Explaining Network Intrusion Detection System Using Explainable AI Framework

03/12/2021
by   Shraddha Mane, et al.
0

Cybersecurity is a domain where the data distribution is constantly changing with attackers exploring newer patterns to attack cyber infrastructure. Intrusion detection system is one of the important layers in cyber safety in today's world. Machine learning based network intrusion detection systems started showing effective results in recent years. With deep learning models, detection rates of network intrusion detection system are improved. More accurate the model, more the complexity and hence less the interpretability. Deep neural networks are complex and hard to interpret which makes difficult to use them in production as reasons behind their decisions are unknown. In this paper, we have used deep neural network for network intrusion detection and also proposed explainable AI framework to add transparency at every stage of machine learning pipeline. This is done by leveraging Explainable AI algorithms which focus on making ML models less of black boxes by providing explanations as to why a prediction is made. Explanations give us measurable factors as to what features influence the prediction of a cyberattack and to what degree. These explanations are generated from SHAP, LIME, Contrastive Explanations Method, ProtoDash and Boolean Decision Rules via Column Generation. We apply these approaches to NSL KDD dataset for intrusion detection system and demonstrate results.

READ FULL TEXT
research
07/15/2022

Creating an Explainable Intrusion Detection System Using Self Organizing Maps

Modern Artificial Intelligence (AI) enabled Intrusion Detection Systems ...
research
11/28/2018

An Adversarial Approach for Explainable AI in Intrusion Detection Systems

Despite the growing popularity of modern machine learning techniques (e....
research
06/21/2021

Zero-shot learning approach to adaptive Cybersecurity using Explainable AI

Cybersecurity is a domain where there is constant change in patterns of ...
research
03/30/2023

Explainable Intrusion Detection Systems Using Competitive Learning Techniques

The current state of the art systems in Artificial Intelligence (AI) ena...
research
11/27/2021

Deep Q-Learning based Reinforcement Learning Approach for Network Intrusion Detection

The rise of the new generation of cyber threats demands more sophisticat...
research
11/19/2021

A Hybrid Approach for an Interpretable and Explainable Intrusion Detection System

Cybersecurity has been a concern for quite a while now. In the latest ye...
research
03/13/2018

Recurrent Neural Network Attention Mechanisms for Interpretable System Log Anomaly Detection

Deep learning has recently demonstrated state-of-the art performance on ...

Please sign up or login with your details

Forgot password? Click here to reset