Creating an Explainable Intrusion Detection System Using Self Organizing Maps
Modern Artificial Intelligence (AI) enabled Intrusion Detection Systems (IDS) are complex black boxes. This means that a security analyst will have little to no explanation or clarification on why an IDS model made a particular prediction. A potential solution to this problem is to research and deve...
Saved in:
| Published in | 2022 IEEE Symposium Series on Computational Intelligence (SSCI) pp. 404 - 412 |
|---|---|
| Main Authors | , , , , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
04.12.2022
|
| Subjects | |
| Online Access | Get full text |
| DOI | 10.1109/SSCI51031.2022.10022255 |
Cover
| Abstract | Modern Artificial Intelligence (AI) enabled Intrusion Detection Systems (IDS) are complex black boxes. This means that a security analyst will have little to no explanation or clarification on why an IDS model made a particular prediction. A potential solution to this problem is to research and develop Explainable Intrusion Detection Systems (X-IDS) based on current capabilities in Explainable Artificial Intelligence (XAI). In this paper, we create a novel X-IDS architecture featuring a Self Organizing Map (SOM) that is capable of producing explanatory visualizations. We leverage SOM's explainability to create both global and local explanations. An analyst can use global explanations to get a general idea of how a particular IDS model computes predictions. Local explanations are generated for individual datapoints to explain why a certain prediction value was computed. Furthermore, our SOM based X-IDS was evaluated on both explanation generation and traditional accuracy tests using the NSL-KDD and the CIC-IDS-2017 datasets. This focus on explainability along with building an accurate IDS sets us apart from other studies. |
|---|---|
| AbstractList | Modern Artificial Intelligence (AI) enabled Intrusion Detection Systems (IDS) are complex black boxes. This means that a security analyst will have little to no explanation or clarification on why an IDS model made a particular prediction. A potential solution to this problem is to research and develop Explainable Intrusion Detection Systems (X-IDS) based on current capabilities in Explainable Artificial Intelligence (XAI). In this paper, we create a novel X-IDS architecture featuring a Self Organizing Map (SOM) that is capable of producing explanatory visualizations. We leverage SOM's explainability to create both global and local explanations. An analyst can use global explanations to get a general idea of how a particular IDS model computes predictions. Local explanations are generated for individual datapoints to explain why a certain prediction value was computed. Furthermore, our SOM based X-IDS was evaluated on both explanation generation and traditional accuracy tests using the NSL-KDD and the CIC-IDS-2017 datasets. This focus on explainability along with building an accurate IDS sets us apart from other studies. |
| Author | Ables, Jesse Rahimi, Shahram Anderson, William Banicescu, Ioana Mittal, Sudip Seale, Maria Kirby, Thomas |
| Author_xml | – sequence: 1 givenname: Jesse surname: Ables fullname: Ables, Jesse email: jha92@msstate.edu organization: Mississippi State University,Department of Computer Science & Engineering,Mississippi,USA – sequence: 2 givenname: Thomas surname: Kirby fullname: Kirby, Thomas email: tmk169@msstate.edu organization: Mississippi State University,Department of Computer Science & Engineering,Mississippi,USA – sequence: 3 givenname: William surname: Anderson fullname: Anderson, William email: wha41@msstate.edu organization: Mississippi State University,Department of Computer Science & Engineering,Mississippi,USA – sequence: 4 givenname: Sudip surname: Mittal fullname: Mittal, Sudip email: mittal@cse.msstate.edu organization: Mississippi State University,Department of Computer Science & Engineering,Mississippi,USA – sequence: 5 givenname: Shahram surname: Rahimi fullname: Rahimi, Shahram email: rahimi@cse.msstate.edu organization: Mississippi State University,Department of Computer Science & Engineering,Mississippi,USA – sequence: 6 givenname: Ioana surname: Banicescu fullname: Banicescu, Ioana email: ioana@cse.msstate.edu organization: Mississippi State University,Department of Computer Science & Engineering,Mississippi,USA – sequence: 7 givenname: Maria surname: Seale fullname: Seale, Maria email: maria.a.seale@erdc.dren.mil organization: U.S Army Engineer Research and Development Center,Vicksburg,Mississippi,USA |
