Confusion Matrix in Cyber Crime

3 min readJun 6, 2021


what is cybercrime?

  • Cybercrime is a criminal activity that either targets or uses a computer, a computer network, or a networked device.
  • Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make money. Cybercrime is carried out by individuals or organizations.
  • Some cybercriminals are organized, use advanced techniques, and are highly technically skilled. Others are novice hackers.
  • Rarely, cybercrime aims to damage computers for reasons other than profit. These could be political or personal.

what is a confusion matrix?

  • A confusion matrix is a table that is often used to describe the performance of a classification model on a set of test data for which the true values are known. The confusion matrix itself is relatively simple to understand, but the related terminology can be confusing.
  • True Positive

You predicted positive and it’s true.

  • True Negative

You predicted negative and it’s true.

  • False Positive (Type 1 Error)

You predicted positive and it’s false.

  • False Negative (Type 2 Error)

You predicted negative and it’s false.


Here TP is True Positive, TN is True Negative, FP is False Positive and FN is False Negative.

The 2 types of error(Type 1 and Type 2) are very crucial and critical in cybersecurity. For example, Consider a face recognition system installed in front of the data warehouse that holds critical error. Consider that the manager comes and the recognition system and is unable to recognize him. He tries to log in again and is allowed in.

Another example could be A new person comes and tries to log himself in. The recognition system makes an error and allows him in. Now, this is very dangerous. An unauthorized person has made an entry. This could be damage to the company.

In both cases, there was an error in the face recognition system. This shows the critical nature that might vary according to the situation and condition where we want a tradeoff between the two types of error.


Machine learning techniques have proven to be beneficial for the whole security industry. However, the application of machine learning is often limited by the lack of standardized datasets, overfitting issues, the architecture cost, and so on. Therefore, it is important to apply and design new approaches to maintain the benefits of machine learning algorithms while addressing the limitations in practice. To facilitate law enforcement officials for saving humanity and to envisage cybercrimes, data mining algorithms, and visualization techniques were utilized.

The developed cybercrime analysis tool affords a framework for visualizing the diverse cybercrime types and cybercrime-prone areas in India and investigating them by data mining algorithms using Google Maps. This task facilitates the law enforcement officials to scrutinize the cybercrime networks using interactive visualizations. The interactive and visual aspect relevance will be supportive in exposure and discerning the cybercrime prototypes. From the performance evaluation of existing and proposed classifiers, Enhanced Random Forest acquired 99.58% of accuracy rate with less computation time than Naïve Bayes.