Cyber Crimes and Confusion Matrix
What is a Cyber Crime? 👨💻
Some say Crimes that are happening in Cyber 😉 LOL , Not Really !!!
Cyber crime is defined as a an illegal activity which involves the use of computer or another digital device and network. It is mostly attack on information which is personal and of high importance for individual, organization or government and its exposure can cause serious threats, infrastructure damages, financial loss, and even loss of life.
Some of the examples of cyber attacks are:
- Stealing corporate attack and hacking servers
- Exposing someone privacy and harassing
- Stealing bank details and card details
- Fishing Sites and Scam
- IoT device hacking
- Flooding the servers with unnecessary traffic
From Small to Big Corporations will use Intrusion Detection Software like SolarWinds Security Event Manager, McAfee Network Security Platform etc.
Under the hood these Intrusion Detection Software run ML model which is trained using big data, so these software can take actions autonomously and alert the team incase of attack.
Even SolarWinds got hacked recently 😅, trust me its scary😱. If you want to read more about the SolarWinds Cyber Attack you can refer this link.
Now, you understood Cyber Crime and you will be wondering What is it do with Confusion Matrix?
What is Confusion Matrix ?
As the name implies its a matrix which confuses everyone who tries to understand its principle, Gottcha !! just kidding 😂
A Confusion matrix is an N x N matrix used for evaluating the performance of a classification model, where N is the number of target classes. The matrix compares the actual target values with those predicted by the machine learning model. This gives us a holistic view of how well our classification model is performing and what kinds of errors it is making.
Let us try to comprehend the above image and try to understand its significance.
- The target variable has two values: Positive or Negative
- The columns represent the actual values of the target variable
- The rows represent the predicted values of the target variable
There are Four outcomes in Confusion Matrix:
- TP: True Positive: Predicted values correctly predicted as actual positive
- FP: Predicted values incorrectly predicted an actual positive. i.e., Negative values predicted as positive. Also known as the Type 1 error
- FN: False Negative: Positive values predicted as negative. Also known as the Type 2 error
- TN: True Negative: Predicted values correctly predicted as an actual negative
The accuracy of a model (through a confusion matrix) is calculated using the given formula below.
Accuracy = TN+TP / TN+FP+FN+TP
Accuracy can be misleading if used with imbalanced datasets. In Python, confusion matrix can be obtained using “confusion_matrix()” function which is a part of “sklearn” library. This function can be imported into Python using “from sklearn.metrics import confusion_matrix.” To obtain confusion matrix, users need to provide actual values and predicted values to the function.
Example:
Let’s take an example:
We have a total of 20 Requests to our Intrusion Detection System and the model predicts whether it is an attack or no-attack.
- Actual values = [‘attack’, ‘no-attack’, ‘attack’, ‘no-attack’, ‘attack’, ‘attack’, ‘no-attack’, ‘attack’, ‘no-attack’, ‘attack’, ‘attack’, ‘attack’, ‘attack’, ‘no-attack’, ‘attack’, ‘attack’, ‘no-attack’, ‘attack’, ‘attack’, ‘no-attack’]
- Predicted values = [‘attack’, ‘attack’, ‘attack’, ‘no-attack’, ‘attack’, ‘attack’, ‘no-attack’, ‘no-attack’, ‘no-attack’, ‘no-attack’, ‘attack’, ‘attack’, ‘attack’, ‘no-attack’, ‘attack’, ‘attack’, ‘no-attack’, ‘attack’, ‘attack’, ‘no-attack’]
The outcome of the model described based on Confusion Matrix’s objects.
True Positive (TP) = 6
True Negative (TN) = 11
False Positive (Type 1 Error) (FP) = 2
False Negative (Type 2 Error) (FN) = 1
From the above example, we have have on False Positive(FN) which means there was an attack and our Intrusion Detection System failed to send an alert for this attack. Type-1 Errors are very dangerous as the attacks goes un-noticed and becomes a serious threat to the organization.
So this is how the confusion matrix help in cyber attack monitoring. The team checks the matrix and evaluates everything, and even tries to reduce the Type-1 error as much as possible
That’s all everyone, be safe and try not to get hacked !!!😉
Happy Learning !!!✌️