Abstract
Machine learning has become a key component of the effective detection of network intrusions. Yet, it comes with the lack of transparency - an issue which can be mitigated with the employment of explainable AI techniques. In this paper, the crucial role of explainability in intrusion detection is discussed, along with its benefits and drawbacks, followed by presenting and comparing the results of four main explainability techniques applied to an intrusion detection system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abadi, M., et al.: Tensorflow: a system for large-scale machine learning. In: 12th \(\{\)USENIX\(\}\) Symposium on Operating Systems Design and Implementation (\(\{\)OSDI\(\}\) 2016), pp. 265–283 (2016)
Capuano, N., Fenza, G., Loia, V., Stanzione, C.: Explainable artificial intelligence in cybersecurity: a survey. IEEE Access 10, 93575–93600 (2022). https://doi.org/10.1109/ACCESS.2022.3204171
Doshi-Velez, F., Kim, B.: Towards a rigorous science of interpretable machine learning (2017). http://arxiv.org/abs/1702.08608
Gunning, D., Stefik, M., Choi, J., Miller, T., Stumpf, S., Yang, G.Z.: XAI-Explainable artificial intelligence. Sci. Rob. 4(37) (2019). https://doi.org/10.1126/scirobotics.aay7120
Gurumoorthy, K.S., Dhurandhar, A., Cecchi, G., Aggarwal, C.: Efficient data representation by selecting prototypes with importance weights. In: 2019 IEEE International Conference on Data Mining (ICDM), pp. 260–269. IEEE (2019)
Li, L., Jamieson, K., DeSalvo, G., Rostamizadeh, A., Talwalkar, A.: Hyperband: a novel bandit-based approach to hyperparameter optimization. J. Mach. Learn. Res. 18(1), 6765–6816 (2017)
Lundberg, S.M., Lee, S.I.: A unified approach to interpreting model predictions. In: Guyon, I., et al. (eds.) Advances in Neural Information Processing Systems, vol. 30. Curran Associates, Inc. (2017). https://proceedings.neurips.cc/paper_files/paper/2017/file/8a20a8621978632d76c43dfd28b67767-Paper.pdf
Molnar, C.: Interpretable Machine Learning (Second Edition) A Guide for Making Black Box Models Explainable. Leanpub (2022). https://leanpub.com/interpretable-machine-learning
Mothilal, R.K., Sharma, A., Tan, C.: Explaining machine learning classifiers through diverse counterfactual explanations. In: Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency, pp. 607–617 (2020)
Nwakanma, C.I., et al.: Explainable Artificial Intelligence (XAI) for intrusion detection and mitigation in intelligent connected vehicles: a review. Appl. Sci. 13(3), 1252 (2023). https://doi.org/10.3390/app13031252
Pawlicki, M., Kozik, R., Choraś, M.: A survey on neural networks for (cyber-) security and (cyber-) security of neural networks. Neurocomputing 500, 1075–1087 (2022). https://doi.org/10.1016/j.neucom.2022.06.002
Ribeiro, M., Singh, S., Guestrin, C.: Why should i trust you?: explaining the predictions of any classifier. In: 2016 Conference of the North American Chapter of the Association for Computational Linguistics: Demonstrations, San Diego (2016)
Sarhan, M., Layeghy, S., Moustafa, N., Portmann, M.: NetFlow datasets for machine learning-based network intrusion detection systems. In: Deze, Z., Huang, H., Hou, R., Rho, S., Chilamkurti, N. (eds.) BDTA/WiCON -2020. LNICST, vol. 371, pp. 117–135. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-72802-1_9
Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108–116 (2018)
Sharma, D.K., Mishra, J., Singh, A., Govil, R., Srivastava, G., Lin, J.C.W.: Explainable artificial intelligence for cybersecurity. Comput. Electr. Eng. 103, 108356 (2022). https://doi.org/10.1016/j.compeleceng.2022.108356
Yan, F., Wen, S., Nepal, S., Paris, C., Xiang, Y.: Explainable machine learning in cybersecurity: a survey. Int. J. Intell. Syst. 37(12), 12305–12334 (2022). https://doi.org/10.1002/int.23088
Acknowledgement
This research is funded under the Horizon 2020 Ai4Cyber Project, which has received funding from the European Union’s Horizon Europe research and innovation programme under grant agreement No. 101070450
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Pawlicki, M., Pawlicka, A., Śrutek, M., Kozik, R., Choraś, M. (2023). Interpreting Intrusions - The Role of Explainability in AI-Based Intrusion Detection Systems. In: Burduk, R., Choraś, M., Kozik, R., Ksieniewicz, P., Marciniak, T., Trajdos, P. (eds) Progress on Pattern Classification, Image Processing and Communications. CORES IP&C 2023 2023. Lecture Notes in Networks and Systems, vol 766. Springer, Cham. https://doi.org/10.1007/978-3-031-41630-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-031-41630-9_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-41629-3
Online ISBN: 978-3-031-41630-9
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)