False negative

Definitions[]

Forensics[]

A false negative is "[i]ncorrectly classifying malicious activity as benign."^[1]

Security[]

A false negative is "[a]n instance in which a security tool intended to detect a particular threat fails to do so."^[2]

Overview[]

"False negatives are also a problem and the nightmare of the intelligence analyst. A false negative is someone who should be under suspicion and is not. That is, the analyst simply misses the terrorist. From a political standpoint, the only truly acceptable number for false negatives is zero — but this political requirement belies the technical reality that the number of false negatives can never be zero. Moreover, identifying false negatives in any given instance may be problematic. In the case of the terrorist investigation, it is essentially impossible to know with certainty if a person is a false negative until he or she is known to have committed a terrorist act."^[3]

References[]

↑ NIST Special Publication 800-86, at C-1.
↑ NIST Special Publication 800-150, at 59.
↑ Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment, at 40.

[1] NIST Special Publication 800-86, at C-1.

[2] NIST Special Publication 800-150, at 59.

[3] Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment, at 40.

[1]

[2]

[3]