Enhancing Intrusion Detection with Explainable AI: A Transparent Approach to Network Security

Mallampati, Seshu Bhavani; Seetha, Hari

doi:10.2478/cait-2024-0006

Abstract

An Intrusion Detection System (IDS) is essential to identify cyber-attacks and implement appropriate measures for each risk. The efficiency of the Machine Learning (ML) techniques is compromised in the presence of irrelevant features and class imbalance. In this research, an efficient data pre-processing strategy was proposed to enhance the model’s generalizability. The class dissimilarity is addressed using k-Means SMOTE. After this, we furnish a hybrid feature selection method that combines filters and wrappers. Further, a hyperparameter-tuned Light Gradient Boosting Machine (LGBM) is analyzed by varying the optimal feature subsets. The experiments used the datasets – UNSW-NB15 and CICIDS-2017, yielding an accuracy of 90.71% and 99.98%, respectively. As the transparency and generalizability of the model depend significantly on understanding each component of the prediction, we employed the eXplainable Artificial Intelligence (XAI) method, SHapley Additive exPlanation (SHAP), to improve the comprehension of forecasted results.

References

Udas, M., E. Karim, K. S. Ro. SPIDER: A Shallow PCA-Based Network Intrusion Detection System with Enhanced Recurrent Neural Networks. – Journal of King Saud University – Computer and Information Sciences, Vol. 34, 2022, No 10, pp. 10246-10272.
Search in Google Scholar Back to article
Wang, K. Zheng, Y. Yang, X. Wang. An Explainable Machine Learning Framework for Intrusion Detection Systems. – IEEE Access, Vol. 8, 2020, pp. 73127-73141.
Search in Google Scholar Back to article
Premkumar, T., V. P. Sundararajan. DLDM: Deep Learning-Based Defense Mechanism for Denial of Service Attacks in Wireless Sensor Networks. – Microprocess. Microsystems, Vol. 79, 2020, No August, 103278.
Search in Google Scholar Back to article
IBM Security Cost of a Data Breach Report 2022. 2022.
Search in Google Scholar Back to article
Fleck, A. Inflation Becomes the Leading Global Concern in 2022. – Statista, 2022 (Accessed 22 Junе 2023). https://www.statista.com/chart/28878/expected-cost-of-cybercrime-until-2027/
Search in Google Scholar Back to article
Alhenawi, H., R. Alazzam, O. Al-Sayyed, Abualghanam, O. Adwan. Hybrid Feature Selection Method for Intrusion Detection Systems Based on an Improved Intelligent Water Drop Algorithm. – Cybernetics and Information Technologies, Vol. 22, 2022, No 4, pp. 73-90.
Search in Google Scholar Back to article
Batchu, H. Seetha. An Integrated Approach Explaining the Detection of Distributed Denial of Service Attacks. – Computer Networks, 2022, 109269.
Search in Google Scholar Back to article
Mallampati, H. Seetha. A Review on Recent Approaches of Machine Learning, Deep Learning, and Explainable Artificial Intelligence in Intrusion Detection Systems. – Majelisi Journal of Electrical Engineering, Vol. 17, 2023, No 1, pp. 29-54.
Search in Google Scholar Back to article
Kim, L. Y., H. Kim. Network Intrusion Detection Based on Novel Feature Selection Model and Various Recurrent Neural Networks. – Applied Sciences, Vol. 9, 2019, No 7.
Search in Google Scholar Back to article
Roy, J., B. Li, Choi, Y. Bai. A Lightweight Supervised Intrusion Detection Mechanism for IoT Networks. – Futurre Genereration Computer Systems, Vol. 127, 2022, pp. 276-285.
Search in Google Scholar Back to article
Saha, A., T. Priyoti, A. Sharma. Towards an Optimised Ensemble Feature Selection for DDoS Detection Using Both Supervised and Unsupervised Method. – In: Proc. of 19th Annual Consumer Communications and Networking Conference (CCNC’22), Las Vegas, N. V., USA, 2022.
Search in Google Scholar Back to article
De Souza, C., B. Westphall, R. B. Machado, J. B. M. Sobral, G. dos S. Vieira. Hybrid Approach to Intrusion Detection in Fog-Based IoT Environments. – Computer Networks. Vol. 180, 2020.
Search in Google Scholar Back to article
Yin, Y., et al. IGRF-RFE: A Hybrid Feature Selection Method for MLP-Based Network Intrusion Detection on UNSW-NB15 Dataset. – Journal of Big Data, Vol. 10, 2023, No 1.
Search in Google Scholar Back to article
Patil, S., et al. Explainable Artificial Intelligence for Intrusion Detection System. – Electronics, Vol. 11, 2022, No 19.
Search in Google Scholar Back to article
Kannari, N., S. Chowdary, R. Laxmikanth Biradar. An Anomaly-Based Intrusion Detection System Using Recursive Feature Elimination Technique for Improved Attack Detection. – In: Theory of Compututer Science. Vol. 931. 2022, pp. 56-64.
