{"id":"https://openalex.org/W4408834576","doi":"https://doi.org/10.32604/cmc.2025.062801","title":"A New Cybersecurity Approach Enhanced by xAI-Derived Rules to Improve Network Intrusion Detection and SIEM","display_name":"A New Cybersecurity Approach Enhanced by xAI-Derived Rules to Improve Network Intrusion Detection and SIEM","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4408834576","doi":"https://doi.org/10.32604/cmc.2025.062801"},"language":"en","primary_location":{"id":"doi:10.32604/cmc.2025.062801","is_oa":true,"landing_page_url":"https://doi.org/10.32604/cmc.2025.062801","pdf_url":"https://cdn.techscience.press/files/cmc/2025/TSP_CMC-83-2/TSP_CMC_62801/TSP_CMC_62801.pdf","source":{"id":"https://openalex.org/S4210191605","display_name":"Computers, materials & continua/Computers, materials & continua (Print)","issn_l":"1546-2218","issn":["1546-2218","1546-2226"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers, Materials &amp; Continua","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://cdn.techscience.press/files/cmc/2025/TSP_CMC-83-2/TSP_CMC_62801/TSP_CMC_62801.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5008002054","display_name":"Federica Uccello","orcid":"https://orcid.org/0000-0001-9243-7047"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Federica Uccello","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088536972","display_name":"Marek Pawlicki","orcid":"https://orcid.org/0000-0001-5881-6406"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Marek Pawlicki","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053058934","display_name":"Salvatore D\u2019Antonio","orcid":"https://orcid.org/0000-0001-9327-0138"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Salvatore D'Antonio","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5042632349","display_name":"Rafa\u0142 Kozik","orcid":"https://orcid.org/0000-0001-7122-3306"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Rafa\u0142 Kozik","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5009283476","display_name":"Micha\u0142 Chora\u015b","orcid":"https://orcid.org/0000-0003-1405-9911"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Micha\u0142 Chora\u015b","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5008002054"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.739,"has_fulltext":true,"cited_by_count":2,"citation_normalized_percentile":{"value":0.89570339,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":"83","issue":"2","first_page":"1607","last_page":"1621"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9939000010490417,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9939000010490417,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6839027404785156},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5905470252037048},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.563435435295105},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5265605449676514},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.44725751876831055},{"id":"https://openalex.org/keywords/geology","display_name":"Geology","score":0.04579845070838928}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6839027404785156},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5905470252037048},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.563435435295105},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5265605449676514},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.44725751876831055},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.04579845070838928},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.32604/cmc.2025.062801","is_oa":true,"landing_page_url":"https://doi.org/10.32604/cmc.2025.062801","pdf_url":"https://cdn.techscience.press/files/cmc/2025/TSP_CMC-83-2/TSP_CMC_62801/TSP_CMC_62801.pdf","source":{"id":"https://openalex.org/S4210191605","display_name":"Computers, materials & continua/Computers, materials & continua (Print)","issn_l":"1546-2218","issn":["1546-2218","1546-2226"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers, Materials &amp; Continua","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.32604/cmc.2025.062801","is_oa":true,"landing_page_url":"https://doi.org/10.32604/cmc.2025.062801","pdf_url":"https://cdn.techscience.press/files/cmc/2025/TSP_CMC-83-2/TSP_CMC_62801/TSP_CMC_62801.pdf","source":{"id":"https://openalex.org/S4210191605","display_name":"Computers, materials & continua/Computers, materials & continua (Print)","issn_l":"1546-2218","issn":["1546-2218","1546-2226"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers, Materials &amp; Continua","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3676721277","display_name":null,"funder_award_id":"101070450","funder_id":"https://openalex.org/F4320334322","funder_display_name":"HORIZON EUROPE Framework Programme"},{"id":"https://openalex.org/G8119029354","display_name":null,"funder_award_id":"101070450","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320334322","display_name":"HORIZON EUROPE Framework Programme","ror":null}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4408834576.pdf","grobid_xml":"https://content.openalex.org/works/W4408834576.grobid-xml"},"referenced_works_count":11,"referenced_works":["https://openalex.org/W2148143831","https://openalex.org/W2911964244","https://openalex.org/W2949647805","https://openalex.org/W3036196701","https://openalex.org/W3121453273","https://openalex.org/W3176609646","https://openalex.org/W3179245071","https://openalex.org/W4297538900","https://openalex.org/W4317207036","https://openalex.org/W4319080686","https://openalex.org/W4375787811"],"related_works":["https://openalex.org/W2133389611","https://openalex.org/W2376886931","https://openalex.org/W2061466315","https://openalex.org/W2010561419","https://openalex.org/W2374845301","https://openalex.org/W2351448539","https://openalex.org/W1977863481","https://openalex.org/W2384741105","https://openalex.org/W1495178644","https://openalex.org/W2185594426"],"abstract_inverted_index":{"The":[0,78,105],"growing":[1],"sophistication":[2],"of":[3,10,71,74,166],"cyberthreats,":[4],"among":[5],"others":[6],"the":[7,59,69,154],"Distributed":[8,72],"Denial":[9,73],"Service":[11,75],"attacks,":[12],"has":[13],"exposed":[14],"limitations":[15],"in":[16,173],"traditional":[17,82,150],"rule-based":[18],"Security":[19,122],"Information":[20,123],"and":[21,42,92,114,124,138],"Event":[22,125],"Management":[23,126],"systems.":[24],"While":[25],"machine":[26],"learning\u2013based":[27],"intrusion":[28],"detection":[29,70,165],"systems":[30],"can":[31],"capture":[32],"complex":[33],"network":[34],"behaviours,":[35],"their":[36],"\u201cblack-box\u201d":[37],"nature":[38],"often":[39],"limits":[40],"trust":[41],"actionable":[43],"insight":[44],"for":[45],"security":[46],"operators.":[47],"This":[48],"study":[49],"introduces":[50],"a":[51,101],"novel":[52],"approach":[53],"that":[54,145],"integrates":[55],"Explainable":[56],"Artificial":[57],"Intelligence\u2014xAI\u2014with":[58],"Random":[60],"Forest":[61],"classifier":[62],"to":[63,96],"derive":[64],"human-interpretable":[65],"rules,":[66],"thereby":[67],"enhancing":[68],"(DDoS)":[76],"attacks.":[77],"proposed":[79],"framework":[80],"combines":[81],"static":[83,151],"rule":[84,158],"formulation":[85],"with":[86,129,162],"advanced":[87],"xAI":[88],"techniques\u2014SHapley":[89],"Additive":[90],"exPlanations":[91],"Scoped":[93],"Rules":[94],"-":[95],"extract":[97],"decision":[98],"criteria":[99],"from":[100],"fully":[102],"trained":[103],"model.":[104],"methodology":[106],"was":[107],"validated":[108],"on":[109],"two":[110],"benchmark":[111],"datasets,":[112],"CICIDS2017":[113],"WUSTL-IIOT-2021.":[115],"Extracted":[116],"rules":[117,128,147],"were":[118],"evaluated":[119],"against":[120],"conventional":[121],"Systems":[127],"metrics":[130],"such":[131],"as":[132],"precision,":[133],"recall,":[134],"accuracy,":[135,137],"balanced":[136],"Matthews":[139],"Correlation":[140],"Coefficient.":[141],"Experimental":[142],"results":[143],"demonstrate":[144],"xAI-derived":[146],"consistently":[148],"outperform":[149],"rules.":[152],"Notably,":[153],"most":[155],"refined":[156],"xAI-generated":[157],"achieved":[159],"near-perfect":[160],"performance":[161],"significantly":[163],"improved":[164],"DDoS":[167],"traffic":[168,176],"while":[169],"maintaining":[170],"high":[171],"accuracy":[172],"classifying":[174],"benign":[175],"across":[177],"both":[178],"datasets.":[179]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}