Cyber Crime-Confusion Matrix
What is Cyber Crime ?
Cybercrime is an illegal action against any person using a computer, its systems, and its online or offline applications.
Types of Cyber Attacks :
1.Brute-force attack : Trail and error approach to guess the password successfully.
2.Credential Stuffing : In this attack a cybercriminal uses stolen usernames and passwords from one organization(purchased off of the dark web)to access user accounts at another organization.
3.Phishing and Spear Phishing: It’s the practice of sending emails from a trusted-seeming source to gain personal information.
4.Malware attacks: This attack is due to a malicious software that is downloaded in your system without you being aware of its presence.
What is Confusion Matrix ?
A confusion matrix is a tabular summary of the number of correct and incorrect predictions made by a classifier. It is used to measure the performance of a classification model. It can be used to evaluate the performance of a classification model through the calculation of performance metrics like accuracy, precision, recall, and F1-score.
For a binary classification use case ,2*2 matrix is used as shown below
From the above diagram:
- Left side of Confusion matrix indicates the actual values of dataset.
- Top column indicates the predicted values of the machine learning model.
- If the actual and predicted values are same, then we can say that it is either True positive or True Negative.
- If the actual and predicted values are different ,then we can say that it is either False Positive or False Negative.
TN (True Negative) : It is an outcome where model correctly predicts the negative class.
TP (True Positive) : It is an outcome where model correctly predicts the positive class.
FN (False Negative): it is an outcome where model incorrectly predicts the negative class. It is type 2 error.
FP (False Positive) : It is an outcome where model incorrectly predict the positive class. It is type 1 error more dangerous than type 2 error.
Performance of confusion matrix depends on the following components:
- Accuracy : It is the closeness of measured value to the true value.
2. Precision : The ratio of correct positive predictions to the total predicted positives.
3. Recall : The ratio of true positives to the to the total number of true positives and false negatives.
How Confusion Matrix relate to Cybercrime ?
Let’s take an example
From above diagram there are total 165 records
Positive indicate attack has not happened and Negative indicate cyber crime has happened.
Among 165 records
TP :100 are True positive ,it means machine predicted cyber attack has not happened and it’s actually true.
TN : 50 are True negative ,it means machine predicted cyber attack has happened and it’s actually true.
FP : 10 are False positive , it means machine predicted cyber attack has not happened but it’s actually not true. This is type 1 error ,is more dangerous than type 2 error.
FN : 5 are False negative , it means machine predicted cyber attack has happened but it’s actually not true. This is type 2 error.
Accuracy : (TP + TN)/n =(100+50)/165 = 0.90
Precision : TP/(TP + FP) =100/(100 + 10) = 0.90
Recall : TP/(TP+FN) =100/(100+5) = 0.95