首页|HEN:a novel hybrid explainable neural network based framework for robust network intrusion detection

HEN:a novel hybrid explainable neural network based framework for robust network intrusion detection

扫码查看
原文链接
  • NETL
  • NSTL
  • 万方数据
With the rapid development of network technology and the automation process for 5G,cyber-attacks have become increasingly complex and threatening.In response to these threats,researchers have developed various network intrusion detection systems(NIDS)to monitor network traffic.However,the incessant emergence of new attack techniques and the lack of system interpretability pose challenges to im-proving the detection performance of NIDS.To address these issues,this paper proposes a hybrid explainable neural network-based framework that improves both the interpretability of our model and the performance in detecting new attacks through the innovative application of the explainable artificial intelligence(XAI)method.We effectively introduce the Shapley additive explanations(SHAP)method to explain a light gra-dient boosting machine(LightGBM)model.Additionally,we propose an autoencoder long-term short-term memory(AE-LSTM)network to reconstruct SHAP values previously generated.Furthermore,we define a threshold based on reconstruction errors observed during the training phase.Any network flow that sur-passes the specified threshold is classified as an attack flow.This approach enhances the framework's ability to accurately identify attacks.We achieve an accuracy of 92.65%,a recall of 95.26%,a precision of 92.57%,and an F1-score of 93.90%on the dataset NSL-KDD.Experimental results demonstrate that our approach generates detection performance on par with state-of-the-art methods.

explainable artificial intelligencelight gradient boosting machinemachine learningnetwork intrusion detectionShapley additive explanationhybrid explainable neural network(HEN)

Wei WEI、Sijin CHEN、Cen CHEN、Heshi WANG、Jing LIU、Zhongyao CHENG、Xiaofeng ZOU

展开 >

School of Computer Science and Engineering,Xi'an University of Technology,Shaanxi Key Laboratory for Network Computing and Security Technology,Xi'an 710048,China

School of Computer Science and Technology,Wuhan University of Science and Technology,Wuhan 430065,China

School of Future Technology,South China University of Technology,Guangzhou 510641,China

Shenzhen Research Institute of Hunan University,Shenzhen 518052,China

School of Computer Science,Hunan University of Technology and Business,Changsha 410205,China

Institute for Infocomm Research(I2R),Agency for Science,Technology and Reseach(A*STAR),Singapore 138632,Singapore

展开 >

Fundamental Research Funds for the Central UniversitiesNatural Science Foundation of Guangdong Province of China,CCF-Phytium FundCultivation of Shenzhen Excellent Technological and Innovative TalentsBasic Research of Shenzhen Science and Technology Plan

x2wjD2230230RCBS20200714114943014JCYJ20210324123802006

2024

10.1007/s11432-023-4067-x

中国科学:信息科学(英文版)
中国科学院

中国科学:信息科学(英文版)

CSTPCDEI
影响因子:0.715
ISSN:1674-733X
年,卷(期):2024.67(7)