Network Intrusion Detection with XAI

Deep learning architectures for network intrusion detection with explainable AI analysis.

View on GitHub Ongoing Research

Research Overview

This ongoing research project implements novel deep learning architectures for network intrusion detection with explainable AI (XAI) analysis. The project focuses on improving classification accuracy while maintaining model interpretability for cybersecurity applications.

Key Innovation: Intelligent Attack Grouping

Attack Type Categorization

Improved classification by grouping 21 attack types into 8 logical categories:

  • Benign: Normal traffic
  • DoS/DDoS: Denial of service attacks
  • Scanning/Recon: Network scanning & reconnaissance
  • Web Attacks: XSS, SQL injection
  • Authentication: Password attacks, brute force
  • Malware: Bot, backdoor, ransomware, worms
  • Exploitation: Exploits, infiltration, fuzzers
  • Other: MITM, generic attacks

Technical Pipeline

graph LR
    A[Raw Network Data] --> B[Preprocessing & Grouping]
    B --> C[Feature Engineering]
    C --> D[Deep Learning Models]
    D --> E[XAI Analysis]
    E --> F[Interpretable Results]

Pipeline Components

Data Processing
  • Enhanced feature engineering
  • Attack type grouping
  • Preprocessing validation
Model Training
  • Deep learning architectures
  • Improved training strategies
  • Performance optimization
Feature Analysis
  • Feature importance ranking
  • Selection strategies
  • Correlation analysis
XAI Analysis
  • Model interpretability
  • Decision explanations
  • Feature attribution

Dataset

Using NF-UQ-NIDS-v2 dataset:

  • 76 million samples
  • 44 network features
  • 21 attack types
  • Real-world network traffic

Tools & Technologies

Python PyTorch scikit-learn SHAP LIME Pandas NumPy

Current Status

Ongoing Research: Currently implementing advanced XAI techniques to improve model interpretability while maintaining high detection accuracy.

Project Structure

├── 02_preprocessing_grouped.py  # Data preprocessing with attack grouping
├── 02_preprocessing_enhanced.py # Enhanced data preprocessing
├── 03_train_improved.py         # Model training
├── 04_xai_analysis.py           # XAI analysis
├── 05_analyze_features.py       # Feature analysis
├── test_enhanced.py             # Preprocessing validation
├── run.sh                       # Complete pipeline script
└── requirements.txt             # Python dependencies
View Source Code