Search in Google Scholar Back to article
Thakkar, A., R. Lohiya. Fusion of Statistical Importance for Feature Selection in Deep Neural Network-Based Intrusion Detection System. – Information Fusion, Vol. 90, 2023, No February, pp. 353-363.
Search in Google Scholar Back to article
Hariharan, R., R. Rejimol Robinson, R. R. Prasad, C. Thomas, N. Balakrishnan. XAI for Intrusion Detection System: Comparing Explanations Based on Global and Local Scope. – Journal of Computer Viroogy. Hacking Technologies, Vol. 19, 2023, No 2, pp. 217-239.
Search in Google Scholar Back to article
Alani, M. M. An Explainable Efficient Flow-Based Industrial IoT Intrusion Detection System. – Computers Electrctriacal Engginering, Vol. 108, 2023, No April, 108732.
Search in Google Scholar Back to article
Sharafaldin, A., H. Lashkari, A. A. Ghorbani. Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. – In: Proc. of Int. Conf. on Systems Security and Privacy, 2018, No Cic, pp. 108-116.
Search in Google Scholar Back to article
Moustafa, N., J. Slay. UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set). – In: Proc of Mil. Commun. Inf. Syst. Conf. (MilCIS’15), 2015, No November.
Search in Google Scholar Back to article
Veera Brahmam, M., S. Gopikrishnan, K. Raja Sravan Kumar, M. Seshu Bhavani. Pearson Correlation Based Outlier Detection in Spatial-Temporal Data of IoT Networks. – In: Proc. of Innov. Data Commun. Technol. Appl. Proc. ICIDCA 2021, Singapore, Springer, Nature, Singapore, Vol. 96, 2022, pp. 1019-1028).
Search in Google Scholar Back to article
Silva, N., R. de Oliveira, D. S. V. Medeiros, M. A. Lopez, D. M. F. Mattos. A Statistical Analysis of Intrinsic Bias of Network Security Datasets for Training Machine Learning Mechanisms. – Annals of Telecommunications,Vol. 77, 2022, pp. 555-571
Search in Google Scholar Back to article
Vergara, P., A. Estévez. A Review of Feature Selection Methods Based on Mutual Information. – Neural Computer Applications, Vol. 24, 2014, No 1, pp. 175-186.
Search in Google Scholar Back to article
Pudil, J., Novovičová, J. Kittler. Floating Search Methods in Feature Selection. – Pattern Recognit. Lett., Vol. 15, 1994, No 11, pp. 1119-1125.
Search in Google Scholar Back to article
Shirbani, F., H. Soltanian-Zadeh. Fast SFFS-Based Algorithm for Feature Selection in Biomedical Datasets. – Amirkabir Journal of Science and Technology, Vol. 45, 2013, No 2, pp. 43-56.
Search in Google Scholar Back to article
Ke, G., et al. LightGBM: A Highly Efficient Gradient Boosting Decision Tree. – In: Proc of Conference on Neural Information Processing Systems, Vol. 2017, 2017, No December, pp. 3147-3155.
Search in Google Scholar Back to article
Lundberg, P., G. Allen, S.-I. Lee. A Unified Approach to Interpreting Model Predictions (online). https://github.com/slundberg/shap
Search in Google Scholar Back to article
Gu, K., Li, Z. Guo, Y. Wang. Semi-Supervised k-Means DDOS Detection Method Using Hybrid Feature Selection Algorithm. – IEEE Access, Vol. 7, 2019, pp. 64351-64365.
Search in Google Scholar Back to article
Mhawi, A., Aldallal, S. Hassan. Advanced Feature-Selection-Based Hybrid Ensemble Learning Algorithms for Network Intrusion Detection Systems. – Symmetry (Basel), Vol. 14, 2022, No 7.
Search in Google Scholar Back to article
Fu, J., X. Lan Zhang. Gradient Importance Enhancement Based Feature f Fusion Intrusion Detection Technique. – Computer Networks, Vol. 214, 2022 No May, 109180.
Search in Google Scholar Back to article
Kasongo, Sydney Mambwe. A Deep Learning Technique for Intrusion Detection System Using a Recurrent Neural Networks Based Framework. – Computer Communications, Vol. 199, 2023, pp. 113-125.
Search in Google Scholar Back to article
Kasongo, Y. Sun. A Deep Learning Method with Wrapper Based Feature Extraction for Wireless Intrusion Detection System. – Computers Security, Vol. 92, 2020.
Search in Google Scholar Back to article
Eunice, Q., M. Gao, Y. Zhu, Z. Chen, N. Lv. Network Anomaly Detection Technology Based on Deep Learning. – In: Proc. of 3rd Int. IEEE Conf. Front. Technol. Inf. Comput. ICFTIC 2021, pp. 6-9.
Search in Google Scholar Back to article
Kasongo. An Advanced Intrusion Detection System for IIoT Based on GA and Tree Based Algorithms. – IEEE Access, Vol. 9, 2021, pp. 113199-113212.
Search in Google Scholar Back to article

Enhancing Intrusion Detection with Explainable AI: A Transparent Approach to Network Security

Abstract

Paradigm

My account