scholarly journals False Positives and Negatives from Real Traffic with Intrusion Detection/Prevention Systems

2012 ◽  
pp. 87-90 ◽  
Author(s):  
Cheng-Yuan Ho ◽  
Ying-Dar Lin ◽  
Yuan-Cheng Lai ◽  
I-Wei Chen ◽  
Fu-Yu Wang ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
False Positives ◽  
Real Traffic ◽  
False Positives And Negatives

Creditability-based weighted voting for reducing false positives and negatives in intrusion detection

2013 ◽  
Vol 39 ◽  
pp. 460-474 ◽  
Author(s):  
Ying-Dar Lin ◽  
Yuan-Cheng Lai ◽  
Cheng-Yuan Ho ◽  
Wei-Hsuan Tai
Keyword(s):  
Intrusion Detection ◽  
False Positives ◽  
Weighted Voting ◽  
False Positives And Negatives

Statistical analysis of false positives and false negatives from real traffic with intrusion detection/prevention systems

2012 ◽  
Vol 50 (3) ◽  
pp. 146-154 ◽  
Author(s):  
Cheng-Yuan Ho ◽  
Yuan-Cheng Lai ◽  
I-Wei Chen ◽  
Fu-Yu Wang ◽  
Wei-Hsuan Tai
Keyword(s):  
Statistical Analysis ◽  
Intrusion Detection ◽  
False Positives ◽  
False Negatives ◽  
Real Traffic

The Study of the Ontology and Context Verification Based Intrusion Detection Model

2014 ◽  
Vol 644-650 ◽  
pp. 3338-3341 ◽  
Author(s):  
Guang Feng Guo
Keyword(s):  
Intrusion Detection ◽  
Knowledge Base ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
False Positives ◽  
The Real ◽  
Detection Model ◽  
Positive Rate

During the 30-year development of the Intrusion Detection System, the problems such as the high false-positive rate have always plagued the users. Therefore, the ontology and context verification based intrusion detection model (OCVIDM) was put forward to connect the description of attack’s signatures and context effectively. The OCVIDM established the knowledge base of the intrusion detection ontology that was regarded as the center of efficient filtering platform of the false alerts to realize the automatic validation of the alarm and self-acting judgment of the real attacks, so as to achieve the goal of filtering the non-relevant positives alerts and reduce false positives.

ODARM

2010 ◽  
pp. 40-56
Author(s):  
Fu Xiao ◽  
Xie Li
Keyword(s):  
Intrusion Detection ◽  
Outlier Detection ◽  
Domain Knowledge ◽  
Reduction Rate ◽  
Main Idea ◽  
False Positives ◽  
Training Data ◽  
Intrusion Detection Systems ◽  
Data Mining Technique ◽  
Detection Systems

Intrusion Detection Systems (IDSs) are widely deployed with increasing of unauthorized activities and attacks. However they often overload security managers by triggering thousands of alerts per day. And up to 99% of these alerts are false positives (i.e. alerts that are triggered incorrectly by benign events). This makes it extremely difficult for managers to correctly analyze security state and react to attacks. In this chapter the authors describe a novel system for reducing false positives in intrusion detection, which is called ODARM (an Outlier Detection-Based Alert Reduction Model). Their model based on a new data mining technique, outlier detection that needs no labeled training data, no domain knowledge and little human assistance. The main idea of their method is using frequent attribute values mined from historical alerts as the features of false positives, and then filtering false alerts by the score calculated based on these features. In order to filter alerts in real time, they also design a two-phrase framework that consists of the learning phrase and the online filtering phrase. Now they have finished the prototype implementation of our model. And through the experiments on DARPA 2000, they have proved that their model can effectively reduce false positives in IDS alerts. And on real-world dataset, their model has even higher reduction rate.

The study of protein–protein interactions in bacteria

2012 ◽  
Vol 58 (11) ◽  
pp. 1241-1257 ◽  
Author(s):  
Roberto Velasco-García ◽  
Rocío Vargas-Martínez
Keyword(s):  
Hybrid System ◽  
High Throughput ◽  
Protein Interactions ◽  
Specific Protein ◽  
False Positives ◽  
Interaction Networks ◽  
Protein Protein Interactions ◽  
Extensive Data ◽  
False Positives And Negatives

Many of the functions fulfilled by proteins in the cell require specific protein–protein interactions (PPI). During the last decade, the use of high-throughput experimental technologies, primarily based on the yeast 2-hybrid system, generated extensive data currently located in public databases. This information has been used to build interaction networks for different species. Unfortunately, due to the nature of the yeast 2-hybrid system, these databases contain many false positives and negatives, thus they require purging. A method for confirming these PPI is to test them using a technique that operates in vivo and detects binary PPI. This article comprises an overview of the study of PPI and describes the main techniques that have been used to identify bacterial PPI, prioritizing those that can be used for their verification, and it also mentions a number of PPI that have been identified or confirmed using these methods.

scholarly journals On minimizing assignment errors and the trade-off between false positives and negatives in parentage analysis

2013 ◽  
Vol 22 (23) ◽  
pp. 5738-5742 ◽  
Author(s):  
Hugo B. Harrison ◽  
Pablo Saenz-Agudelo ◽  
Serge Planes ◽  
Geoffrey P. Jones ◽  
Michael L. Berumen
Keyword(s):  
Parentage Analysis ◽  
False Positives ◽  
Trade Off ◽  
False Positives And Negatives
Sign in / Sign up

Export Citation Format

Share Document