Towards Explainable Meta-Learning for DDoS Detection
This work addresses the need for trust and transparency in AI models for intrusion detection, particularly for cybersecurity applications, but appears incremental as it builds on existing artificial immune system concepts.
The paper tackled the problem of interpretability in AI-driven intrusion detection by proposing a rigorous interpretable approach based on an artificial immune system, with experiments conducted on real-life traffic.
The Internet is the most complex machine humankind has ever built, and how to defense it from intrusions is even more complex. With the ever increasing of new intrusions, intrusion detection task rely on Artificial Intelligence more and more. Interpretability and transparency of the machine learning model is the foundation of trust in AI-driven intrusion detection results. Current interpretation Artificial Intelligence technologies in intrusion detection are heuristic, which is neither accurate nor sufficient. This paper proposed a rigorous interpretable Artificial Intelligence driven intrusion detection approach, based on artificial immune system. Details of rigorous interpretation calculation process for a decision tree model is presented. Prime implicant explanation for benign traffic flow are given in detail as rule for negative selection of the cyber immune system. Experiments are carried out in real-life traffic.