Reviews research on applying machine learning techniques to reduce false positives for network intrusion detection systems

High false positive rates impede the adoption of anomaly detection methods, which have promise for detecting novel cyber threats. Techniques reviewed include Extreme Learning Machine (ELM), Hidden Markov Models (HMM), situation awareness frameworks, ensemble methods, and feature selection algorithms when applied to contemporary benchmark datasets. Findings show combinations of ELM, HMMs, and ensemble classifiers can achieve reduced false positive rates. However, gaps still exist in research using current representative data.