Explainable deep neural network-based analysis on intrusion-detection systems

• Autorzy: Pande Sagar Dhanraj , Khamparia Aditya

Identyfikatory

DOI

10.7494/csci.2023.24.1.4551

• Języki publikacji: EN

Abstrakty

EN

The research on intrusion-detection systems (IDSs) has been increasing in recent years. Particularly, this research widely utilizes machine-learning concepts, and it has proven that these concepts are effective with IDSs – particularly, deep neural network-based models have enhanced the rates of the detection of IDSs. In the same instance, these models are turning out to be very complex, and users are unable to track down explanations for the decisions that are made; this indicates the necessity of identifying the explanations behind those decisions to ensure the interpretability of the framed model. In this aspect, this article deals with a proposed model that can explain the obtained predictions. The proposed framework is a combination of a conventional IDS with the aid of a deep neural network and the interpretability of the model predictions. The proposed model utilizes Shapley additive explanations (SHAPs) that mixes the local explainability as well as the global explainability for the enhancement of interpretations in the case of IDS. The proposed model was implemented by using popular data sets (NSL-KDD and UNSW-NB15), and the performance of the framework was evaluated by using their accuracy. The framework achieved accuracy levels of 99.99 and 99.96%, respectively. The proposed framework can identify the top-4 features using local explainability and the top-20 features using global explainability.

Słowa kluczowe

EN

IDS; deep neural network; explainable AI; NSL-KDD; local explainability; global explainability

• Wydawca: Wydawnictwa AGH
• Czasopismo: Computer Science
• Rocznik: 2023
• Tom: T. 24 (1)
• Strony: 97--111
• Opis fizyczny: Bibliogr. 28 poz., rys., tab.

Twórcy

autor

Pande Sagar Dhanraj

• VIT-AP University, School of Computer Science and Engineering (SCOPE), Amaravati, AP, India

autor

Khamparia Aditya

• Bhimrao Ambedkar University, Department of Computer Science, Babasaheb Satellite Center, Amethi, Tikarmafi, UP, India

