Given the exponential growth of available data in large networks, the existenceof rapid, transparent, and explainable intrusion detection systems has becomeof highly necessity to effectively discover attacks in such huge networks. Todeal with this challenge, we propose a novel explainable intrusion detectionsystem based on Spark, Particle Swarm Optimization (PSO) clustering, andeXplainable Artificial Intelligence (XAI) techniques. Spark is used as a parallelprocessing model for the effective processing of large-scale data, PSO is inte-grated to improve the quality of the intrusion detection system by avoiding sen-sitive initialization and premature convergence of the clustering algorithm andfinally, XAI techniques are used to enhance interpretability and explainabilityof intrusion recommendations by providing both micro and macro explanationsof detected intrusions. Experiments are conducted on large collections of realdatasets to show the effectiveness of the proposed intrusion detection systemin terms of explainability, scalability, and accuracy. The proposed system hasshown high transparency in assisting security experts and decision-makers tounderstand and interpret attack behavior.
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.