Journal Article10.1109/iotm.005.2200028
A Novel IoT-Based Explainable Deep Learning Framework for Intrusion Detection Systems
43
TL;DR: In this article , an explainable artificial intelligence (XAI)-powered framework was designed to enable not only detecting intrusions/attacks in IoT networks, but also interpret critical decisions made by ML/DL-based IDSs.
read more
Abstract: The growth of the Internet of Things (IoT) is accompanied by serious cybersecurity risks, especially with the emergence of IoT botnets. In this context, intrusion detection systems (IDSs) proved their efficiency in detecting various attacks that may target IoT networks, especially when leveraging machine/deep learning (ML/DL) techniques. In fact, ML/DL-based solutions make “machine-centric” decisions about intrusion detection in the IoT network, which are then executed by humans (i.e., executive cyber-security staff). However, ML/DL-based solutions do not provide any explanation of why such decisions were made, and thus their results cannot be properly understood/exploited by humans. To address this issue, explainable artificial intelligence (XAI) is a promising paradigm that helps to explain the decisions of ML/DL-based IDSs to make them understandable to cyber-security experts. In this article, we design a novel XAI-powered framework to enable not only detecting intrusions/attacks in IoT networks, but also interpret critical decisions made by ML/DL-based IDSs. Therefore, we first build an ML/DL-based IDS using a deep neural network (DNN) to detect and predict IoT attacks in real time. Then we develop multiple XAI models (i.e., RuleFit and SHapley Additive exPlanations, SHAP) on top of our DNN architecture to enable more trust, transparency, and explanation of the decisions made by our ML/DL-based IDS to cyber security experts. The in-depth experiment results with well-known IoT attacks show the efficiency and explainability of our proposed framework.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Explainable Artificial Intelligence (XAI) for Intrusion Detection and Mitigation in Intelligent Connected Vehicles: A Review
Cosmas Ifeanyi Nwakanma,Love Allen Chijioke Ahakonye,Judith Nkechinyere Njoku,J.C. Odirichukwu,S. A. Okolie,Chinebuli Uzondu,Christiana Chidimma Ndubuisi Nweke,Dong-Seong Kim +7 more
TL;DR: In this paper , a review of explainable AI (XAI) models used in ICV intrusion detection systems, their taxonomies, and outstanding research problems is presented. And the authors show that XAI increased transparency will foster its acceptability in the automobile industry.
Potential of Explainable Artificial Intelligence in Advancing Renewable Energy: Challenges and Prospects
Van Nhanh Nguyen,Wieslaw Tarelko,Prabhakar Sharma,A. S. El-Shafay,Wei-Hsin Chen,Phuoc Quy Phong Nguyen,Xuan Phuong Nguyen,Anh Le Tuan Hoang +7 more
- 19 Jan 2024
TL;DR: This review explores the potential of Explainable Artificial Intelligence (XAI) in advancing renewable energy, highlighting its advantages in improving performance and efficacy, while also addressing challenges and barriers related to transparency, accountability, and fairness.
32
Collaborative Energy-Efficient Routing Protocol for Sustainable Communication in 5G/6G Wireless Sensor Networks
H L Gururaj,Rajesh Natarajan,Nouf Abdullah Almujally,Francesco Flammini,Sujatha Krishna,Shashi Kant Gupta +5 more
TL;DR: A collaborative energy-efficient routing protocol (CEEPR) is proposed for sustainable communication in 5G/6G wireless sensor networks (WSNs). The protocol utilizes reinforcement learning and residual energy-based cluster head selection to enhance energy efficiency and network lifespan. The results show that CEEPR achieves significant energy savings compared to existing methods.
28
E-XAI: Evaluating Black-Box Explainable AI Frameworks for Network Intrusion Detection
Osvaldo Arreche,Tanish R. Guntur,Jack W. Roberts,Mustafa Abdallah +3 more
TL;DR: This work proposes an end-to-end framework to evaluate black-box XAI methods for network IDS, and shows the limitations and strengths of current black-box XAI methods when applied to network IDS.
23
Anomaly detection in IoT-based healthcare: machine learning for enhanced security
Maryam Mahsal Khan,Mohammed Saad Alkhathami +1 more
TL;DR: This study applies machine learning to detect anomalous IoT network traffic using the CIC dataset, achieving 99.55% accuracy with Random Forest, and reducing computational response time for real-time attack detection in healthcare applications.
23
References
UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)
Nour Moustafa,Jill Slay +1 more
- 10 Dec 2015
TL;DR: Countering the unavailability of network benchmark data set challenges, this paper examines a UNSW-NB15 data set creation which has a hybrid of the real modern normal and the contemporary synthesized attack activities of the network traffic.
3.1K
An Explainable Machine Learning Framework for Intrusion Detection Systems
TL;DR: This work is unique in the intrusion detection field, presenting the first use of the SHAP method to give explanations for IDSs, and the different interpretations between different kinds of classifiers can also help security experts better design the structures of theIDSs.
An Adversarial Approach for Explainable AI in Intrusion Detection Systems
Daniel L. Marino,Chathurika S. Wickramasinghe,Milos Manic +2 more
- 01 Oct 2018
TL;DR: In this paper, the authors present an approach to generate explanations for incorrect classifications made by data-driven Intrusion Detection Systems (IDSs) using an adversarial approach to find the minimum modifications (of the input features) required to correctly classify a given set of misclassified samples.
119
Bringing Intelligence to Software Defined Networks: Mitigating DDoS Attacks
TL;DR: The experimental results show that, compared to state-of-art, WisdomSDN can effectively detect/mitigate DNS amplification attack quickly with high detection rate, less false positive rate, and low overhead making it a promising solution to mitigate DNS amplified attack in a SDN environment.
67
When Federated Learning Meets Game Theory: A Cooperative Framework to Secure IIoT Applications on Edge Computing
TL;DR: In this article , the authors designed a novel MEC-based framework to secure IIoT applications leveraging federated learning (FL), called FedGame, which enables multiple MEC domains to collaborate securely to deal with an industrial IoT attack, while preserving the privacy of IoT devices.
50