Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
CompTIA
Security+
IDS/ positive and negative
beatblam
When the IDS treats the normal network traffic as malicious, its called false positive...so what when the IDS treat the malicious traffic as normal...what will it be called,
Please guys assist me on this one...I seem to get some confusion...
Find more posts tagged with
Comments
Devilsbane
I believe that would be a false negative.
DoubleD
i think it could be TRUE positive
Devilsbane
DoubleD
wrote:
»
i think it could be TRUE positive
A True positive would be finding a threat that is a threat.
QHalo
True Positive:
A legitimate attack which triggers an IDS to produce an alarm.
[2]
False Positive:
An event signaling an IDS to produce an alarm when no attack has taken place.
[2]
False Negative:
A failure of an IDS to detect an actual attack.
[2]
True Negative:
When no attack has taken place and no alarm is raised.
Intrusion detection system - Wikipedia, the free encyclopedia
So that would be a false negative.
dynamik
False Positive - Flagged something that wasn't malicious as being malicious
False Negative - Didn't flag something that was actually malicious
True Positive - Flagged something that was malicious as being malicious
True Negative - Didn't flag something that wasn't malicious
False - Erroneous Action
True - Correct Action/Normal
Positive - Malicious/Abnormal
Negative - Benign/Normal
Edit: Well that was a waste of time
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