| BookMark | eNo1j99KwzAUxiPohc69gWBeoDUnadrmUurUwsYu6q7HaXoyAl1W2gjOp3dFvfn-wI8Pvjt2HU6BGHsEkQII89Q0Va1BKEilkDIFcVGp9RVbmqKEPNdZWeSluWWbaiSMPhw4Br76Gnr0AdueeB3i-Dn5U-AvFMnGOTXnKdKR76aZb6h3fDseMPjvuW9wmO7ZjcN-ouWfL9judfVRvSfr7VtdPa8TL0UWE6VEZstMuqxQJFsLLVnUKKQDZctSW2O7ojMtdAoMKSTRASlnC7gQOTq1YA-_u56I9sPojzie9_8v1Q_wlU1M |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/SSCI51031.2022.10022255 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Xplore IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Xplore url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781665487689 1665487682 |
| EndPage | 412 |
| ExternalDocumentID | 10022255 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: U.S. Department of Defense grantid: W912HZ-21-C0058 funderid: 10.13039/100000005 |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i204t-3304c842f473e2bc1beca5a02f13c885c9cd7d9b1d319e3ae0d1e3fc712f16af3 |
| IEDL.DBID | RIE |
| IngestDate | Thu Jan 18 11:14:52 EST 2024 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i204t-3304c842f473e2bc1beca5a02f13c885c9cd7d9b1d319e3ae0d1e3fc712f16af3 |
| PageCount | 9 |
| ParticipantIDs | ieee_primary_10022255 |
| PublicationCentury | 2000 |
| PublicationDate | 2022-Dec.-4 |
| PublicationDateYYYYMMDD | 2022-12-04 |
| PublicationDate_xml | – month: 12 year: 2022 text: 2022-Dec.-4 day: 04 |
| PublicationDecade | 2020 |
| PublicationTitle | 2022 IEEE Symposium Series on Computational Intelligence (SSCI) |
| PublicationTitleAbbrev | SSCI |
| PublicationYear | 2022 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 1.8732147 |
| Snippet | Modern Artificial Intelligence (AI) enabled Intrusion Detection Systems (IDS) are complex black boxes. This means that a security analyst will have little to... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 404 |
| SubjectTerms | Analytical models Computational modeling Computer architecture Intrusion detection Predictive models Self-organizing feature maps Visualization |
| Title | Creating an Explainable Intrusion Detection System Using Self Organizing Maps |
| URI | https://ieeexplore.ieee.org/document/10022255 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjZ3NS8MwGMaD28mTihO_ycFruyRN2_RcHZuwIczBbiMfb0SUbGB32V9vknaKguCtLYG2edu-edPn9wShOyOU4haqJLdW-gLF16yy1DYBTRQXFeElCbzzdFaMF_xxmS87WD2yMAAQxWeQhs34L9-s9TZMlQ1pRDfzvId6_jlrYa1Os0VJNZzP60kwiAtlH2PpvvWPdVNi2hgdodn-hK1a5C3dNirVu19ejP--omM0-Cb08NNX7jlBB-BO0bSOI0D3gqXDQVzXkVF44gJa4SOA76GJ2iuHW6tyHCUDeA7vFndYZtifys3HAC1GD8_1OOmWS0heGeFNEmYmtODM8jIDpjT14ZG5JMzSTAuR60qb0lSKGv_aQSaBGAqZ1SX1LQppszPUd2sH5wgX3PihQ0Egq4LZjBBccuO_BQXVzDDgF2gQ-mK1aR0xVvtuuPzj-BU6DCGJMhB-jfr-puHGJ_NG3cYgfgJYEKBE |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjZ3PS8MwFMeDzoOeVJz42xy8tkvSpD_OU9l0HcI22G3kx4uI0g3sLv71JmmnKAje2hJoeY_25aXfzzcI3ZhcKW6hiIS10jUormeVmbYRaKJ4XhCeEc87l-N0MOMPczFvYfXAwgBAEJ9B7A_Dv3yz1Gu_VNajAd0UYhvtuMLPRYNrtaotSoreZNIfeos43_gxFm_G_9g5JRSO-3003tyy0Yu8xutaxfrjlxvjv5_pAHW_GT389FV9DtEWVEeo7Ic5YPWMZYW9vK5lo_Cw8nCFywG-hTqoryrcmJXjIBrAE3izuAUz_XkpV-9dNLu_m_YHUbthQvTCCK8jvzahc84szxJgSlOXICkkYZYmOs-FLrTJTKGocS8eJBKIoZBYnVE3IpU2OUadalnBCcIpN27ykBJICm83k-dccuO-BinVzDDgp6jrY7FYNZ4Yi00Yzv64fo12B9NytBgNx4_naM-nJ4hC-AXquADApSvttboKCf0E7gCjkQ |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2022+IEEE+Symposium+Series+on+Computational+Intelligence+%28SSCI%29&rft.atitle=Creating+an+Explainable+Intrusion+Detection+System+Using+Self+Organizing+Maps&rft.au=Ables%2C+Jesse&rft.au=Kirby%2C+Thomas&rft.au=Anderson%2C+William&rft.au=Mittal%2C+Sudip&rft.date=2022-12-04&rft.pub=IEEE&rft.spage=404&rft.epage=412&rft_id=info:doi/10.1109%2FSSCI51031.2022.10022255&rft.externalDocID=10022255 |