Confusion Matrix And its Role in Cyber Security

Original Source Here

Confusion Matrix And its Role in Cyber Security

This is how a confusion matrix looks like

A confusion matrix is a performance measurement for machine learning classification problem where output can be two or more classes. It is a table with 4 different combinations of predicted and actual values. This matrix is a N x N matrix used for evaluating the performance of a classification model, where N is the number of target classes.

A 2X2 confusion matrix would have ideally 4 elements:

True Positive:

The prediction is correct and is in your favor.

True Negative:

The prediction is right but not in your favor.

False Positive:

The prediction is wrong but in our favor. It is also known as type-I error and is pretty malicious or dangerous.

False Negative:

The prediction is wrong and also not in our favor. It is also called type-II error and is not that harmful.

Now, how does this confusion matrix affects on cyber security — —

Say , we have an intrusion detection system in a company to detect malicious attacks from outsiders . Let us say this IDS uses the concept of confusion matrix and alarms us when it detects any attack.

If any attack is actually happened , the matrix would have two outcomes — either it it would give a true positive or true negative. These wouldn’t impact much because the detection system would be activated

And if the attack has not happened , it would give out false positive and false negative. This would highly impact the organization as if the case is false positive , where the attack has actually happened and the alarm has not been raised.

That shows that confusion matrix is not 100 % accurate to detect such type of intrusions but it is still used as there are not many other ways to perform these functions.


  • It shows how any classification model is confused when it makes predictions.
  • The confusion matrix not only gives you insight into the errors being made by your classifier but also the types of errors that are being made.
  • This breakdown helps you to overcomes the limitation of using classification accuracy alone.
  • Every column of the confusion matrix represents the instances of that predicted class.
  • Each row of the confusion matrix represents the instances of the actual class.
  • It provides insight not only into the errors which are made by a classifier but also errors that are being made.


Trending AI/ML Article Identified & Digested via Granola by Ramsey Elbasheer; a Machine-Driven RSS Bot

%d bloggers like this: