Questions tagged [false-positive]
False positive is the case where the positive result of a test doesn't correspond to reality. It can lead to the wrong decision.
false-positive
238
questions
85
votes
3
answers
9k
views
Malwarebytes gives trojan warning for basic C# "Hello World!" program
Basically, I just ran a scan of my computer with Malwarebytes (updated the definitions before running), and it said my "helloworld" program written in C# has a trojan.
I know for a fact this is a ...
- 887
62
votes
17
answers
13k
views
Accidentally created a virus?
I've seen it happen reasonably often: I write an application in Delphi and when I compile it, the virus-scanner tells me that I've created a virus and then immediately deletes the executable again. It'...
- 26.2k
41
votes
6
answers
15k
views
Antivirus False positive in my executable
I just ran into an annoying problem. Suddenly Avira AntiVir started to flag one executable from my software as being a virus.
As the default action from almost any user is to click OK and Avira ...
- 36.1k
40
votes
3
answers
5k
views
Helgrind (Valgrind) and OpenMP (C): avoiding false positives?
The documentation for the Valgrind thread error detection tool Helgrind, found here
warns that, if you use GCC to compile your OpenMP code, GCC's OpenMP runtime library (libgomp.so) will cause a ...
- 2,287
31
votes
6
answers
21k
views
Program Download - IE CHROME - "is not commonly downloaded and could be dangerous."
I have an installer for my C# program, I uploaded it to my website, but whenever I try to download it in chrome or IE, I get "MY FILE* is not commonly downloaded and could be dangerous." You can only ...
- 4,932
16
votes
3
answers
18k
views
how to recompile the bootloader of Pyinstaller
I have an AntiVirus false positive problem of my exe file generated using PyInstaller, by searching i found this answer witch consist of recompiling the bootloader and i just can't get it done.
This ...
- 346
14
votes
2
answers
10k
views
How do you deal with false positives from antivirus companies (Avast and ClamAV)? [duplicate]
Possible Duplicate:
Antivirus False positive in my executable
One application is currently getting detected by a false positive for virus by Avast and ClamAV (never heard of the latter).
I have ...
- 5,543
12
votes
4
answers
4k
views
How to stop antivirus false positives everytime we re-release software?
Windows Defender and AVG/Avast pickup our software application as a virus/false positive everytime we release. We have a code signing certificate and add taggant as well.
Every time we release the ...
- 2,686
10
votes
2
answers
728
views
Is the clang static analyzer confused by popping the front from a list of unique_ptrs?
The following C++11 code is a minimal example of what I believe triggers a false positive in clang:
#include <iostream>
#include <list>
#include <memory>
class ElementType {};
int ...
- 1,099
10
votes
4
answers
1k
views
Need explanation on the necessity of a prior flushing to avoid false positives whenTesting with Spring ?
In the spring documentation regarding testing, it states:
Avoid false positives when testing ORM
code
When you test code involving an
ORM framework such as JPA or
Hibernate, flush the ...
- 19.5k
9
votes
2
answers
33k
views
How to change all bit type column NULL values to false in all database in MSSQL?
I have a database in with I have many bit type columns.
After adding other columns I need all old columns to have default "false" values.
- 113
9
votes
1
answer
2k
views
Trying to suppress clang false positive leak warning
I am using clang static analysis under Xcode 6.4 (6E35b), and getting a false positive warning about a potential memory leak. I do explicitly free the memory in question, but the freeing happens in a ...
- 662
8
votes
2
answers
25k
views
how to calculate roc curves?
I write a classifier (Gaussian Mixture Model) to classify five human actions. For every observation the classifier compute the posterior probability to belong to a cluster.
I want to valutate the ...
- 317
8
votes
2
answers
2k
views
clang-analyze: how to avoid "garbage value" warning?
When checking
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
char c[20];
size_t l;
l = fread(c, sizeof c, 1, stdin);
if (l != 1)
return 1;
...
- 6,834
8
votes
1
answer
2k
views
IE9 SmartScreen Warning, Despite Following All Recommendations
We offer a Windows program downloadable as an InstallShield EXE from our website.
When someone running IE9 attempts to download and run our software, they see the following message at the bottom of ...
- 6,399
8
votes
3
answers
6k
views
Google Chrome: File is malicious
But Its a lie
I am facing this issue with my installer:
Installer exe when downloaded from the websites in Chrome are flagged as being malicious software.
To overcome this problem so far we have tried ...
