by fragmenting packets?

Packet fragmentation is a technique where data packets are split into smaller fragments to evade detection by Intrusion Detection Systems (IDS). IDS often analyze packets in their entirety to identify malicious activities based on known signature patterns or unusual behaviors. When an attacker fragments packets, the IDS may only see incomplete data that does not raise an alarm. Because the fragments can be reassembled at the destination, the full malicious payload can go unnoticed, effectively bypassing the IDS.

In contrast, SQL injection, cross-site scripting, and session hijacking target different vulnerabilities and do not exploit packet structure or fragmentation as a means to evade detection. These attacks rely more on weaknesses in application logic or user sessions rather than manipulation of packet transmission methods. Thus, they would not be effective in bypassing an IDS through fragmentation.