Explainable AI supported hybrid deep learnig method for layer 2 intrusion detection

Explainable AI supported hybrid deep learnig method for layer 2 intrusion detection

With rapidly developing technology, digitalization environments are also expanding. Although this situation has many positive effects on daily life, the security vulnerabilities brought about by digitalization continue to be a major concern. There is a large network structure behind many application...

Full description

Saved in:
Bibliographic Details
Main Author: Ilhan Firat Kilincer
Format: Article
Language:English
Published: Elsevier 2025-06-01
Series:Egyptian Informatics Journal
Subjects:
IDS
Deep Learning
Explainable AI
Online Access:http://www.sciencedirect.com/science/article/pii/S1110866525000623
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With rapidly developing technology, digitalization environments are also expanding. Although this situation has many positive effects on daily life, the security vulnerabilities brought about by digitalization continue to be a major concern. There is a large network structure behind many applications provided to users by organizations. A substantial network infrastructure exists behind numerous applications made available to users by organisations. It is imperative that these extensive network infrastructures, which often contain sensitive data including personal, commercial, financial and security information, possess the capability to impede cyberattacks. This study proposes the creation of a Comprehensive Layer 2 − IDS (CL2-IDS) dataset for the development of IDS systems utilised in the local network structures of organisations, in conjunction with a hybrid deep learning (DL) model for the detection of attack vectors in the proposed dataset. The proposed hybrid model is obtained by using CNN (Convolutional Neural Networks) and Bi-LSTM (Bidirectional Long Short-Term Memory) models, which are widely used in areas such as image analysis and time series data. The proposed hybrid DL model achieved an accuracy of 95.28% in the classification of the CL2-IDS dataset. It is observed that the combination of these two deep learning models, which complement each other in various ways, yields successful results in the classification of the proposed CL2-IDS dataset. In the last part of the study, the effect of the features in the CL2-IDS dataset on the classification is interpreted with SHapley Additive exPlanations (SHAP), an Explainable Artificial Intelligence (XAI) method. The study, CL2-IDS dataset and hybrid DL model, combinations of CNN and Bi-LSTM algorithms, facilitates the intrusion detection and exemplifies how DL models and XAI techniques can be used to support IDS systems.
ISSN:1110-8665

Similar Items