What is a false positive and how could it be used to hide a real attack? Solution False positives are alerts generated by an IDS because it thinks it has detected a valid attack against a monitored system,but the attack really is not valid.False Positives are problems because they create alert noise that can hide a real attack,and then can send you a wild goos chases for attacks that never relly happened. A False positive occurs when an IDS generates an alert on either Network traffic that looks like an attack to the IDS,but isnot an attack. A real attack that attack doesnot applyto the system being monitored. A false negative is a real attack that was missed by the IDS, and therefore not alerted on.An IDS might miss an attack because the attack is not one it recognizes,becuse the IDS overwhelmed or because the attacker has successfully used a method of evading the IDS. .