Confusion Matrix: Application in Security
— Informative analysis provided by confusion matrix if much beneficial and have many application.
What is confusion matrix?
Confusion matrix, also known as Error matrix shows the combination of actual values with comparing True and False prediction by a classification problem. Generally in analytics or statistical classification confusion matrix provides the visualization for the performance of algorithm.
As in above images, it represents the comparison of actual and predicted values, with four parameters :~
- True Negative : It represents the True but negative parameter labeled to one or other argument.
- True Positive : It represents the True but positive parameter labeled to another argument.
- False Positive : It represents the False but positive parameter.
- False Negative : It represents the False but Negative parameter.
— Here we can see, we’ve two types of False prediction. Which can also be considered as errors. These are categorized as :~
- Type 1 error : False Positive prediction
- Type 2 error: False Negative prediction
Of both, Type 1 error posses utmost significance. Consider the following example :
A deployed IDS in production environment, predicts a little magnitude of type 1 error, what does it represents? According to prediction no intrusion must have happen, by as it’s an error even at the instance of intrusion it doesn’t alarm, as it’s job is to do that. Thus, you can see the significance to deal with Type 1 error is most important.
Another example will of an antivirus software in systems, it may have high accuracy score, of ~95% for example, but in the remaining part some predictions will be False Positive, that’s when system will get into critical condition.
Thus, the signification of this metrics is of utmost significance, specially in the world of security.
This metric will help us to be more observant in the case of False Positive error, as cyber crimes is no joke now a days. They could cause a loss up to fortune to anyone.
Confusion matrix shows to be a significant statistical metrics with enormous applications in security.