Uyen Do, Laura Lahesoo, R. Carnier, Kensuke Fukuda
{"title":"Evaluation of XAI Algorithms in IoT Traffic Anomaly Detection","authors":"Uyen Do, Laura Lahesoo, R. Carnier, Kensuke Fukuda","doi":"10.1109/ICAIIC60209.2024.10463357","DOIUrl":null,"url":null,"abstract":"Anomaly detection in network traffic, both in general computer networks and specifically in Internet of Things (IoT) networks, plays a crucial role in ensuring computer network security. Over the years, numerous machine learning and deep learning-based anomaly detection tools have been proposed, exhibiting high accuracy in identifying anomalous behavior. However, a significant challenge arises with most machine learning and deep learning algorithms, as they are often considered black-box models that lack interpretability. Consequently, explaining the reasons behind certain network behaviors being labeled as anomalous becomes a difficult task. To overcome this issue, we evaluate the combination of anomaly detectors and eXplainable Artificial Intelligence (XAI) algorithms in IoT traffic anomaly detection. Our research results demonstrate that XAI algorithms can consistently identify the most impactful network features of security anomalies. More specifically, (1) SHAP algorithm is the most robust and reliable in the four tested XAI algorithms for four types of supervised/unsupervised anomaly detection models, independent of two datasets including different anomalies. (2) Image-based XAI algorithms are not suitable for explainability of network anomaly detection.","PeriodicalId":518256,"journal":{"name":"2024 International Conference on Artificial Intelligence in Information and Communication (ICAIIC)","volume":"72 ","pages":"669-674"},"PeriodicalIF":0.0000,"publicationDate":"2024-02-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2024 International Conference on Artificial Intelligence in Information and Communication (ICAIIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICAIIC60209.2024.10463357","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Anomaly detection in network traffic, both in general computer networks and specifically in Internet of Things (IoT) networks, plays a crucial role in ensuring computer network security. Over the years, numerous machine learning and deep learning-based anomaly detection tools have been proposed, exhibiting high accuracy in identifying anomalous behavior. However, a significant challenge arises with most machine learning and deep learning algorithms, as they are often considered black-box models that lack interpretability. Consequently, explaining the reasons behind certain network behaviors being labeled as anomalous becomes a difficult task. To overcome this issue, we evaluate the combination of anomaly detectors and eXplainable Artificial Intelligence (XAI) algorithms in IoT traffic anomaly detection. Our research results demonstrate that XAI algorithms can consistently identify the most impactful network features of security anomalies. More specifically, (1) SHAP algorithm is the most robust and reliable in the four tested XAI algorithms for four types of supervised/unsupervised anomaly detection models, independent of two datasets including different anomalies. (2) Image-based XAI algorithms are not suitable for explainability of network anomaly detection.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
