Explainable AI and Random Forest based reliable intrusion detection system

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-06-09 DOI:10.1016/j.cose.2025.104542

Syed Wali, Yasir Ali Farrukh, Irfan Khan

{"title":"Explainable AI and Random Forest based reliable intrusion detection system","authors":"Syed Wali, Yasir Ali Farrukh, Irfan Khan","doi":"10.1016/j.cose.2025.104542","DOIUrl":null,"url":null,"abstract":"<div><div>Emerging cyber threats — particularly adversarial attacks on machine learning-based Intrusion Detection Systems (IDS) — pose critical risks to network security by exploiting model vulnerabilities and training blind spots. These attacks, often carried out under black-box threat models, involve crafting perturbations that force misclassification without direct access to model parameters, making them especially dangerous in real-world deployments. Traditional IDS models remain ill-equipped to handle such scenarios, relying heavily on adversarial retraining, which is computationally expensive and limited to known attack patterns. To address these challenges, we propose a novel IDS framework that enhances adversarial resilience without retraining by integrating Explainable AI (XAI)-driven credibility assessment with a dual-layered defense pipeline. At its core is a Credibility Assessment Module (CAM) that leverages SHAP (Shapley Additive Explanations) to identify inconsistencies between local and global feature attributions, flagging suspicious predictions for reassessment. The secondary pipeline employs Transformer-based semantic payload inspection alongside behavioral classifiers operating on contextual features, ensuring modal and architectural separation to prevent adversarial transferability. These capabilities enable the system to counter a wide spectrum of threats, ranging from traditional attacks to advanced black-box adversarial techniques such as HopSkipJump and ZOO, which craft minimal perturbations to evade detection. The proposed system is evaluated on two comprehensive and diverse datasets: CSE-CIC IDS 2018, which captures modern attack vectors such as SSH brute force, DoS, and DDoS; and CIC-IoT 23, which focuses on IoT-specific traffic and threats. These datasets were chosen for their realism, broad protocol coverage, and relevance to both conventional and emerging network environments. Our framework outperforms state-of-the-art adversarial defenses and multimodal IDS models, maintaining high accuracy under clean conditions while significantly improving resilience against black-box adversarial attacks. This work introduces a new paradigm in trustworthy IDS design, where explainability and processing diversity form the backbone of proactive, resilient cybersecurity.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"157 ","pages":"Article 104542"},"PeriodicalIF":4.8000,"publicationDate":"2025-06-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825002317","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Emerging cyber threats — particularly adversarial attacks on machine learning-based Intrusion Detection Systems (IDS) — pose critical risks to network security by exploiting model vulnerabilities and training blind spots. These attacks, often carried out under black-box threat models, involve crafting perturbations that force misclassification without direct access to model parameters, making them especially dangerous in real-world deployments. Traditional IDS models remain ill-equipped to handle such scenarios, relying heavily on adversarial retraining, which is computationally expensive and limited to known attack patterns. To address these challenges, we propose a novel IDS framework that enhances adversarial resilience without retraining by integrating Explainable AI (XAI)-driven credibility assessment with a dual-layered defense pipeline. At its core is a Credibility Assessment Module (CAM) that leverages SHAP (Shapley Additive Explanations) to identify inconsistencies between local and global feature attributions, flagging suspicious predictions for reassessment. The secondary pipeline employs Transformer-based semantic payload inspection alongside behavioral classifiers operating on contextual features, ensuring modal and architectural separation to prevent adversarial transferability. These capabilities enable the system to counter a wide spectrum of threats, ranging from traditional attacks to advanced black-box adversarial techniques such as HopSkipJump and ZOO, which craft minimal perturbations to evade detection. The proposed system is evaluated on two comprehensive and diverse datasets: CSE-CIC IDS 2018, which captures modern attack vectors such as SSH brute force, DoS, and DDoS; and CIC-IoT 23, which focuses on IoT-specific traffic and threats. These datasets were chosen for their realism, broad protocol coverage, and relevance to both conventional and emerging network environments. Our framework outperforms state-of-the-art adversarial defenses and multimodal IDS models, maintaining high accuracy under clean conditions while significantly improving resilience against black-box adversarial attacks. This work introduces a new paradigm in trustworthy IDS design, where explainability and processing diversity form the backbone of proactive, resilient cybersecurity.

查看原文本刊更多论文

基于可解释人工智能和随机森林的可靠入侵检测系统

新兴的网络威胁——尤其是针对基于机器学习的入侵检测系统（IDS）的对抗性攻击——通过利用模型漏洞和训练盲点，对网络安全构成严重风险。这些攻击通常在黑盒威胁模型下进行，涉及在没有直接访问模型参数的情况下制造干扰，迫使错误分类，这使得它们在现实世界的部署中特别危险。传统的IDS模型仍然无法处理这种情况，严重依赖于对抗性的再训练，这在计算上是昂贵的，并且仅限于已知的攻击模式。为了应对这些挑战，我们提出了一种新的入侵防御框架，通过将可解释的人工智能（XAI）驱动的可信度评估与双层防御管道相结合，增强对抗弹性，而无需再训练。其核心是一个可信度评估模块（CAM），它利用SHAP （Shapley Additive Explanations）来识别局部和全局特征归因之间的不一致，标记可疑的预测以进行重新评估。二级管道采用基于transformer的语义有效负载检查以及操作上下文特征的行为分类器，确保模式和架构分离，以防止对抗性可转移性。这些能力使系统能够应对各种威胁，从传统攻击到先进的黑箱对抗技术，如HopSkipJump和ZOO，这些技术可以制造最小的扰动来逃避检测。提出的系统在两个全面而多样的数据集上进行了评估：CSE-CIC IDS 2018，它捕获了SSH暴力破解、DoS和DDoS等现代攻击向量；CIC-IoT 23，专注于物联网特定的流量和威胁。选择这些数据集是因为它们具有现实性、广泛的协议覆盖范围以及与传统和新兴网络环境的相关性。我们的框架优于最先进的对抗性防御和多模态IDS模型，在清洁条件下保持高精度，同时显着提高对黑盒对抗性攻击的弹性。这项工作为可信赖的入侵检测系统设计引入了一种新的范例，其中可解释性和处理多样性构成了主动、有弹性的网络安全的支柱。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.