Confusion Matrix in Cyber Security
Dear Readers,
This article is for those who want to understand the concept of Confusion Matrix in Cyber Security domain using a real life case study.
Confusion Matrix is used to describe the performance of a model by determining its accuracy, precision, etc. It uses predicted and actual values to find the accuracy, precision, recall of the algorithm.
Case : Intrusion Detection System
True Positive (TP) : The IDS detects that there is no malicious activity happening and it turns out to be true.
True Negative (TN) : The IDS detects that there is some kind of malicious activity happening and it turns out to be true.
False Positive (FP) :The IDS detects that there is no malicious activity happening, but in reality, there is some kind of malicious activity happening.. It is also called Type I Error. → VERY DANGEROUS
False Negative (FN) : Thxe IDS detects that there is some kind of malicious activity, but there is no such activity happening (Kind of FALSE ALARM). It is also called Type II Error. → FALSE ALARM
Accuracy : Ratio of the : Sum of Correct Predictions to the Sum of Total Predictions
Recall : Ratio of the
Sum of Correct Positive Predictions to the Sum of Total Positive Outcomes
Precision : Ratio of the
Sum of Correct Positive Predictions to the Sum of Total Positive Predictions
I hope this small explanation has enough content and points to understand Confusion Matrix.