Mallika, S (2026) Benchmarking Explainable AI Architectures for Network Intrusion Detection on CICIDS2017. Proceedings of the 5th International Conference on Sentiment Analysis and Deep Learning (ICSADL-2026). pp. 1299-1303. ISSN 979-8-3315-6883-2
Full text not available from this repository. (Request a copy)Abstract
The increasing sophistication of cyber-attacks has exposed limitations in traditional signature-based Intrusion
Detection Systems (IDS), particularly in detecting unseen
threats while controlling false alarms. This paper presents an explainable AI-based IDS benchmarked on the CICIDS2017
dataset using a unified preprocessing and evaluation
framework. We compare Random Forest, XGBoost, and a lightweight one-dimensional Convolutional Neural Network
(1D-CNN) under the same conditions, with the false-positive
rate being the most important operational metric. The 1D-CNN
has a 96.34% accuracy, a 96.67% recall, and a 3.01% falsepositive rate, which is better than the classical machine learning baselines. To boost analyst trust, feature-importance analysis is used to show flow duration, packet statistics, and protocol anomalies as the main signs of bad behavior. The proposed modular architecture is compatible with SIEM, SOAR, and Zero-Trust frameworks, showing that it can be used in realworld businesses.
| Item Type: | Article |
|---|---|
| Subjects: | Computer Science |
| Divisions: | Physiotherapy > Vinayaka Mission's College of Physiotherapy, Salem > Physiotherapy |
| Depositing User: | Unnamed user with email admin |
| Date Deposited: | 29 Apr 2026 11:19 |
| Last Modified: | 29 Apr 2026 11:19 |
| URI: | https://ir.vmrfdu.edu.in/id/eprint/7589 |
Actions (login required)
- View Item