误报率

实验表明，与基于系统调用全集的方法相比，基于W子集的入侵检测技术具有较低的误报率，且所需存储空间代价和计算代价都较小，因而更加适合于实时入侵检测。

Experiments show that the new technique has low false positive rate , low storage-cost , high computing efficiency and hence is applicable to real-time intrusion detection .

但是现有的内嵌式IPS所采用的检测算法并不十分完善，使得检测入侵的误报率和漏报率很高；

However current detection algorithm of IPS is not effective , likely to lead to high false positive rate and false negative rate , and it 's single sensor structure is incapable of detection of coordinated attack .

基于后向传播的算法能够有效地识别出P2P主机，且误报率低。

The method based on BP can identify P2P hosts effectively , and has low false alarm rate .

人工免疫系统（ArtificialImmuneSystem，AIS）可以很好的弥补IDS系统的检测准确率较低，漏报和误报率较高缺点；

The disadvantage of IDS that possesses the low accurate rate and high efficiency of fail report and misinformation can be good fetched up by AIS ( Artificial Immune System ) .

开发过程中使用严格的控制流图和函数调用图生成算法，使得CTCheck具有低误报率和低漏报率的特点。

In the process of its development , we use strict generation algorithm of control flow graph and the function call graph to make CT_Check with low false alarm and low omission rate .

该系统利用了ASIC保密性能好的特点，工作时误报率低。

The system utilizes the security feature of ASICs , and it has a low rate of false alarm in operation .

仿真实验证明：文中的基于改进的K–means算法的入侵检测系统降低了误检率和误报率，提高了入侵检测质量。

The simulation results show that : The intrusion detection system based on improved K-means algorithm in this paper reduced the error rate and the seizure rate of false positives and improved the quality of intrusion detection .

但是，传统IDS的检测机制具有细粒度、孤立性、弱的环境意识、误报率高等缺点。

But the detection mechanisms of traditional IDSs has weaknesses including too fine grain , isolated alarming , lack of environmental consciousness and high rate of fals alarms .

然而，对网络性能的影响和较高的入侵检测误报率制约了IPS系统的发展和应用。

However , the firewall module of IPS impacts network performance greatly , and false alarms from IDS module trouble a lot .

实验结果表明该混合系统的漏报率和误报率都低于HMM方法。

Experimental results show that the false negative rate and the false positive rate of the hybrid system are both lower than the HMM based system .

实验结果表明，采用DARPA1999年IDS评测数据集，在选定的97个待检测的攻击实例中，当保证误报率低于1%时，本方法可以达到50%以上的检测准确率。

Results show that this method can attain above 50 % accurate rate with below 1 % false rate in 97 specified attacking cases from DARPA 1999 IDS evaluation dataset .

通过与BP网络和HMM方法实现的异常检测效果相比较，我们可以看出，RBF方法的检测率较高，误报率较低，训练时间短。

Compared with the BP neural networks and the HMM based method , the method based on RBF networks has higher detection rate , lower false positive rate and shorter training time .

实验结果表明，该算法正确鉴定合法的用户矢量为93%，发生7%的误报率.与BP、GA算法相比，分别高出2.875%和5.562%。

The experiments proved that this kind of method has 93 % detection rate , 7 % false negatives , compared with BP and GA , higher 2 . 875 % and 5 . 562 % respectively .

传统入侵检测系统（IntrusionDetectionSystem，IDS）由于检测规则库难于及时更新、统计模型难以建立等问题，存在着较高的误报率和漏报率，特别对拒绝服务攻击等入侵行为更是难以检测。

Because the traditional intrusion detection system ( IDS ) has some difficulties in updating the rule sets and establishing statistical model , there are high false alarm rate and false negative rate . It is especially difficult to detect the denial of service attacks .

大量研究表明：关联规则在入侵检测系统中的应用可以发现未知的入侵模式，IDS的检测率可被提高，然而误报率也增加了。

Numerous studies show that : the application of association rules in intrusion detection system can find unknown intrusion patterns , raise the detection rate of IDS , but also raise the false rate .

实验结果表明，BDA算法对Bot进程的检测率较高，并能较好的区分正常进程和Bot进程，误报率较低。

Experiment results show that BDA can detect Bots with a high detection rate and can well distinguish between normal processes and Bot process with a low false positive degree .

改善自动事件检测方法的检测率（DR）、误报率（FAR）和平均检测时间（MTTD），对于提高事件管理效率至关重要。

It is critical that Detection Rate ( DR ), False Alarm Rate ( FAR ) and Mean Time to Detection ( MTTD ) are improved in expressway automatic incident detection .

