Original Source Here
What is Confusion Matrix ?
A confusion matrix is a tabular summary of the number of correct and incorrect predictions made by a classification model. It is used to measure the performance of a classification model. It can be used to evaluate the performance of a classification model through the calculation of performance metrics like accuracy, precision.
The following 4 are the basic terminology which will help us in determining the metrics we are looking for in confusion matrix :
- True Positives (TP) : when the actual value is Positive and predicted is also Positive.
- True negatives (TN) : when the actual value is Negative and prediction is also Negative.
- False positives (FP) : When the actual is negative but prediction is Positive. Also known as the Type 1 error.
- False negatives (FN) : When the actual is Positive but the prediction is Negative. Also known as the Type 2 error.
In image 1 if you can see it’s represented with normal mails and spam mails.
Machine Learning in Cyber Security
Confusion Matrix is a small part of ML that describes the performance of the classification model. It gives us 4 outputs, and based on that we can check how good our model is or what we need to focus more on.
When we use Machine Learning based on our older data or older pattern, it recognizes something new and gives us its prediction or answer. The data we had before is called actual data, and the data that the machine gave us is predicted data. In our example, we have 2 possibilities one is True, and another is False that the machine will predict. When we compare the predicted data by the machine with the actual data, then there is a percentage of chance that the Machine will predict it correctly. The chance depends on the domain and the data we gave. It may be 70 % to 95%, usually in the real world. Now we know that the Machine is never perfect, and it can never give 100% correct results, so we check the actual data and the predicted data to compare how the machine did when some data was passed.
There are 4 outputs as mentioned above but we need to focus more on 2 Errors namely Type I & Type II :
Type I Error (FP) : It is also known as the false positive error. It predicts the value as True but in actual the value is False. It is a very dangerous error.
Type II Error (FN) : It is also known as the false negative error. It predicts the value as False but in actual the value True. It is not a dangerous error.
Intrusion Detection System (IDS) is also used to avoid Cyber Crimes. It is a system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered. It is a software application that scans a network or a system for harmful activity or policy breaching.
Trending AI/ML Article Identified & Digested via Granola by Ramsey Elbasheer; a Machine-Driven RSS Bot