在一篇介绍入侵检测的英文文章中提到了漏报、误报等一些概念,但其中提到攻击时用的是 legitimate attack,那不就成合法攻击了?还检测个啥子。
原文:
False negative: When a legitimate attack has taken place, but no alert was triggered.
True positive: An alert that something isn't right (i.e., there's a legitimate attack).
类似的还有一些句子,就不全贴过来了。所以这里的 legitimate attack 应该怎么理解?