The importance of false positives
An interesting paper was bought to my attention recently by this blog
post:
The Base Rate Fallacy and its implications for the difficulty of
Intrusion
Detection.
The central question of this paper is: if we have a flow of N packets
per day and our network IDS has a false-positive ...