[logs] too many false alarms
Stefano Zanero
zanero at elet.polimi.it
Fri Jan 25 11:35:47 PST 2008
Andrew Hay wrote:
> As a follow-up(-on) to Ron's response, I think that the resource being
> accessed also plays a role in determining the "acceptable" false alarm
> rate and the perceived usefulness of an anomaly detection system. I
In order to help everybody avoid reinventing the wheel, terminology and
formulas for these considerations are contained in:
http://portal.acm.org/citation.cfm?id=319710
--
Cordiali saluti,
Stefano Zanero
Politecnico di Milano - Dip. Elettronica e Informazione
Via Ponzio, 34/5 I-20133 Milano - ITALY
Tel. +39 02 2399-4017
Fax. +39 02 2399-3411
E-mail: zanero at elet.polimi.it
Web: http://home.dei.polimi.it/zanero/
More information about the LogAnalysis
mailing list