Confusion Matrix and cybersecurity

When we get the data, after data cleaning, pre-processing and wrangling, the first step we do is to feed it to an outstanding model and of course, get output in probabilities. But hold on! How in the hell can we measure the effectiveness of our model. Better the effectiveness, better the performance and that’s exactly what we want. And it is where the Confusion matrix comes into the limelight. Confusion Matrix is a performance measurement for machine learning classification.

What is Confusion Matrix and why you need it?

Well, it is a performance measurement for machine learning classification problem where output can be two or more classes. It is a table with 4 different combinations of predicted and actual values.

CONFUSION MATRIX

True Positive:

Interpretation: You predicted positive and it’s true.

You predicted that your computer is not hacked and actually is not hacked.

True Negative:

Interpretation: You predicted negative and it’s true.

You predicted that your computer is hacked and actually it is hacked.

False Positive: (Type 1 Error)

Interpretation: You predicted positive and it’s false.

You predicted that your computer is not hacked and actually it is hacked.

Here, in this case, type 1 is most dangerous.

False Negative: (Type 2 Error)

Interpretation: You predicted negative and it’s false.

You predicted that your computer is hacked and actually it is not hacked.

The type 1 and type 2 error is very critical in cybersecurity.

Previously as I explained how dangerous type 1 can be.

Now how dangerous type 2 can be.

Let's say you developed a face recognization system in cyber world , and now all is going fine . That system is recognizing accordingly. But one day, the system is unable to recognize the manager. So, it predicted negative (that he is not a manager) but it is False (because actually, he is a manager).

So this is how type2 can be dangerous.