|
|
Focus on IDS
Re: Re: Snort with an expert system Jun 22 2009 07:47PM tol sics se (1 replies) Re: Snort with an expert system Jun 25 2009 08:45AM Stefano Zanero (s zanero securenetwork it) (1 replies) Re: Snort with an expert system Jun 25 2009 09:08AM Tomas Olsson (tol sics se) (1 replies) Re: Snort with an expert system Jun 25 2009 09:48AM Stefano Zanero (s zanero securenetwork it) (1 replies) |
|
Privacy Statement |
> intrusion or attack is underway"
That's a good definition, but not really complete. Under that
definition, if you place a rule that flags IRC connections, and it
fires, is that a false positive?
Is it a false positive a case where there is no rule, or the traffic
does not match with the rule, and the engine still fires?
Is it a false positive a case where a rule correctly matches, but the
user didn't want to be alerted to that traffic ?
> In addition, I don't understand why there would be no reason that this
> algorithm would work. Could you explain? The algorithm is developed by
> experts in Bayesian statistics and has been applied in other fields as
> well.
The algorithm type has apparently no relevance to the problem. Why
should a false positive be statistically different, in the sense you are
considering, from a true positive?
Best,
Stefano
-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate on your web server, you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a
17f194
[ reply ]