Chiheb eddine Ben ncir, Mohamed Aymen Ben Haj kacem, Mohammed Alatas
{"title":"基于 Spark 的可解释 PSO 聚类用于入侵检测","authors":"Chiheb eddine Ben ncir, Mohamed Aymen Ben Haj kacem, Mohammed Alatas","doi":"10.7494/csci.2024.25.2.5891","DOIUrl":null,"url":null,"abstract":"Given the exponential growth of available data in large networks, the existence of rapid, transparent and explainable intrusion detection systems has become of high necessity to effectively discover attacks in such huge networks. To deal with this challenge, we propose a novel explainable intrusion detection system based on Spark, Particle Swarm Optimization (PSO) clustering and eXplainable Artificial Intelligence (XAI) techniques. Spark is used as a parallel processing model for the effective processing of large-scale data, PSO is integrated for improving the quality of the intrusion detection system by avoiding sensitive initialization and premature convergence of the clustering algorithm and finally, XAI techniques are used to enhance interpretability and explainability of intrusion recommendations by providing both micro and macro explanations of detected intrusions. Experiments are conducted on several large collections of real datasets to show the effectiveness of the proposed intrusion detection system in terms of explainability, scalability and accuracy. The proposed system has shown high transparency in assisting security experts and decision-makers to understand and interpret attack behavior.","PeriodicalId":503380,"journal":{"name":"Computer Science","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Explainable Spark-based PSO Clustering for Intrusion Detection\",\"authors\":\"Chiheb eddine Ben ncir, Mohamed Aymen Ben Haj kacem, Mohammed Alatas\",\"doi\":\"10.7494/csci.2024.25.2.5891\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Given the exponential growth of available data in large networks, the existence of rapid, transparent and explainable intrusion detection systems has become of high necessity to effectively discover attacks in such huge networks. To deal with this challenge, we propose a novel explainable intrusion detection system based on Spark, Particle Swarm Optimization (PSO) clustering and eXplainable Artificial Intelligence (XAI) techniques. Spark is used as a parallel processing model for the effective processing of large-scale data, PSO is integrated for improving the quality of the intrusion detection system by avoiding sensitive initialization and premature convergence of the clustering algorithm and finally, XAI techniques are used to enhance interpretability and explainability of intrusion recommendations by providing both micro and macro explanations of detected intrusions. Experiments are conducted on several large collections of real datasets to show the effectiveness of the proposed intrusion detection system in terms of explainability, scalability and accuracy. The proposed system has shown high transparency in assisting security experts and decision-makers to understand and interpret attack behavior.\",\"PeriodicalId\":503380,\"journal\":{\"name\":\"Computer Science\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-07-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Science\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.7494/csci.2024.25.2.5891\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.7494/csci.2024.25.2.5891","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Explainable Spark-based PSO Clustering for Intrusion Detection
Given the exponential growth of available data in large networks, the existence of rapid, transparent and explainable intrusion detection systems has become of high necessity to effectively discover attacks in such huge networks. To deal with this challenge, we propose a novel explainable intrusion detection system based on Spark, Particle Swarm Optimization (PSO) clustering and eXplainable Artificial Intelligence (XAI) techniques. Spark is used as a parallel processing model for the effective processing of large-scale data, PSO is integrated for improving the quality of the intrusion detection system by avoiding sensitive initialization and premature convergence of the clustering algorithm and finally, XAI techniques are used to enhance interpretability and explainability of intrusion recommendations by providing both micro and macro explanations of detected intrusions. Experiments are conducted on several large collections of real datasets to show the effectiveness of the proposed intrusion detection system in terms of explainability, scalability and accuracy. The proposed system has shown high transparency in assisting security experts and decision-makers to understand and interpret attack behavior.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
