Cybercrime — Confusion Matrix

What is cybercrime?

Cybercrime is any criminal activity that involves a computer, networked device, or network. While most cybercrimes are carried out in order to generate profit for the cybercriminals, some cybercrimes are carried out against computers or devices directly to damage or disable them, while others use computers or networks to spread malware, illegal information, images, or other materials. Some cybercrimes do both — i.e., target computers to infect them with a computer virus, which is then spread to other machines and, sometimes, entire networks.

What is confusion Matrix?

A confusion matrix is a table that is often used to describe the performance of a classification model (or “classifier”) on a set of test data for which the true values are known. The confusion matrix itself is relatively simple to understand, but the related terminology can be confusing.

What can we learn from this matrix?

  • There are two possible predicted classes: “yes” and “no”. If we were predicting the presence of a disease, for example, “yes” would mean they have the disease, and “no” would mean they don’t have the disease.

Let’s now define the most basic terms, which are whole numbers (not rates):

  • true positives (TP): These are cases in which we predicted yes (they have the disease), and they do have the disease.

Confusion Matrix in Cybercrime

As confusion Matrix defines the positive and negative errors it is used to Identify the performance of the model.

The confusion matrix plays a very important role in cybersecurity. The type II error which is known as false negative can be very much harmful in cybersecurity cases. The machine learning model which is predicting attacks can predict a false negative which means the model has predicted the negative result but the actual result was positive. In cybersecurity case, it can be understood as some hackers tried to attack the server but our ML model predicted the negative result and according to it there were no attacks but in actuality, the hackers attacked the server and now have access to the server which can be very dangerous for the server data.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store