Separating Prediction and Explanation: An Approach Based on Explainable Artificial Intelligence for Analyzing Network Intrusion
Guardado en:
| Publicado en: | Journal of Network and Systems Management vol. 33, no. 1 (Jan 2025), p. 16 |
|---|---|
| Publicado: |
Springer Nature B.V.
|
| Materias: | |
| Acceso en línea: | Citation/Abstract Full Text - PDF |
| Etiquetas: |
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3145281587 | ||
| 003 | UK-CbPIL | ||
| 022 | |a 1064-7570 | ||
| 022 | |a 1573-7705 | ||
| 024 | 7 | |a 10.1007/s10922-024-09891-z |2 doi | |
| 035 | |a 3145281587 | ||
| 045 | 2 | |b d20250101 |b d20250131 | |
| 084 | |a 53477 |2 nlm | ||
| 245 | 1 | |a Separating Prediction and Explanation: An Approach Based on Explainable Artificial Intelligence for Analyzing Network Intrusion | |
| 260 | |b Springer Nature B.V. |c Jan 2025 | ||
| 513 | |a Journal Article | ||
| 520 | 3 | |a Intrusion detection maintains the normal activity of the network system by identifying abnormal connections, while intrusion analysis further identifies specific types of abnormality. The current intrusion detection systems (IDSs) have connected intrusion detection, intrusion analysis, and intrusion processing in series so that the system can address network intrusion behaviors of attackers promptly. Most IDSs are constructed with complex models to achieve high-precision intrusion detection and intrusion analysis tasks. The generation of Explainable Artificial Intelligence (XAI) helps to aid in understanding the decision logic of the prediction of IDS for unknown data. It also helps to establish a plausible criterion for further categorized predictions of the type of abnormal data. With this in mind, this paper proposes an XAI-based approach for analyzing network intrusion by the contribution of features of data to prediction results. The Shapley values are used to represent these contributions and are derived from SHapley Additive exPlanations (SHAP). Specific classification criterion is extracted from these contributions for analyzing unknown types of abnormal data. We conducted experiments on seven publicly available intrusion detection datasets. The experimental results have shown that the approach can realize the effective analysis of abnormal data while ensuring high-accuracy detection of network intrusion data. At the same time, when compared to autoencoder and decision tree (DT) which both have prediction and explanation, the proposed approach can get a better overall performance in intrusion detection and intrusion analysis tasks. | |
| 653 | |a Data analysis | ||
| 653 | |a Artificial intelligence | ||
| 653 | |a Network analysis | ||
| 653 | |a Explainable artificial intelligence | ||
| 653 | |a Task complexity | ||
| 653 | |a Decision trees | ||
| 653 | |a Intrusion detection systems | ||
| 653 | |a Criteria | ||
| 653 | |a Analysis | ||
| 653 | |a Experiments | ||
| 653 | |a Decision making | ||
| 653 | |a Classification | ||
| 653 | |a Data | ||
| 653 | |a Predictions | ||
| 653 | |a Intrusion | ||
| 653 | |a Task performance | ||
| 653 | |a Networks | ||
| 773 | 0 | |t Journal of Network and Systems Management |g vol. 33, no. 1 (Jan 2025), p. 16 | |
| 786 | 0 | |d ProQuest |t ABI/INFORM Global | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3145281587/abstract/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3145281587/fulltextPDF/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |