Definitions[]
Forensics[]
A false positive is "[i]ncorrectly classifying benign activity as malicious."[1]
Security[]
A false positive is
- "[a]n alert that incorrectly indicates that malicious activity is occurring."[2]
- "[a]n instance in which a security tool incorrectly classifies benign content as malicious."[3]
- "the misidentification of an individual as a person on a terrorist watch list when he or she is not, in fact, that person."[4]
Overview[]
"Every false positive also has an opportunity cost; that is, it is associated with a waste of resources — precious investigative or analytical resources that are expended in the investigation of a innocent individual. In addition, false positives put pressure on officials to justify the expenditure of such resources, and such pressures may also lead to abuses against innocent individuals."[5]
References[]
- ↑ NIST Special Publication 800-86, at C-1.
- ↑ NIST Special Publication 800-61 (rev. 1), Glossary, at D-1.
- ↑ NIST Special Publication 800-150, at 59.
- ↑ The Use of Commercial Data to Reduce False Positives in Screening Programs, at 2 n.3.
- ↑ Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment, at 40.