Previous
The Truth About False Positives
White Papers In the security industry, many security analysts remark that Intrusion Detection Systems (IDS) are plagued by false positives. Many IDS sensors have less than a 5% rate of false positives. It is important to distinguish between two concepts that...
[August 14, 2003, 16:19]
How To Reduce False Positives
White Papers False positives are a significant and rapidly growing menace to IT Security, resulting in reduced productivity, poor quality security practices and greater risk. Modern security management software [as provided by ExaProtect] correlates a large...
[October 24, 2007, 1:00]
Bonded Sender For ISPs: Eliminate False Positives And Catch More Spam
White Papers This white paper presents the Bonded Sender Program for ISPs. The IronPort™ Bonded Sender™ Program turns the spam problem upside down by identifying legitimate email traffic. Originators of legitimate email post a financial bond to ensure the...
[November 30, 2003, 21:42]
False Positives: A User's Guide To Making Sense Of IDS Alarms
White Papers This paper looks at the types of alarms that are returned by Intrusion Detection System (IDS) and their relative values. It begins with offering some definitions of IDS alert terminology, and concludes by outlining some ways the user can assess the...
[November 22, 2003, 5:26]
Information Policy, Data Mining, And National Security: False Positives And Unidentified Negatives
White Papers Since 9/11, intelligence agencies in the United States have expanded experimentation and use of data mining and analysis techniques to combat terrorism. These efforts have generated significant privacy concerns and discussions about the appropriate...
[April 5, 2005, 3:00]
An Achilles' Heel In Signature-Based IDS: Squealing False Positives In SNORT
White Papers This paper reports a vulnerability to network signature-based IDS which has been tested using Snort and is called "Squealing". This vulnerability has significant implications since it can easily be generalized to any IDS.
[June 3, 2008, 6:03]
Reputation-Based Mail Flow Control: Blocking Extreme Spam And Reducing 'False Positives'
White Papers This paper answers why the next generation of spam control solutions is need to move beyond just content filtering in order to be effective. Reputation-based information makes existing filters more effective and will form the foundation of more...
[October 21, 2003, 9:01]
Sun Proves The Open Market With MySQL
Leader Sun's acquisition of MySQL is easier to define in negatives than positives. But $1bn buys you some positives, too — in this case, 11 million users at roughly $100 a head. It is not a company filling a hole in its technology portfolio: Sun already...
[January 17, 2008, 17:09]
ATLANTIDES: An Architecture For Alert Verification In Network Intrusion Detection Systems
White Papers This paper presents an architecture1 designed for alert verification (i.e.to reduce false positives) in network intrusion-detection systems. The false positives raised by the NIDS analyzing the incoming traffic (which can be either signature- or...
[June 12, 2008, 1:01]
Context-Based Intrusion Detection Using Snort, Nessus And Bugtraq Databases
White Papers Intrusion Detection Systems (IDS) use different techniques to reduce the number of false positives they generate. However, this is often not sufficient and more network context information needs to be added to these Stateful IDS (SIDS) signatures...
[May 21, 2008, 1:01]
An Efficient And Intelligent Intrusion Detection And Response System Using Virtual Private Networks, Firewalls And Packet Filters
White Papers Due to the high percentage of alerts generated by such systems, the level of false positives is among the significant problems. This paper presents intelligent strategies for reduction of false positives and infrastructure protection using a novel...
[June 19, 2008, 1:01]
Cross-Layer Analysis For Detecting Wireless Misbehavior
White Papers As a result IDSs suffer from a large number of false positives. Moreover other environmental conditions like radio interference and congestion increase false positives, complicating classification of legitimate nodes and attackers.
[May 12, 2006, 0:00]
Evaluating Host Intrusion Detection Systems.
White Papers While HIDSs and Network Intrusion Detection Systems (NIDSs) greatly differ, similar evaluations have been performed on both types of IDSs by assessing metrics associated with the classification algorithm (e.g.true positives, false positives).
[June 18, 2008, 1:01]
International Investment Bank Shows Returns On Commtouch Spam Control
White Papers However, even with continuous updates requiring significant management effort, as spammers became more inventive and spam volumes tripled, the solution did not block enough spam and false positives reached an unreasonable level due to domain...
[June 3, 2004, 0:00]
Handle New Unknown Threats Before They Impact Your System: Panda Software’s TruPrevent Technology
White Papers IDS only alerts you to possible suspicious behavior and is prone to many false positives. The solution is a proactive intrusion prevention system that identifies, blocks and eliminates threats without false positives and without human intervention.
[January 24, 2005, 17:28]
Microsoft's Own Antivirus Fails To Secure Vista
News In order to be awarded a pass, the software had to detect all the viruses with no false positives. The other 11, including software from Computer Associates, Fortinet, F-Secure, Kaspersky, Sophos and Symantec, detected all the viruses with no false...
[February 6, 2007, 13:08]
Microsoft: Gmail Is A Virus
News The software maker is reviewing its procedures and processes in order to minimise the occurrence of further false positives, the Microsoft representative said. False positives happen occasionally with security software.
[November 14, 2006, 8:23]
RSA Calls For 'thinking' Security Systems
News The problem is with false positives," Schneier told ZDNet.co.uk. We're not at the stage where we can tune out false positives. Security company RSA has called for security systems to use artificial intelligence, but some experts claim the...
[April 9, 2008, 11:27]
Businesses Warned Of Profiling Dangers
News The information commissioner said that both businesses and police need to avoid false positives and negatives in their data, especially as police start to adopt profiling techniques used in the private sector.
[March 28, 2007, 17:26]
Surveillance Or Dead Lock?
News Third, IDSs generate a huge number of false positives, telling you that your network is being attacked when it's not. They do not analyse it and then effect a response -- which could, in fact, be the wrong response, as we have seen with false...
[August 20, 2002, 20:19]
