Cybercrime — Confusion Matrix
What is cybercrime?
Cybercrime is any criminal activity that involves a computer, networked device, or network. While most cybercrimes are carried out in order to generate profit for the cybercriminals, some cybercrimes are carried out against computers or devices directly to damage or disable them, while others use computers or networks to spread malware, illegal information, images, or other materials. Some cybercrimes do both — i.e., target computers to infect them with a computer virus, which is then spread to other machines and, sometimes, entire networks.
What is confusion Matrix?
A confusion matrix is a table that is often used to describe the performance of a classification model (or “classifier”) on a set of test data for which the true values are known. The confusion matrix itself is relatively simple to understand, but the related terminology can be confusing.
What can we learn from this matrix?
- There are two possible predicted classes: “yes” and “no”. If we were predicting the presence of a disease, for example, “yes” would mean they have the disease, and “no” would mean they don’t have the disease.
- The classifier made a total of 165 predictions (e.g., 165 patients were being tested for the presence of that disease).
- Out of those 165 cases, the classifier predicted “yes” 110 times, and “no” 55 times.
- In reality, 105 patients in the sample have the disease, and 60 patients do not.
Let’s now define the most basic terms, which are whole numbers (not rates):
- true positives (TP): These are cases in which we predicted yes (they have the disease), and they do have the disease.
- true negatives (TN): We predicted no, and they don’t have the disease.
- false positives (FP): We predicted yes, but they don’t actually have the disease. (Also known as a “Type I error.”)
- false negatives (FN): We predicted no, but they actually do have the disease. (Also known as a “Type II error.”)
Confusion Matrix in Cybercrime
As confusion Matrix defines the positive and negative errors it is used to Identify the performance of the model.
The confusion matrix plays a very important role in cybersecurity. The type II error which is known as false negative can be very much harmful in cybersecurity cases. The machine learning model which is predicting attacks can predict a false negative which means the model has predicted the negative result but the actual result was positive. In cybersecurity case, it can be understood as some hackers tried to attack the server but our ML model predicted the negative result and according to it there were no attacks but in actuality, the hackers attacked the server and now have access to the server which can be very dangerous for the server data.