Cyber Crime and Confusion Matrix
Hellooo!🤗
What is confusion matrix ?
A Confusion matrix is an N x N matrix used for evaluating the performance of a classification model, where N is the number of target classes. The matrix compares the actual target values with those predicted by the machine learning model.
In the confusion matrix above, rows correspond to predicted categories, while columns correspond to actual categories.
True Positive (TP): The amount of attack detected when it is actually attack. ✌
True Negative (TN): The amount of normal detected when it is actually normal. this is the most dangerous type of error.😏
False Positive (FP): The amount of attack detected when it is actually normal (False alarm).🤔
False Negative (FN): The amount of normal detected when it is actually attack. 🟥
What is Cyber Crime?
Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked device. Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make money. Cybercrime is carried out by individuals or organizations.
Some cybercriminals are organized, use advanced techniques and are highly technically skilled. Others are novice hackers.
Rarely, cybercrime aims to damage computers for reasons other than profit. These could be political or personal.
Types of cyber crime
- Phishing Scams
- Website Spoofing
- Ransomware
- Malware
- IOT Hacking
Cybercrime that targets computers often involves viruses and other types of malware.
Cybercriminals may infect computers with viruses and malware to damage devices or stop them working. They may also use malware to delete or steal data.
How confusion matrix helps in detection or monitoring of cyber crime?
lets take a example of 1000 data traffic we get.
As we can see from the above diagram the True positive value is 560 that means the 560 packets received are safe. Then we can see that model said that 330 packets were suspicious and dangerous, and they were dangerous in actuality, so the machine gave us the correct information, and we were able to deal with it in time. Now we have 50 such packets which are predicted negative while they are actually positive that means this is a false alarm. It says that the packet received is unsafe to make the team check on it and find nothing wrong with it. Finally the 60 packets we got were predicted positive while they were actually false giving us false sense of direction that it is safe. this will make the team believe it is safe and not check it making it a very big threat.
Here we see the 2 types of errors:
Type 1 error
which is false negative sends us in a wrong direction. This type of error is dangerous to the server in real-world example. It is like something bad happened, and we were notified that everything is fine just like in above example we have 60 such packets.
Type 2 error
This is a false positive or a false alarm. they are not very dangerous in the real world just like in above example we have 50 such packets.
So this is how the confusion matrix help in cyber attack monitoring. The team checks the matrix and evaluates everything, and even tries to reduce the type 1 error as much as possible.
If you have any suggestions or queries feel free to contact me
Thank You!!!😄