EpochZero Learn
EpochZero LearnMulti-Domain Tech Learning Hub
Courses
LeaderboardAbout
Dashboard
EpochZero
EpochZero Learn
Multi-Domain Tech Learning Hub

Structured learning for Reverse Engineering, Cloud Security, Cryptography, and Web Development. Articles, videos, tests, and peer discussion.

Learn

  • Learning Path
  • All Articles
  • Video Lessons
  • Podcast
  • eBooks & PDFs
  • Question Banks
  • Cheatsheets
  • MCQ Banks

Tests & Forum

  • All Tests
  • REMA Tests
  • Cloud Tests
  • Forum
  • REMA Forum
  • Cloud Forum
  • Crypto Forum
  • Web Dev Forum

Campus

  • REMA Club
  • Full Stack Dev Club
  • Extension Activity
  • Events
  • CTF Competitions
  • Workshops
  • Industrial Visits

Platform

  • Dashboard
  • Leaderboard
  • About
  • Verify Certificate

© 2026 EpochZero Learn. Educational content for learning purposes.

Course Instructor: Ashish Revar

All articles
research-methodologyscales-of-measurementstatistics

Scales of Measurement

Not every number means the same thing. Averaging a low/medium/high/critical rating and reporting it as a precise 2.65 is one of the most common statistical errors in student projects.

Ashish Revar6 July 20269 min read3 views

Sign in to mark this article as read and track your progress.

More articlesTest your knowledge

Not Every Number Means the Same Thing

Before choosing a statistical test, it helps to be precise about what kind of number, or category, is actually being measured. Not every statistic makes sense for every kind of data.

Nominal. Categories with no natural order. Malware family name, operating system, or attack vector are nominal — "ransomware" is not more or less than "spyware," only different from it.

Ordinal. Categories with a natural order, but no guarantee the gaps between them are equal. A vulnerability severity rating of low/medium/high/critical is ordinal: critical is worse than high, but the jump from low to medium isn't necessarily the same size as the jump from high to critical.

Interval. Numeric, with equal gaps between values, but no true zero point. A normalised anomaly score running from -50 to +50, where zero is simply the calibration midpoint rather than "no anomaly at all," is interval — it's meaningful to say one score is 10 points higher than another, but not that a score of 40 is "twice as anomalous" as 20.

Ratio. Numeric, with equal gaps and a true zero point. File size in kilobytes, number of failed login attempts, and detection time in seconds are all ratio scales — zero genuinely means none, and a file that is 200KB really is twice the size of a 100KB file.

What Each Scale Actually Supports

ScaleExampleStatistics/tests it supports
NominalMalware family, OS typeMode, frequency counts, chi-square test
OrdinalSeverity rating (low/medium/high/critical)Median, percentile rank, rank-based tests
IntervalA normalised, zero-calibrated anomaly scoreMean, standard deviation, t-test, ANOVA, correlation
RatioFile size, detection time, failed login countEverything interval supports, plus ratios and percentage comparisons

Trying to compute a mean malware family, or a meaningful ratio of two severity ratings, are both scale-mismatch errors examiners are trained to catch.

This is the theoretical reason behind how a test gets chosen at all: a chi-square test suits nominal data because it only counts how often each category occurs; a t-test or ANOVA needs interval or ratio data because computing a mean requires the gaps between values to be genuinely equal. Treating an ordinal severity rating as if it were a ratio scale — for instance, by averaging "low, medium, high, critical" coded as 1 to 4 and reporting the mean as a precise number — is one of the most common statistical errors in student projects.

Check Your Understanding

A student codes vulnerability severity as 1 (low), 2 (medium), 3 (high), 4 (critical), then reports the "average severity" across 40 vulnerabilities as 2.65. Explain what scale of measurement error this commits.