对于其他检测报警系统来说，EAS系统中面临的困难广泛存在于其他检测报警系统当中：更高的检测率和更低的误报率。

The contradiction encountered in EAS system commonly existed in any detecting and alarming systems : the higher detecting rate and the lower false alarming rate .

最后，通过基于KDDCUP1999数据集的实验测试，仿真结果表明，新算法在具有较低的误报率同时，也具有良好的检测率。

Finally , a series of experiments on well known KDD Cup 1999 dataset demonstrate that our new algorithm has low false positive rate while ensuring high detection rate .

在此基础上，将欧氏距离（EuclideanDistance）引入了入侵检测系统以降低入侵检测系统的误报率，并提出了基于Euclidean距离的入侵检测方法IntrusionDetectionBasedonEuclideanDistance（EDID）。

In analyze the deficiency of traditional intrusion detection system , a new kind of intrusion detection method , which named EDID ( An Intrusion Detection Method Based on Euclidean Distance ) is put forward for reduce false positive rate .

实验数据证明，该系统不仅能识别出更多的P2P应用，而且还具有较高的识别率和较低的误报率和漏报率，应用到实际网络中效果良好。

According to the experiment data , we prove that the system not only can identify more P2P applications , but also has higher Identify-Rate and lower False Negative and False Positive . It has good effects in the actual network .

然而传统的IDS（IntrusionDetectionSystem）存在着很多问题，如：对未知网络攻击检测能力差、误报率高，对攻击数据的关联和分析功能不足等。

Intrusion detection has become an important means of security , however , there are many problems in the traditional IDS ( Intrusion Detection System ), such as the bad detection capability against the unknown network attack , high false alarm rate , insufficient analysis capability and so on .

本文利用入侵响应警报矩阵，对入侵检测系统的性能指标进行了分析，对检测正确率、漏报率、误报率、警报可信度和IDS效率进行了分析。

Based on the intrusion response alarm matrix , the paper analyzed the performance index of the intrusion detection system , the probability of correction for inspect , false positive , false negative , alarm reliability and IDS efficiency .

因此，研究Kalman滤波算法，减小模型的不确定性和信号扰动对管道泄漏检测与定位精度的影响，降低泄漏误报率，具有重要的理论意义和应用价值。

As a result , researching Kalman filter algorithm , in the premise of , reducing model uncertainty and signal disturbance on pipeline leak detection and location accuracy , and decreasing the leakage false alarm have significant theoretical significance and application value .

根据推测路径需要的数据包数量、推测复杂性和误报率等参数，对不同的随机包标记（PPM）算法进行了评价。

The most promising probabilistic packet marking ( PPM ) schemes were evaluated based on the ( basis ) of the received packet number required for reconstructing the attacking path , computation complexity and false positive etc.

提出的类似Hamming距离的检测算法，使误报率低于10%。

A similar Hamming distance method is adopted in the detection , which is effective in reducing false positive errors and false negative errors ; the error rate is less than 10 % .

本文给出了Android平台恶意软件静态监测系统的相关设计及实现，通过实验测试，验证了静态检测系统在一定的误报率、漏报率范围内，可以有效地检测出应用程序中存在的常见恶意行为。

This paper gives the design and implementation of malwares static detection system on Android . Through experimental tests to verify the system can effectively detect the common malicious behavior at a certain rate of false positives , false negative range .

本文首先分析当前网络安全问题的现状，即入侵检测系统的漏报率和误报率高一直是困扰IDS用户的主要问题，指出了研究和发展入侵检测系统具有非常重要的意义；

Firstly , this dissertation analyzes the present situation of network security problems , the false positive and the false negative of Intrusion Detection System are very high and it was always the main problem that bothered the user of IDS .

CUSUM异常检测模型以较少的资源开销，较低的计算复杂度，较低的误报率实现了对拒绝服务攻击的异常流量检测。

CUSUM anomaly monitoring model realized the detection of abnormal flow data for attacks of service denial with less overhead , low computational complexity and low misstatement rate .

为了更有效地降低误报率和提高检测率，并且考虑到入侵检测本身存在的模糊性，于是对基于SOM聚类的网络入侵检测方法进行了改进，最终又提出了模糊SOM的网络入侵检测方法。

For more efficiently decrease false positive rate and increase detection rate , and taking fuzziness that intrusion detection has itself into consideration , we improve SOM clustering-based network intrusion detection method , and present fuzzy SOM network intrusion detection method .