Security Information and Event Management and Confusion Matrix Cyber Crime cases


Security Information and Event Management

IT is becoming an enabler of business. In this digital era, businesses are relying on their IT infrastructures to support almost every aspect of their operations. At the same time, security threats can put network security and data integrity at risk. SIEM Solutions are an integral part of log management and comprehensive security. These SIEM tools help in monitoring log activities and flag suspicious events and incidents.

Security Information and Event Management tool is a software solution that aggregates and analyses activity from various resources across your entire IT infrastructure.SIEM tool collects security data from network servers, devices, domain controllers, and more. This type of software also helps you store, normalize, aggregate, and apply analytics to these data to discover trends.

SIEM Tools List For Security Information Management. SIEM combines SIM (security information management) and SEM (security event management) functions into one security information and event management system. Hsharing the list of best SIEM Tools for security in

What to Look for in the Best SIEM Solutions

SIEM products have a few basic characteristics. They ingest data from multiple sources (including threat intelligence), then interpret that data, send alerts, perform analytics, and provide a historical overview or summary. Of course, when it comes to choosing a SIEM security solution, every business will have its own criteria for deciding whether the capabilities of a tool align with their needs. This will depend on factors like business size, types of data, vendor array, specific regulatory frameworks, budget, and, of course, an IT team’s usability preferences. There are a few questions you’ll want to ask as you check out the best SIEM tools in the market.

List of SIEM Tools

  1. IBM QRadar Security Intelligence Platform
  2. Splunk
  3. ArcSight ESM Software
  4. NetIQ / Micro Focus
  5. Trustwave
  6. Alienvault
  7. AccelOps
  8. BlackStratus
  9. EventTracker
  10. Intel Security Group

Confusion Matrix

The confusion matrices discussed above have only two conditions: positive and negative. In some fields, confusion matrices can have more categories. For example, the table below summarises communication of a whistled language between two speakers, zero values omitted for clarity
n the field of machine learning and specifically the problem of statistical classification, a confusion matrix, also known as an error matrix,is a specific table layout that allows visualization of the performance of an algorithm, typically a supervised learning one (in unsupervised learning it is usually called a matching matrix). Each row of the matrix represents the instances in an actual class while each column represents the instances in a predicted class, or vice versa — both variants are found in the literature. The name stems from the fact that it makes it easy to see whether the system is confusing two classes (i.e. commonly mislabeling one as another).

It is a special kind of contingency table, with two dimensions (“actual” and “predicted”), and identical sets of “classes” in both dimensions (each combination of dimension and class is a variable in the contingency table).

What is Confusion Matrix and why you need it?

Well, it is a performance measurement for machine learning classification problem where output can be two or more classes. It is a table with 4 different combinations of predicted and actual values. It is extremely useful for measuring Recall, Precision, Specificity, Accuracy and most importantly AUC-ROC Curve.

True Positive:

Interpretation: You predicted positive and it’s true. You predicted that a woman is pregnant and she actually is.

True Negative:

Interpretation: You predicted negative and it’s true. You predicted that a man is not pregnant and he actually is not.

False Positive: (Type 1 Error)

Interpretation: You predicted positive and it’s false. You predicted that a man is pregnant but he actually is not.

False Negative: (Type 2 Error)

Interpretation: You predicted negative and it’s false. You predicted that a woman is not pregnant but she actually is. Just Remember, We describe predicted values as Positive and Negative and actual values as True and False.


How many values did we predict correctly? How many true predictions out of all samples there are?

A confusion matrix is a summary

A confusion matrix is a summary of prediction results on a classification problem. The number of correct and incorrect predictions are summarized with count values and broken down by each class. This is the key to the confusion matrix. The confusion matrix shows the ways in which your classification model is confused when it makes predictions. It gives you insight not only into the errors being made by your classifier but more importantly the types of errors that are being made. It is this breakdown that overcomes the limitation of using classification accuracy alone.

Thank You For Your Time ….!!!!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store