Bibliografia

• [1] Amarasinghe K., Kenney K., Manic M.: Toward explainable deep neural network based anomaly detection. In: 2018 11th International Conference on Human System Interaction (HSI), pp. 311–317, IEEE, 2018.
• [2] Arrieta A.B., Díaz-Rodríguez N., Del Ser J., Bennetot A., Tabik S., Barbado A., García S., et al.: Explainable Artificial Intelligence (XAI): Concepts, taxonomies, opportunities and challenges toward responsible AI, Information Fusion, vol. 58, pp. 82–115, 2020.
• [3] Bessière C. (ed.): IJCAI’20: Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence, 2020.
• [4] Dhanabal L., Shantharajah S.: A study on NSL-KDD dataset for intrusion detection system based on classification algorithms, International Journal of Advanced Research in Computer and Communication Engineering, vol. 4(6), pp. 446–452, 2015.
• [5] Ding Y., Zhai Y.: Intrusion detection system for NSL-KDD dataset using convolutional neural networks. In: CSAI’18: Proceedings of the 2018 2nd International Conference on Computer Science and Artificial Intelligence, pp. 81–85, 2018.
• [6] Fernandez A., Herrera F., Cordon O., del Jesus M.J., Marcelloni F.: Evolutionary fuzzy systems for explainable artificial intelligence: Why, when, what for, and where to?, IEEE Computational Intelligence Magazine, vol. 14(1), pp. 69–81, 2019.
• [7] Gurung S., Ghose M.K., Subedi A.: Deep learning approach on network intrusion detection system using NSL-KDD dataset, International Journal of Computer Network and Information Security, vol. 11(3), pp. 8–14, 2019.
• [8] Hajimirzaei B., Navimipour N.J.: Intrusion detection for cloud computing using neural networks and artificial bee colony optimization algorithm, ICT Express, vol. 5(1), pp. 56–59, 2019.
• [9] Holzinger A.: From machine learning to explainable AI. In: 2018 World Symposium on Digital Intelligence for Systems and Machines (DISA), pp. 55–66, IEEE, 2018.
• [10] Kwon D., Natarajan K., Suh S.C., Kim H., Kim J.: An empirical study on network anomaly detection using convolutional neural networks. In: 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS), pp. 1595–1598, IEEE, 2018.
• [11] Lundberg S.M., Erion G., Chen H., DeGrave A., Prutkin J.M., Nair B., Katz R., Himmelfarb J., Bansal N., Lee S.I.: From local explanations to global understanding with explainable AI for trees, Nature Machine Intelligence, vol. 2(1), pp. 56–67, 2020.
• [12] Lundberg S.M., Lee S.I.: A unified approach to interpreting model predictions. In: NIPS’17: Proceedings of the 31st International Conference on Neural Information Processing Systems, pp. 4768–4777, 2017.
• [13] Luo Y., Cao X., Chen J., Gu J., Yu H., Sun J., Zou J.: Platelet-derived growth factor-functionalized scaffolds for the recruitment of synovial mesenchymal stem cells for osteochondral repair, Stem Cells International, vol. 2022, 2022.
• [14] Pande S., Gadicha A.B.: Prevention mechanism on DDOS attacks by using multilevel filtering of distributed firewalls, International Journal on Recent and Innovation Trends in Computing and Communication, vol. 3(3), pp. 1005–1008, 2015.
• [15] Pande S., Kamparia A., Gupta D.: Recommendations for DDOS attack-based intrusion detection system through data analysis. In: Proceedings of Second Doctoral Symposium on Computational Intelligence: DoSCI 2021, pp. 899–909, Springer, 2022.
• [16] Pande S., Kamparia A., Gupta D.: Recommendations for DDOS Threats Using Tableau. In: Proceedings of Data Analytics and Management: ICDAM 2021, Volume 2, pp. 73–84, Springer, 2022.
• [17] Pande S., Khamparia A., Gupta D., Thanh D.N.H.: DDOS detection using machine learning technique. In: Recent Studies on Computational Intelligence: Doctoral Symposium on Computational Intelligence (DoSCI 2020), pp. 59–68, Springer, 2021.
• [18] Pande S.D., Khamparia A.: A review on detection of DDOS attack using machine learning and deep learning techniques, Think India Journal, vol. 22(16), pp. 2035–2043, 2019.
• [19] Protić D.D.: Review of KDD Cup ‘99, NSL-KDD and Kyoto 2006+ datasets, Vojnotehnički glasnik/Military Technical Courier, vol. 66(3), pp. 580–596, 2018.
• [20] Revathi S., Malathi A.: A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection, International Journal of Engineering Research & Technology (IJERT), vol. 2(12), pp. 1848–1853, 2013.
• [21] Ribeiro M.T., Singh S., Guestrin C.: “Why should i trust you?”. Explaining the predictions of any classifier. In: KDD’16: Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1135–1144, 2016.
• [22] Shapley L.S.: A Value for n-Person Games. In: H.W. Kuhn, A.W. Tucker (eds.), Contributions to the Theory of Games (AM-28), Volume II, pp. 307–318, Princeton University Press, Princeton, 1953. doi: 10.1515/9781400881970-018.
• [23] Shone N., Ngoc T.N., Phai V.D., Shi Q.: A deep learning approach to network intrusion detection, IEEE Transactions on Emerging Topics in Computational Intelligence, vol. 2(1), pp. 41–50, 2018.
• [24] Tavallaee M., Bagheri E., Lu W., Ghorbani A.A.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6, IEEE, 2009.
• [25] Thomas R., Pavithran D.: A survey of intrusion detection models based on NSL-KDD data set, 2018 Fifth HCT Information Technology Trends (ITT), pp. 286–291, 2018.
• [26] Wang D., Yang Q., Abdul A., Lim B.Y.: Designing theory-driven user-centric explainable AI. In: CHI’19: Proceedings of the 2019 CHI Conference on Human Factors in Computing System, pp. 1–15, 2019.
• [27] Wang M., Zheng K., Yang Y., Wang X.: An explainable machine learning framework for intrusion detection systems, IEEE Access, vol. 8, pp. 73127–73141, 2020.
• [28] Yadav N., Pande S., Khamparia A., Gupta D.: Intrusion detection system on IoT with 5G network using deep learning, Wireless Communications and Mobile Computing, vol. 2022, pp. 1–13, 2022.

Uwagi

PL

Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).