Search papers, labs, and topics across Lattice.
This paper introduces an integrated Explainable AI (XAI) framework for cybersecurity threat detection that addresses challenges related to large datasets, data leakage, and model transparency. They employ a Strategic Sampling Methodology to handle massive datasets while preserving class distributions, and an Automated Data Leakage Prevention technique to ensure experimental rigor. The framework integrates SHAP analysis for model-agnostic interpretability, demonstrating that detection efficacy can be maintained while reducing computational overhead and providing actionable explanations.
Achieve explainable, efficient, and trustworthy cybersecurity threat detection by strategically sampling data, preventing data leakage, and integrating SHAP-based XAI.
The critical need for transparent and trustworthy machine learning in cybersecurity operations drives the development of this integrated Explainable AI (XAI) framework. Our methodology addresses three fundamental challenges in deploying AI for threat detection: handling massive datasets through Strategic Sampling Methodology that preserves class distributions while enabling efficient model development; ensuring experimental rigor via Automated Data Leakage Prevention that systematically identifies and removes contaminated features; and providing operational transparency through Integrated XAI Implementation using SHAP analysis for model-agnostic interpretability across algorithms. Applied to the CIC-IDS2017 dataset, our approach maintains detection efficacy while reducing computational overhead and delivering actionable explanations for security analysts. The framework demonstrates that explainability, computational efficiency, and experimental integrity can be simultaneously achieved, providing a robust foundation for deploying trustworthy AI systems in security operations centers where decision transparency is paramount.
