Intrusion Countermeasure Electronics are software constructs in cyberspace that secure the system against unauthorized use, monitor users and remove or analyze threat once it’s found. Each ICE has a rating which specifies it’s effectiveness. Rating is hidden from users but decker can run analyze software to determine ICE type and rating. If the ICE is triggered – either through user checks or system alert – it goes into alerted status. In this status user requests are blocked until the alert is over.
Firewall acts as a barrier against unauthorized users. This ICE sits before link to other node and users have to provide passcode to move through this link. Deckers can find passcode inside data in the system or they can attempt to hack the ICE to allow passage.
Scanner ICE roams inside the system and performs user checks in each node it passes. Every user is asked to provide passcode, if the passcode is not valid the ICE raises alert level. If system alert reaches red level, ICE alerts all other ICE in the node. If a user leaves the node before providing passcode, scanner ice will follow her and alert ICE in every node they enter.
This ICE sits in system nodes where higher security is required. It checks and validates every action of users in the node before the action is allowed. This includes the actions deckers use to manipulate files, disable IO nodes or access functions of security/CPU nodes. Failed attempts can trigger the ICE to raise a system alert and inform other ICE in the node.
Attack ICE is the active defense of systems. After alert is raised or this ICE is otherwise alerted, it attacks the integrity of intruder’s cyberspace avatar. When decker’s cyberspace integrity reaches zero, she is dumped from system. There are also illegal variants of attack ICE that try to cause a force feedback surge in the decker’s brain, causing physical damage and possibly killing the decker.
Worm ICE sits on top of mission critical files inside Data node and guards it against access. Users without passcode are denied all access and any detected attempt to tamper with file will cause the ICE to raise system alert and delete the file to prevent data leak. Deckers have to use special decrypt software to try and remove the worm without damaging the file.