The Interest of Hybridizing Explainable AI with RNN to Resolve DDOS Attacks: A Comprehensive Practical Study

Volume 16, Number 2

The Interest of Hybridizing Explainable AI with RNN to Resolve DDOS Attacks: A Comprehensive Practical Study

Authors

Ahmad Mater Aljohani and Ibrahim Elgendi, University of Canberra, Australia

Abstract

In this paper, we suggest a new method to address attack detection problems in IoT networks, by using a specific emphasis on the user’s and network’s requirements regarding the application provider and giving a defence against intruders and malicious users. The paper focuses on resolving the problem of detection of attacks in IoT networks using Recurrent Neural Networks and an explainable artificial intelligence technique (XAI) named SHAP. XAI refers to a collection of methods and procedures for explaining how AI models make decisions. Although XAI is useful for understanding the motivations underlying AI models, the information utilized in these discoveries may be a risk. Machine learning models are vulnerable to attacks such as model inversion, model extraction, and membership inference. Such attacks could concentrate on the learning model or on the data used to train and build the model, depending on the involved circumstances and parties. Hence, when the owner of an AI model wishes to grant only black-box access and does not expose the model's parameters and architecture to third parties, solutions like XAI can notably enhance the susceptibility to model extraction attacks. To guarantee the users regarding possible violations, the proposed RNN-SHAP method is based on a decentralized topology relying on a set of cooperative independent parties including the users of IoT network. Another advantage of the suggested approach is the capitalization on the trust relationships that are part of IoT networks in real life to build trusted mechanisms in the network. Compared to other methods using different metrics, the suggested RNN-SHAP shows its efficiency in resolving the DDoS problem.

Keywords

deep learning (DL), Recurrent neural networks (RNN), SHapley Additive explanation (SHAP), Attack detection, explainable artificial intelligence (XAI), Distributed Denial of Service (DDoS)