Automated False Positive Filtering for esNetwork Alerts. (arXiv:2208.12729v1 [cs.CR])

An Intrusion Detection System (IDS) is one of the security tools that can
automatically analyze network traffic and detect suspicious activities. They
are widely implemented as security guarantee tools in various business
networks. However, the high rate of false-positive alerts creates an
overwhelming number of unnecessary alerts for security analysts to sift
through. The esNetwork is an IDS product by eSentire Inc. This project focuses
on reducing the false-positive alerts generated by esNetwork with the help of a
Random Forest …

alerts automated false positive