Abstract

Artificial Intelligence (AI) and Deep Learning (DL) have elevated Intrusion Detection Systems (IDS) by improving detection accuracy and adaptability to novel attacks. However, the "black-box" nature of many high-performing models reduces operational trust, complicates incident triage, and hinders automated response orchestration. Explainable AI (XAI) offers interpretability methods (e.g., SHAP, LIME, attention mechanisms) that can bridge the gap between high detection performance and human-centered decision making. This article proposes an integrated XAI-driven IDS and Threat Response Automation (XAI-IDR) architecture that couples a hybrid detection engine (feature-aware DL + tree-based learner) with model-agnostic explanation modules and a policy-driven response orchestrator. The proposal is to discuss design considerations, evaluation methodology, how XAI aids SOC analysts and automated playbooks, security and adversarial concerns for XAI pipelines, and an experimental plan using benchmark IDS dataset.

References

• Patil, S., Varadarajan, V., Mazhar, S. M., Sahibzada, A., Ahmed, N., Sinha, O., Kumar, S., Shaw, K., & Kotecha, K. (2022). Explainable Artificial Intelligence for Intrusion Detection System. Electronics, 11(19), 3079. https://doi.org/10.3390/electronics11193079
• Arreche, O., Guntur, T., & Abdallah, M. (2024). XAI IDS: Toward Proposing an Explainable Artificial Intelligence Framework for Enhancing Network Intrusion Detection Systems. Applied Sciences, 14(10), 4170. https://doi.org/10.3390/app14104170
• Abdualaziz Almolhis, N. (2025). Intrusion Detection Using Hybrid Random Forest and Attention Models and Explainable AI Visualization. Journal of Internet Services and Information Security, 15(1), 371–384. https://doi.org/10.58346/JISIS.2025.I1.024
• Mallampati, S. B., & Bhavani, S. (2024). Enhancing Intrusion Detection with Explainable AI: A Transparent Approach to Network Security. Cybernetics and Information Technologies, 24(1), 98–117. https://doi.org/10.2478/cait-2024-0006
• Ahamed Maricar, S. B., Anoop, A., Samuel, B. E., Appukuttan, A., & Alsinjlawi, K. H. (2024). An Improved Explainable Artificial Intelligence for Intrusion Detection System. International Journal of Intelligent Systems and Applications in Engineering, 12(14s), 108–115.
• Khan, N., Ahmad, K., Al Tamimi, A., Alani, M. M., Bermak, A., & Khalil, I. (2025). Explainable AI Based Intrusion Detection Systems for Industry 5.0 and Adversarial XAI: A Systematic Review. Information, 16(12), 1036. https://doi.org/10.3390/info16121036
• Neupane, S., Ables, J., Anderson, W., Mittal, S., Rahimi, S., Banicescu, I., & Seale, M. (2022). Explainable Intrusion Detection Systems (X-IDS): A Survey of Current Methods, Challenges, and Opportunities. IEEE Access. arXiv preprint.
• Mohale, V. Z., & Obagbuwa, I. C. (2025). A systematic review on the integration of explainable artificial intelligence in intrusion detection systems. Frontiers in Artificial Intelligence.
• Ables, J., Childers, N., Anderson, W., Mittal, S., Rahimi, S., Banicescu, I., & Seale, M. (2024). Eclectic Rule Extraction for Explainability of Deep Neural Network based Intrusion Detection Systems. arXiv preprint. https://arxiv.org/abs/2401.10207
• Alquliti, M., Karafili, E., & Kang, B. (2025). Evaluating Explanation Quality in X IDS Using Feature Alignment Metrics. arXiv preprint. https://arxiv.org/abs/2505.08006
• Nguyen, M. D., & Lee, S. (2023). A deep learning anomaly detection framework with application to malicious traffic detection. ACM Transactions on Internet Technology.
• Hozouri, A., et al. (2025). A comprehensive survey on IDS: AI and explainability perspectives. Springer.
• Muhammad, A. E. (2025). L-XAIDS: A LIME-based explainable AI framework for intrusion detection. Future Generation Computer Systems.
• IoT-based intrusion detection system using explainable multi-class deep learning approaches. Computers & Electrical Engineering, 123, 110256. (2025)
• Explainable AI-based intrusion detection in IoT systems. Internet of Things, 31, 101589. (2025)
• An Intrusion Detection System over the IoT Data Streams Using eXplainable Artificial Intelligence (XAI). Sensors, 25(3), 847. (2025)
• Federated Learning of Explainable AI (FedXAI) for deep learning-based intrusion detection in IoT networks. Computer Networks, 270, Elsevier. (2025)
• Explainable AI-Based Intrusion Detection System for Industry 5.0: An Overview of the Literature. arXiv preprint (2024).
• Explainable AI for zero-day attack detection in IoT networks using attention fusion model. Discover Internet of Things. (2025)
• A comprehensive survey on intrusion detection systems with advances in machine learning, deep learning and emerging cybersecurity challenges. Discover Artificial Intelligence, 5, Article 314. (2025)
• IoT Network Intrusion Detection and Classification using Explainable (XAI) Machine Learning Algorithms. Journal of Electrical Systems, 20(10s). (2024)
• IoT/IIoT intrusion detection via explainable AI — vulnerabilities and mitigation (survey). (2025)
• EXPLAINABLE AI METHODS FOR ENHANCING AI-BASED NETWORK INTRUSION DETECTION SYSTEMS. Thesis by O. G. Arreche. (2024)
• Explainable AI and Random Forest based reliable intrusion detection system. Computers & Security, 157, 104542. (2025).
• Explainable AI, will further enhance efficiency, scalability, and self-healing capabilities, making IoT networks more secure and autonomous. International Journal on Science and Technology (IJSAT), 2025.