Overactive IDS causes test failure

I finally found what was causing WebTest_Contact_AdvancedSearchTest to fail:
Basically this test opens Advanced Search and keeps submitting the form over and over again, with more and more params. By the time it gets to the end of the test it has opened all the search panes and has filled in almost every field. The final time it hits search we get a white screen o json:

{"IP":"127.0.0.1","error_code":"IDS_KICK","level":"security","referer":"http:\/\/d7.civitest\/civicrm\/contact\/search\/advanced?_qf_Advanced_display=true&qfKey=31fa5bef1c90368aeeec92378690fde7_4317","reason":"XSS suspected","is_error":1,"error_message":"There is a validation error with your HTML input. Your activity is a bit suspicious, hence aborting"}

This might provide a clue about why we keep getting reports on the forums of people getting kicked by the IDS for totally innocent content: it's not just quality, but also quantity.
Not having looked at the code here's a hypothesis: I think the IDS's calculations might be cumulative, so if a user fills in one field, and the IDS flags it as a "low level" warning, the form will be allowed to submit. However if they fill in 5 such fields, each of the "low level" warnings will be added up and the sum total will result in a kick. Not sure if this is by design or if it's a bug, but it is a problem.