Showing papers on "False positive paradox published in 1970"
01 Jan 1970
TL;DR: This paper proposes a strategy to focus on detection involving statistical analysis of both attack and normal traffics based on the training data of KDD Cup 99, which includes a hybrid statistical approach which uses Data Mining and Decision Tree Classification.
Abstract: Although intelligent intrusion and detection strategies are used to detect any false alarms within the network critical segments of network infrastructures, reducing false positives is still a major challenge. Up to this moment, these strategies focus on either detection or response features, but often lack of having both features together. Without considering those features together, intrusion detection systems probably will not be able to highly detect on low false alarm rates. To offset the abovementioned constraints, this paper proposes a strategy to focus on detection involving statistical analysis of both attack and normal traffics based on the training data of KDD Cup 99. This strategy also includes a hybrid statistical approach which uses Data Mining and Decision Tree Classification. As a result, the statistical analysis can be manipulated to reduce misclassification of false positives and distinguish between attacks and false positives for the data of KDD Cup 99. Therefore, this strategy can be used to evaluate and enhance the capability of the IDS to detect and at the same time to respond to the threats and benign traffic in critical segments of network, application and database infrastructures.
65 citations
TL;DR: In this article, a procedure for the evaluation of single-point estimates of true and false positives without strong underlying parametric assumptions is presented, based upon the area operating characteristic and the Green area rule.
Abstract: A procedure is presented for the evaluation of single-point estimates of true and false positives without strong underlying parametric assumptions. The method is based upon the area operating characteristic and the Green area rule. Estimates of sampling error are also available. The procedure is extended to a strong one-parameter relation between true and false positives.
43 citations
TL;DR: In this article, false negatives and fake positives in a Socialization scale (So) existed as stable groups or whether they merely reflected random error, 27 pairs of delinquent (D) and non-delinquent (Nd) Ss matched on low scores on the California Psychological Inventory So scale and 33 matched pairs of high scorers were studied in relation to 41 psychological and social variables.
Abstract: To discover whether false negatives and fake positives in a Socialization scale (So) existed as stable groups or whether they merely reflected random error, 27 pairs of delinquent (D) and non-delinquent (Nd) Ss matched on low scores on the California Psychological Inventory So scale and 33 matched pairs of high scorers were studied in relation to 41 psychological and social variables. In a secondary analysis 27 pairs of high and low So scale scoring Nds on the one hand, and 57 pairs of high and low So scoring Ds were compared on the same 41 variables. The number of significant differences in the primary analysis far exceeded the amount expected by chance. The secondary analyses again revealed the diagnostic utility of the So scale. However, the use of a moderator variable, Law and School Difficulty scale (LS), in combination with the So scale improved prediction to the criterion. It was concluded that predictor misses should be studied to determine whether they represent stable subgroups or random error. A strategy for such studies was presented.
11 citations
2 citations