Role of Confusion Matrix in Cyber Security !!

What is Confusion Matrix?

In the field of machine learning and specifically the problem of statistical classification, a confusion matrix, also known as an error matrix, is a specific table layout that allows visualization of the performance of an algorithm, typically a supervised learning one

  • true negatives (TN): We predicted no, and they don’t have the disease.
  • false positives (FP): We predicted yes, but they don’t actually have the disease. (Also known as a “Type I error.”)
  • false negatives (FN): We predicted no, but they actually do have the disease. (Also known as a “Type II error.”)

This is where we come across the dual concept of Precision and Recall.

How is ML being Used in terms of Security?

Microsoft:

How it’s using machine learning: Microsoft uses its own cybersecurity platform, Windows Defender Advanced Threat Protection (ATP), for preventative protection, breach detection, automated investigation and response. Windows Defender ATP IS built into Windows 10 devices, automatically updates and employs cloud AI and multiple levels of machine learning algorithms to spot threats.

Chronicle:

How it’s using machine learning: Chronicle is a cybersecurity company that sprang from Google’s parent company Alphabet. Its first product, Backstory, has been described as “designed for a world where companies generate massive amounts of security telemetry and struggle to hire enough trained analysts to make sense of it.” Backstory analyzes large amounts of security data (such as internal network activity, known bad domains and suspected malware) and uses machine learning to condense it into more easily digestible insights.

Improved Support Vector Machine for Cyber Attack Detection

These images represents an efficient and scalable algorithm for classification of cyber attack. The performance of traditional SVM is enhanced in this work by modifying Gaussian kernel to enlarge the spatial resolution around the margin by a conformal mapping, so that the separability between attack classes is increased. It is based on the Riemannian geometrical structure induced by the kernel function. It improved Support Vector Machine (iSVM) algorithm for classification of cyber attack dataset. Result shows that iSVM gives 100% detection accuracy for Normal and Denial of Service (DOS) classes and comparable to false alarm rate, training, and testing times

Student from B.tech 2nd Year, A proud ARTH learner, love new technologies, Curious about many thing, likes to explore places, love eating pizza and much more.