- 2,923
7
votes
3
answers
23k
views
Manually calculate AUC
How can I obtain the AUC value having fpr and tpr? Fpr and tpr are just 2 floats obtained from these formulas:
my_fpr = fp / (fp + tn)
my_tpr = tp / (tp + fn)
my_roc_auc = auc(my_fpr, my_tpr)
I know ...
user9370613
7
votes
2
answers
3k
views
Tensorflow high false-positive rate and non-max-suppression issue
I am training Tensorflow Object detection on Windows 10using faster_rcnn_inception_v2_coco as pretrained model. I'm on Windows 10, with tensorflow-gpu 1.6 on NVIDIA GeForce GTX 1080, CUDA 9.0 and ...
- 177
7
votes
3
answers
4k
views
Py2Exe application flagged as malware by Windows Defender; what to do?
I have an application I wrote for my company in Python 2.x, PyQT4, and MySQLdb and packaged with py2exe.
Recently, I made some updates to the application, Porting it to Python 3.4 and PySide. I also ...
- 309
6
votes
2
answers
3k
views
Is it OK if the false positive rate in a ROC curve does not end in 1.0?
I have the following ROC Curve:
And it does not end in 1.0 because my predictions include zeros, for example
prediction = [0.9, 0.1, 0.8, 0.0]
For the ROC Curve, I take the top-k predictions, first ...
- 741
6
votes
2
answers
490
views
MarkLogic cts:element-query false positives?
Given this document :-
<items>
<item><type>T1</type><value>V1</value></item>
<item><type>T2</type><value>V2</value></...
- 125
6
votes
2
answers
2k
views
How to implement fact related to false positive vs. false negative balance in neural network?
I have a yes/no classification problem, where false positives are worse than false negatives.
Is there a way to implement this fact into neural network especially in MATLAB's Neural Network Toolbox?
- 852
6
votes
2
answers
6k
views
OWASP ZAP - how to "prove" false positives?
Our customer requires us to run the OWASP ZAP tool against our web application (ASP.NET 4.5.2, Webforms) and we cannot have any high priority findings in the report.
We've done the analysis, and ...
- 743k
6
votes
2
answers
5k
views
My C# app is getting flagged by anti-virus apps. How do I figure out why? [closed]
I have a C# app that is getting flagged by multiple anti-virus apps (AVG and Norton so far) as "behaving suspiciously". I don't have any experience with this, and there are lots of things I suppose ...
- 57.3k
6
votes
1
answer
2k
views
C# app appears false positive in AVG antivirus?
I have created a C# application that I've been testing on my other computer throughout the developing phase. However now that I've completed the app with few recent things that I added, the app is ...
- 3,506
6
votes
2
answers
952
views
What kind of non-lethal code usually triggers an antivirus? (false positives)
I don't know why, but I've had no problem before and now all of a sudden, this really old, terrible, newbie program that I wrote a long time ago, triggers Malwarebytes... :(
This question is not a ...
- 5,508
5
votes
1
answer
11k
views
How to permanently ignore a false positive in SonarQube rule violation
How does a developer ( or for that matter any authorized user ) ignore a specific coding rule violation when Sonar throws it? Say a rule “Does not follow file naming convention ” pops up , is there a ...
- 53
5
votes
2
answers
6k
views
Sonarqube squid:S2095 false positive
In our code base we get Sonar reports violation for rule squid:S2095 on code like the following:
PreparedStatement ps = null;
try {
ps = connection.prepareStatement(DML);
ps....
- 51
5
votes
2
answers
2k
views
How to prevent application being marked as suspicious
I have a .NET application written in C# using Visual Studio 2012. I'm promoting the application through my own website and have it available for download. When downloading it in Chrome I get a message ...
- 10.6k
4
votes
2
answers
5k
views
How can I switch the ROC curve to optimize false negative rate?
ROC curves plot TPR vs. FPR and vary the thresholds based on the rank order of the probabilities of the training set. The threshold that is picked is the probability associated with the point in the ...
- 1,071
4
votes
1
answer
5k
views
Sonar reports false positive for insufficient branch coverage in try-with-resources block
Using the latest version (4.3.2) of SonarQube, a try-with-resources block gives a false positive to branch coverage of the catch line. For example:
public List<String> getLines(String filename) ...
- 419k
4
votes
3
answers
2k
views
Rspec false positive because failure exception is rescued in code being tested
I have an rspec test that I expect to fail, but it is passing because the code that it is testing rescues the exception that rspec raises. Here's an example of the situation:
class Thing do
def ...
- 949
4
votes
1
answer
1k
views
Words to exclude from a search
I am looking for a list of words that I can use as exclusions from a product search, as they will give to many false positives.
This would include things like 'a', 'with', 'and', 'the' and so forth. ...
