Cyber Crime-Confusion Matrix

What is Cyber Crime ?

Cybercrime is an illegal action against any person using a computer, its systems, and its online or offline applications.

Types of Cyber Attacks :

1.Brute-force attack : Trail and error approach to guess the password successfully.

2.Credential Stuffing : In this attack a cybercriminal uses stolen usernames and passwords from one organization(purchased off of the dark web)to access user accounts at another organization.

3.Phishing and Spear Phishing: It’s the practice of sending emails from a trusted-seeming source to gain personal information.

4.Malware attacks: This attack is due to a malicious software that is downloaded in your system without you being aware of its presence.

What is Confusion Matrix ?

A confusion matrix is a tabular summary of the number of correct and incorrect predictions made by a classifier. It is used to measure the performance of a classification model. It can be used to evaluate the performance of a classification model through the calculation of performance metrics like accuracy, precision, recall, and F1-score.

For a binary classification use case ,2*2 matrix is used as shown below

From the above diagram:

  1. Left side of Confusion matrix indicates the actual values of dataset.
  2. Top column indicates the predicted values of the machine learning model.
  3. If the actual and predicted values are same, then we can say that it is either True positive or True Negative.
  4. If the actual and predicted values are different ,then we can say that it is either False Positive or False Negative.

TN (True Negative) : It is an outcome where model correctly predicts the negative class.

TP (True Positive) : It is an outcome where model correctly predicts the positive class.

FN (False Negative): it is an outcome where model incorrectly predicts the negative class. It is type 2 error.

FP (False Positive) : It is an outcome where model incorrectly predict the positive class. It is type 1 error more dangerous than type 2 error.

Performance of confusion matrix depends on the following components:

  1. Accuracy : It is the closeness of measured value to the true value.

2. Precision : The ratio of correct positive predictions to the total predicted positives.

3. Recall : The ratio of true positives to the to the total number of true positives and false negatives.

How Confusion Matrix relate to Cybercrime ?

Let’s take an example

From above diagram there are total 165 records

Positive indicate attack has not happened and Negative indicate cyber crime has happened.

Among 165 records

TP :100 are True positive ,it means machine predicted cyber attack has not happened and it’s actually true.

TN : 50 are True negative ,it means machine predicted cyber attack has happened and it’s actually true.

FP : 10 are False positive , it means machine predicted cyber attack has not happened but it’s actually not true. This is type 1 error ,is more dangerous than type 2 error.

FN : 5 are False negative , it means machine predicted cyber attack has happened but it’s actually not true. This is type 2 error.

Accuracy : (TP + TN)/n =(100+50)/165 = 0.90

Precision : TP/(TP + FP) =100/(100 + 10) = 0.90

Recall : TP/(TP+FN) =100/(100+5) = 0.95