DeepAI AI Chat
Log In Sign Up

Domain Knowledge Aided Explainable Artificial Intelligence for Intrusion Detection and Response

by   Sheikh Rabiul Islam, et al.
Tennessee Tech University

Artificial Intelligence (AI) has become an integral part of modern-day security solutions for its capability of learning very complex functions and handling "Big Data". However, the lack of explainability and interpretability of successful AI models is a key stumbling block when trust in a model's prediction is critical. This leads to human intervention, which in turn results in a delayed response or decision. While there have been major advancements in the speed and performance of AI-based intrusion detection systems, the response is still at human speed when it comes to explaining and interpreting a specific prediction or decision. In this work, we infuse popular domain knowledge (i.e., CIA principles) in our model for better explainability and validate the approach on a network intrusion detection test case. Our experimental results suggest that the infusion of domain knowledge provides better explainability as well as a faster decision or response. In addition, the infused domain knowledge generalizes the model to work well with unknown attacks, as well as open the path to adapt to a large stream of network traffic from numerous IoT devices.


page 1

page 2

page 3

page 4


Classification of artificial intelligence ids for smurf attack

Many methods have been developed to secure the network infrastructure an...

Sufficient Reasons for A Zero-Day Intrusion Detection Artificial Immune System

The Internet is the most complex machine humankind has ever built, and h...

Creating an Explainable Intrusion Detection System Using Self Organizing Maps

Modern Artificial Intelligence (AI) enabled Intrusion Detection Systems ...

A Hybrid Approach for an Interpretable and Explainable Intrusion Detection System

Cybersecurity has been a concern for quite a while now. In the latest ye...

RANK: AI-assisted End-to-End Architecture for Detecting Persistent Attacks in Enterprise Networks

Advanced Persistent Threats (APTs) are sophisticated multi-step attacks,...

Satellite Image and Machine Learning based Knowledge Extraction in the Poverty and Welfare Domain

Recent advances in artificial intelligence and machine learning have cre...