检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:Federica Uccello Marek Pawlicki Salvatore D'Antonio RafałKozik MichałChoras
机构地区:[1]Centro Direzionale,Department of Engineering,University of Naples‘Parthenope’,Isola C4,Napoli,80133,Italy [2]Department of Computer and Information Science,Software and Systems,Linköping University,Linköping,58183,Sweden [3]ITTI Sp.z o.o.,Pozna´n,61-612,Poland [4]Faculty of Telecommunications,Computer Science and Electrical Engineering,Bydgoszcz University of Science and Technology,Bydgoszcz,85-796,Poland
出 处:《Computers, Materials & Continua》2025年第5期1607-1621,共15页计算机、材料和连续体(英文)
基 金:funded under the Horizon Europe AI4CYBER Project;which has received funding from the European Union’s Horizon Europe Research and Innovation Programme under grant agreement No.101070450.
摘 要:The growing sophistication of cyberthreats,among others the Distributed Denial of Service attacks,has exposed limitations in traditional rule-based Security Information and Event Management systems.While machine learning–based intrusion detection systems can capture complex network behaviours,their“black-box”nature often limits trust and actionable insight for security operators.This study introduces a novel approach that integrates Explainable Artificial Intelligence—xAI—with the Random Forest classifier to derive human-interpretable rules,thereby enhancing the detection of Distributed Denial of Service(DDoS)attacks.The proposed framework combines traditional static rule formulation with advanced xAI techniques—SHapley Additive exPlanations and Scoped Rules-to extract decision criteria from a fully trained model.The methodology was validated on two benchmark datasets,CICIDS2017 and WUSTL-IIOT-2021.Extracted rules were evaluated against conventional Security Information and Event Management Systems rules with metrics such as precision,recall,accuracy,balanced accuracy,and Matthews Correlation Coefficient.Experimental results demonstrate that xAI-derived rules consistently outperform traditional static rules.Notably,the most refined xAI-generated rule achieved near-perfect performance with significantly improved detection of DDoS traffic while maintaining high accuracy in classifying benign traffic across both datasets.
关 键 词:CYBERSECURITY explainable artificial intelligence intrusion detection system rule-based SIEM distributed denial of service
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.49