A Real-Time Threat Intelligence System for Comprehensive Cyber Attack Detection and Mitigation Using Explainable AI

¹ Dept of CSE, Sathyabama Institute of Science and Technology, Chennai, India
² Dept of CSE, Sathyabama Institute of Science and Technology, Chennai, India
³ Dept of CSE, Sathyabama Institute of Science and Technology, Chennai, India

This email address is being protected from spambots. You need JavaScript enabled to view it.
This email address is being protected from spambots. You need JavaScript enabled to view it.
This email address is being protected from spambots. You need JavaScript enabled to view it.

Abstract

This study proposes a comprehensive and agile method for detecting and preventing cyber threats through a collection of AI-XAI Techniques. Furthermore, this research presents a set of ML models employed by an organization to monitor Cyber attacks: DDoS, Malware, Phishing, Brute Force, Anomaly. The implementation of XAI Methods (SHAP & LIME) allows users to see the rationale behind each ML-based cyber detection model generated in real-time which not only improves the credibility of the model itself but also provides end-users with easier ways to interpret model outputs. Additionally, Adversarial Robustness Testing is incorporated to assess the effectiveness of these defence mechanisms against attackers attempting to manipulate AI models for nefarious purposes. Combining signature and anomaly detection enables organizations to improve accuracy, coverage, and efficiency in terms of monitoring systems, as they will be automatically generating alerts without delay. The proposed framework provides a unique solution to existing challenges for real-time monitoring systems, including the provision of robust real-time threat intelligence analysis capabilities and the ability to scale with an organization’s cyber threat environment.