Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Explainable AI-based intrusion detection in IoT systems

Bin Hulayyil, Sarah, Li, Shancang and Saxena, Neetesh ORCID: https://orcid.org/0000-0002-6437-0807 2025. Explainable AI-based intrusion detection in IoT systems. Internet of Things 31 , 101589. 10.1016/j.iot.2025.101589
Item availability restricted.

[thumbnail of IoT_XAI_Accepted.pdf] PDF - Accepted Post-Print Version
Restricted to Repository staff only until 4 April 2026 due to copyright restrictions.
Download (7MB)

Abstract

The Internet of Things (IoT) systems are highly vulnerable to cyber attacks due to limited and/or default security measurements. Machine learning (ML) techniques bring a powerful weapon against the insecurities of IoT systems, such as intelligent intrusion detection systems (IDSs), vulnerability/threats detection, and behavioral analysis. ML-based IDSs offer a significant improvement in IoT security, but they also bring technical challenges, e.g., false positives, evolving attacks, data quality and bias, explainability and transparency, etc. Explainable Artificial Intelligence (XAI) can address these challenges by offering interpretable and comprehensible insights into the ML-based IDS decision-making process. A novel framework for an explainable IDS-based vulnerable IoT devices related to the Ripple20 vulnerability and its associated attacks. The framework integrates ML classifiers and XAI techniques to provide comprehensive and interpretable explanations for the IDS decisions. We evaluated this framework on various datasets, including a dataset collected from the labs and other public datasets, using binary and multi-classification models. The experimental results demonstrate the efficiency and accuracy of the framework in detecting and categorizing IoT vulnerabilities. The framework also offers benefits over conventional IDS systems, such as facilitating comprehension and confidence among security experts, enhancing the precision and efficiency of the detection procedure, and adapting to the dynamic IoT environment.

Item Type: Article
Date Type: Publication
Status: Published
Schools: Schools > Computer Science & Informatics
Publisher: Elsevier
ISSN: 2542-6605
Date of First Compliant Deposit: 17 April 2025
Date of Acceptance: 21 March 2025
Last Modified: 17 Apr 2025 14:30
URI: https://orca.cardiff.ac.uk/id/eprint/177329

Actions (repository staff only)

Edit Item Edit Item
Dimensions
Altmetric
Download Statistics

Downloads

Downloads per month over past year

View more statistics

CORE (COnnecting REpositories)


Maintained by Cardiff University Information Services