- 162
4
votes
2
answers
3k
views
@SuppressWarnings broken in SonarQube?
In SonarQube 4.5.x LTS the annotation @SuppressWarnings could be used to suppress false positives in code but after upgrading to 5.4 and re-arranging some packages these, previously suppressed, issues ...
- 2,737
4
votes
1
answer
2k
views
How does Overfitting result in false positives in Object detection?
I am doing tensorflow object detection and I find that there are lot of false positives. One of the main reasons that I see for this is the case of overfitting. But my doubt is how does false positive ...
- 794
4
votes
1
answer
2k
views
SonarQube, jump statements in finally block (squid:S1143)
I know, jump statements in finally block should not be used. In this simple example 'break' is used to break the 'switch'. SonarQube (5.6.3) with
sonar-java 4.5.0.8398 reports an issue on:
"Jump ...
- 173
4
votes
1
answer
2k
views
Plot of probability of false alarm and ROC curve
How to plot a graph for false positives per window vs miss rate (or probability of false alarm) and ROC (receiver operating curve) for an object detection application using video?How to determine the ...
- 107
4
votes
1
answer
2k
views
NP_NULL_PARAM_DEREF_NONVIRTUAL: i donot understand or false positive
Findbugs triggers NP_NULL_PARAM_DEREF_NONVIRTUAL in the below statement
I can't figure out why findbugs recognize registerationdate as nonnull parameter. I can see the second constructor checks ...
- 121
4
votes
1
answer
113
views
Can I tell Visual Studio Code that I do not want to see certain types of Problems which are actually false positives?
I updated to Julia 1.8.1 and noticed that now I have thousands of items in the Visual Studio Code PROBLEMS tab. Clicking on the PROBLEMS button I see that most of them are not due to problems in my ...
- 4,718
4
votes
0
answers
229
views
FASM executables & AV false positives
I'm currently working with FASM to compile Windows executables. However, I have noticed that there is a high rate of AV false positives, which I'm trying to understand and resolve.
My approach is to ...
- 14.6k
4
votes
0
answers
272
views
How to handle text classification model that gives few results with higher confidence to wrong category?
I had a dataset of 15k records. I trained the model using a k-train package and 'bert' model with 5k samples. The train-test split is 70-30% and test results gave me accuracy and f1 scores as 93-94%. ...
- 41
4
votes
1
answer
4k
views
Strange behaviour of findbug with RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT
I have findebug which check find bug in one case and dont fing in another, and i completely do not understand how its connected.
So i encounter this RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT and started ...
- 361
4
votes
1
answer
610
views
clang++ 3.3 static analyser, how to get rid of a false positive?
I've been running clang 3.3's static analyser on various projects of mine. Except some issues that were my own fault (which was to be expected, I would have been both very sad and very smug otherwise),...
- 14.9k
3
votes
2
answers
15k
views
Bonferroni correction of p-values from hypergeometric analysis
I have performed a hypergeometric analysis (using a python script) to investigate enrichment of GO-terms in a subset of genes. An example of my output is as follows:
GO00001 1500 300 200 150 5....
- 317
3
votes
1
answer
7k
views
ROC curve from the result of a classification or clustering
Say that I've clustered a training dataset of 5 classes containing 1000 instances, to 5 clusters (centers) using for example k-means. Then I've constructed a confusion matrix by validating on a test ...
- 5,206
3
votes
2
answers
452
views
My program is getting a false positive from AVG
My program is getting a false positive from AVG. Its just our companies branded version of Ultra VNC. Its only this one company that's identifying it as a virus and we've been using the same copy of ...
- 4,319
3
votes
1
answer
3k
views
Rails Best Practices false positive unused methods
I'm using Rails best practices to validate my own code.
./app/controllers/news_items_controller.rb:2 - remove unused methods (NewsItemsController#new)
./app/controllers/news_items_controller.rb:2 - ...
- 13.4k
3
votes
2
answers
761
views
Handling "incompatibily" overloaded names in Cppcheck
I'm stuck with a "conflict" between with AnsiStrings sprintfmember function and Cppcheck's built-insprintf` knowledge.
In cases like this,
const char* name = "X";
int version = 1;
...
- 9,854
3
votes
2
answers
720
views
False positive vs. false negative trade off plot
I'm working on a decision making analysis where I'm trying to illustrate the trade off between false positive (false go) vs. false negative (false no-go) using R. I have created a density plot with ...
- 155
3
votes
1
answer
455
views
Block port for integration testing
Is there a way to block a port for running Java application, to emulate connectivity failures, for false-positive tests:
Block connection to DB to emulate **DB failure
Block connection to JMS to ...
- 7,672