Evaluating The Explainability of State-of-the-Art Deep Learning-based Network Intrusion Detection Systems

• URL: http://arxiv.org/abs/2408.14040v3
• Date: Thu, 20 Feb 2025 04:54:28 GMT
• Title: Evaluating The Explainability of State-of-the-Art Deep Learning-based Network Intrusion Detection Systems
• Authors: Ayush Kumar, Vrizlynn L. L. Thing,
• Abstract summary: We analyze state-of-the-art DL-based NIDS models using explainable AI (xAI) techniques. We compare the explanations generated across xAI methods for a given NIDS model as well as the explanations generated across the NIDS models for a given xAI method. We evaluate the vulnerability of each NIDS model to inductive bias (artifacts learnt from training data)
• Score: 4.12716042472541
• License:
• Abstract: Network Intrusion Detection Systems (NIDSs) which use deep learning (DL) models achieve high detection performance and accuracy while avoiding dependence on fixed signatures extracted from attack artifacts. However, there is a noticeable hesitance among network security experts and practitioners when it comes to deploying DL-based NIDSs in real-world production environments due to their black-box nature, i.e., how and why the underlying models make their decisions. In this work, we analyze state-of-the-art DL-based NIDS models using explainable AI (xAI) techniques (e.g., TRUSTEE, SHAP) through extensive experiments with two different attack datasets. Using the explanations generated for the models' decisions, the most prominent features used by each NIDS model considered are presented. We compare the explanations generated across xAI methods for a given NIDS model as well as the explanations generated across the NIDS models for a given xAI method. Finally, we evaluate the vulnerability of each NIDS model to inductive bias (artifacts learnt from training data). The results show that: (1) some DL-based NIDS models can be better explained than other models, (2) xAI explanations are in conflict for most of the NIDS models considered in this work and (3) some NIDS models are more vulnerable to inductive bias than other models.

Related papers

• Robustness of Explainable Artificial Intelligence in Industrial Process Modelling [43.388607981317016]
  We evaluate current XAI methods by scoring them based on ground truth simulations and sensitivity analysis. We show the differences between XAI methods in their ability to correctly predict the true sensitivity of the modeled industrial process.
  arXiv  Detail & Related papers  (2024-07-12T09:46:26Z)
• Explaining Explainability: Towards Deeper Actionable Insights into Deep Learning through Second-order Explainability [70.60433013657693]
  Second-order explainable AI (SOXAI) was recently proposed to extend explainable AI (XAI) from the instance level to the dataset level. We demonstrate for the first time, via example classification and segmentation cases, that eliminating irrelevant concepts from the training set based on actionable insights from SOXAI can enhance a model's performance.
  arXiv  Detail & Related papers  (2023-06-14T23:24:01Z)
• Robustness and Generalization Performance of Deep Learning Models on Cyber-Physical Systems: A Comparative Study [71.84852429039881]
  Investigation focuses on the models' ability to handle a range of perturbations, such as sensor faults and noise. We test the generalization and transfer learning capabilities of these models by exposing them to out-of-distribution (OOD) samples.
  arXiv  Detail & Related papers  (2023-06-13T12:43:59Z)
• Unleashing Mask: Explore the Intrinsic Out-of-Distribution Detection Capability [70.72426887518517]
  Out-of-distribution (OOD) detection is an indispensable aspect of secure AI when deploying machine learning models in real-world applications. We propose a novel method, Unleashing Mask, which aims to restore the OOD discriminative capabilities of the well-trained model with ID data. Our method utilizes a mask to figure out the memorized atypical samples, and then finetune the model or prune it with the introduced mask to forget them.
  arXiv  Detail & Related papers  (2023-06-06T14:23:34Z)
• AUTOLYCUS: Exploiting Explainable AI (XAI) for Model Extraction Attacks against Interpretable Models [1.8752655643513647]
  XAI tools can increase the vulnerability of model extraction attacks, which is a concern when model owners prefer black-box access. We propose a novel retraining (learning) based model extraction attack framework against interpretable models under black-box settings. We show that AUTOLYCUS is highly effective, requiring significantly fewer queries compared to state-of-the-art attacks.
  arXiv  Detail & Related papers  (2023-02-04T13:23:39Z)
• An Empirical Study of Deep Learning Models for Vulnerability Detection [4.243592852049963]
  We surveyed and reproduced 9 state-of-the-art deep learning models on 2 widely used vulnerability detection datasets. We investigated model capabilities, training data, and model interpretation. Our findings can help better understand model results, provide guidance on preparing training data, and improve the robustness of the models.
  arXiv  Detail & Related papers  (2022-12-15T19:49:34Z)
• On the Robustness of Explanations of Deep Neural Network Models: A Survey [14.940679892694089]
  We present a comprehensive survey of methods that study, understand, attack, and defend explanations of Deep Neural Network (DNN) models. We also present a detailed review of different metrics used to evaluate explanation methods, as well as describe attributional attack and defense methods.
  arXiv  Detail & Related papers  (2022-11-09T10:14:21Z)
• Data-Free Adversarial Knowledge Distillation for Graph Neural Networks [62.71646916191515]
  We propose the first end-to-end framework for data-free adversarial knowledge distillation on graph structured data (DFAD-GNN) To be specific, our DFAD-GNN employs a generative adversarial network, which mainly consists of three components: a pre-trained teacher model and a student model are regarded as two discriminators, and a generator is utilized for deriving training graphs to distill knowledge from the teacher model into the student model. Our DFAD-GNN significantly surpasses state-of-the-art data-free baselines in the graph classification task.
  arXiv  Detail & Related papers  (2022-05-08T08:19:40Z)
• Explain, Edit, and Understand: Rethinking User Study Design for Evaluating Model Explanations [97.91630330328815]
  We conduct a crowdsourcing study, where participants interact with deception detection models that have been trained to distinguish between genuine and fake hotel reviews. We observe that for a linear bag-of-words model, participants with access to the feature coefficients during training are able to cause a larger reduction in model confidence in the testing phase when compared to the no-explanation control.
  arXiv  Detail & Related papers  (2021-12-17T18:29:56Z)
• Provably Robust Model-Centric Explanations for Critical Decision-Making [14.367217955827002]
  We show that data-centric methods may yield brittle explanations of limited practical utility. The model-centric framework, however, can offer actionable insights into risks of using AI models in practice.
  arXiv  Detail & Related papers  (2021-10-26T18:05:49Z)
• Beyond Trivial Counterfactual Explanations with Diverse Valuable Explanations [64.85696493596821]
  In computer vision applications, generative counterfactual methods indicate how to perturb a model's input to change its prediction. We propose a counterfactual method that learns a perturbation in a disentangled latent space that is constrained using a diversity-enforcing loss. Our model improves the success rate of producing high-quality valuable explanations when compared to previous state-of-the-art methods.
  arXiv  Detail & Related papers  (2021-03-18T12:57:34Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.