Cyber Crimes & Confusion Matrix
Cybercrime is vastly growing in the world of tech today. Criminals of the World Wide Web exploit internet users’ personal information for their own gain. As technology progresses and more people depend on the internet-abled services for every day activities, including storing their credit card details and transacting money online, cyber crimes are becoming more common than ever. The consequences of these digital attacks are destructive and can cause some serious damages.
“As we’ve come to realize, the idea that security starts and ends with the purchase of a prepackaged firewall is simply misguided.”
– Art Wittmann
So lets start by a brief introduction about Cyber Crime , what it is and its types and its impact.
?
Cybercrime is defined as a crime where a computer is the object of the crime or is used as a tool to commit an offense. A cybercriminal may use a device to access a user’s personal information, confidential business information, government information, or disable a device. It is the exploitation of computer networks, systems, and technology-dependent enterprises intentionally.
CATEGORIES OF CYBERCRIME
There are three major categories that cybercrime falls into: individual, property and government. The types of methods used and difficulty levels vary depending on the category.
- Property: This is similar to a real-life instance of a criminal illegally possessing an individual’s bank or credit card details. The hacker steals a person’s bank details to gain access to funds, make purchases online or run phishing scams to get people to give away their information. They could also use a malicious software to gain access to a web page with confidential information.
- Individual: This category of cybercrime involves one individual distributing malicious or illegal information online. This can include cyberstalking, distributing pornography and trafficking.
- Government: This is the least common cybercrime, but is the most serious offense. A crime against the government is also known as cyber terrorism. Government cybercrime includes hacking government websites, military websites or distributing propaganda. These criminals are usually terrorists or enemy governments of other nations.
WHAT ARE THE COMMON TYPES OF CYBER CRIMES?
Let’s explore various types of cyber crimes prevalent today.
1. WEB ATTACKS
A web attack affects the computer via the internet. These viruses can be downloaded from the internet and end up causing large-scale and irreversible damages to your system.
2. ONLINE SCAMS
These are usually in the form of ads or spam emails that include promises of rewards or offers of unrealistic amounts of money. Online scams include enticing offers that are “too good to be true” and when clicked on can cause malware to interfere and compromise information.
3. PHISHING
This a technique of extracting confidential information such as credit card numbers and username password combos by masquerading as a legitimate enterprise. Phishing is typically carried out by email spoofing. You’ve probably received email containing links to legitimate appearing websites. You probably found it suspicious and didn’t click the link. Smart move.
4. MAN-IN-THE-MIDDLE ATTACKS
A man-in-the-middle attack occurs when attackers eavesdrop on the communication between two entities. This type of cyber crime affects both the communicating parties as the attacker can do anything with the interpreted information
5. MALWARE
Malware is an umbrella term for a code/program that is intentionally built to affect or attack computer systems without the user’s consent.
6. EMAIL BOMBING AND SPAMMING
Email bombing is characterized by an abuser sending huge volumes of email to a target address resulting in victim’s email account or mail servers crashing. The message is meaningless and excessively long in order to consume network resources. If multiple accounts of a mail server are targeted, it may have a denial-of-service impact.
CYBER SECURITY
Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.
AI & ML to the rescue?
Artificial intelligence (AI) and machine learning (ML) are playing an increasing role in cybersecurity, with security tools analyzing data from millions of cyber incidents, and using it to identify potential threats -- an employee account acting strangely by clicking on phishing links, for example, or a new variant of malware.
But there is a constant battle between attackers and defenders. Cyber criminals have long tried to tweak their malware code so that security software no longer recognizes it as malicious.
CONFUSION MATRIX : TYPE I & TYPE II ERRORS
In machine learning, Classification is used to split data into categories. But after cleaning and preprocessing the data and training our model, how do we know if our classification model performs well? That is where a confusion matrix comes into the picture.
A confusion matrix is used to measure the performance of a classifier in depth. In this simple guide to Confusion Matrix, we will get to understand and learn confusion matrices better. A confusion matrix is a n*n matrix that is used for evaluating the performance of the classification model.
For Binary classification — The Confusion Matrix is a 2*2 matrix. If no. classes in target value is n then confusion matrix is a n*n matrix.
- True Positive : The predicted value matches the actual value . The actual value was positive and the model predicted a positive value. Eg :- the test result says you have coronavirus and you actually do.
- True Negative : The predicted value matches the actual value. The actual value was negative and the model predicted a negative value. Eg :- the test result says you don't have coronavirus and you actually don’t.
- False Positive ( Type I Error ) : The predicted value was falsely predicted. The actual value was negative but the model predicted a positive value. Also known as the Type 1 error. Eg :- the test result says you have coronavirus, but you actually don’t.
- False Negative ( Type II Error ) : The predicted value was falsely predicted. The actual value was positive but the model predicted a negative value. Also known as the Type 2 error. Eg:- the test result says you don’t have coronavirus, but you actually do.
Is a Type I or Type II error worse?
For statisticians, a Type I error is usually worse. In practical terms, however, either type of error could be worse depending on your research context.
A Type I error means mistakenly going against the main statistical assumption of a null hypothesis. This may lead to new policies, practices or treatments that are inadequate or a waste of resources.
Example: Consequences of a Type I error
Based on the incorrect conclusion that the new drug intervention is effective, over a million patients are prescribed the medication, despite risks of severe side effects and inadequate research on the outcomes. The consequences of this Type I error also mean that other treatment options are rejected in favor of this intervention.
In contrast, a Type II error means failing to reject a null hypothesis. It may only result in missed opportunities to innovate, but these can also have important practical consequences.
Example: Consequences of a Type II error
If a Type II error is made, the drug intervention is considered ineffective when it can actually improve symptoms of the disease. This means that a medication with important clinical significance doesn’t reach a large number of patients who could tangibly benefit from it.
"What AI enables us to do is to respond in an intelligent way, understanding the relevance and consequences of a breach or a change of behaviour, and in real time develop a proportionate response" -
Poppy Gustafsson, co-CEO of Darktrace, a British cybersecurity company that uses machine learning to detect threats.
For example, if an employee clicks on a phishing link, the system can work out that this was not normal behavior and could therefore be potentially malicious activity.
Using machine learning, this can be spotted almost immediately, blocking the potential damage of a malicious intrusion and preventing login credentials being stolen, malware being deployed or otherwise enabling attackers to gain access to the network.
But while AI and ML do provide benefits for cybersecurity, it's important for organisations to realise that these tools aren't a replacement for human security staff.
It's possible for a machine learning-based security tool to be programmed incorrectly, for example, resulting in unexpected -- or even obvious -- things being missed by the algorithms. If the tool misses a particular kind of cyberattack because it hasn't been coded to take certain parameters into account, that's going to lead to problems.
"Where AI and machine learning can get you into trouble is if you are reliant on it as an oracle of everything," says Merritt Maxim, researcher director for security at analyst firm Forrester .
"If the inputs are bad and it's passing things through it says are okay, but it's actually passing real vulnerabilities through ( False Positive - Type 1 error) because the model hasn't been properly tuned or adjusted -- that's the worst case because you think you're fully protected because you have AI".
Maxim notes that AI-based cybersecurity has "a lot of benefits", but isn't a complete replacement for human security staff; and like any other software on the network, you can't just install it and forget about it -- it needs to be regularly evaluated.
Thank you for reading!!