Authors
Abed Alanazi
Published in
Scientific reports. Jul 16, 2026. Epub Jul 16, 2026.
Abstract
The increasing complexity, scale, and diversity of cyber threats pose significant challenges to modern network security systems, particularly in heterogeneous network environments. Existing intrusion detection methods often rely on dataset-specific models that struggle to maintain consistent performance across different data distributions and typically lack interpretability, limiting their applicability in critical systems. In this paper, we present an explainable deep learning framework evaluated across multiple heterogeneous cyber attack datasets, including Kitsune (IoT traffic), Server-Based network data (enterprise logs), and Malware Traffic datasets. The proposed pipeline employs a consistent preprocessing strategy involving feature normalisation, encoding, and label alignment, followed by a multi-layer perceptron (MLP) classifier with dropout regularisation. Model training incorporates cosine learning-rate scheduling and early stopping, while explainability is achieved via SHAP-based global feature attribution and LIME-based instance-level explanation. Performance is evaluated using accuracy, ROC-AUC, and F1-score metrics. The model achieves 96.0% accuracy on the Kitsune dataset, 99.99% on the Server-Based dataset, and 99.58% on the Malware dataset, with ROC-AUC values approaching 1.00 across most classes. The results demonstrate the effectiveness of the proposed framework in handling heterogeneous network traffic while providing interpretable insights into model predictions.
PMID:
42463720
Bibliographic data and abstract were imported from PubMed on 17 Jul 2026.
Read full publication at:
Please sign in
to see all details.
Advertisement
Stats
- Recommendations n/a n/a positive of 0 vote(s)
- Views 5
- Comments 0