<p>The increasing complexity of network traffic has heightened the demand for intrusion detection systems (IDS) that deliver high accuracy, interpretability, and efficiency in diverse computing environments, including edge devices. Traditional deep learning-based IDS models perform well but often suffer from feature redundancy, poor generalization, and limited adaptability to resource-constrained platforms. To address these challenges, we propose HED-ID: an edge-deployable and explainable IDS framework. The system utilizes a Stacked Bidirectional Gated Recurrent Unit (S-BiGRU)—a recurrent neural network variant that captures bidirectional temporal dependencies—with an attention mechanism to focus on critical patterns in traffic flows. Grey Wolf Optimization (GWO), a metaheuristic algorithm inspired by wolf hunting behavior, is employed for joint feature selection and hyperparameter tuning to improve efficiency. Finally, SHapley Additive exPlanations (SHAP), a game-theoretic approach for model interpretability, quantifies feature contributions, linking predictions to observable network attributes. Evaluations on the CICIDS-2017, UNSW-NB15, and ToN-IoT datasets show consistent detection performance in both cloud-like and edge-like settings, with inference latency of 18–22 ms and memory usage of 92–115 MB. These results highlight HED-ID’s balanced trade-off between accuracy, interpretability, and resource efficiency, making it suitable for real-world network security applications.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

HED-ID: an edge-deployable and explainable intrusion detection system optimized via metaheuristic learning

  • Kushboo Nasir,
  • Sahar K. Badri,
  • Daniyal M. Alghazzawi,
  • Mohammed Yahya Alghamdi,
  • Mona Alkhozae,
  • Abeer Almakky,
  • Rania M. Alhazmi,
  • Muhammad Zubair Asghar

摘要

The increasing complexity of network traffic has heightened the demand for intrusion detection systems (IDS) that deliver high accuracy, interpretability, and efficiency in diverse computing environments, including edge devices. Traditional deep learning-based IDS models perform well but often suffer from feature redundancy, poor generalization, and limited adaptability to resource-constrained platforms. To address these challenges, we propose HED-ID: an edge-deployable and explainable IDS framework. The system utilizes a Stacked Bidirectional Gated Recurrent Unit (S-BiGRU)—a recurrent neural network variant that captures bidirectional temporal dependencies—with an attention mechanism to focus on critical patterns in traffic flows. Grey Wolf Optimization (GWO), a metaheuristic algorithm inspired by wolf hunting behavior, is employed for joint feature selection and hyperparameter tuning to improve efficiency. Finally, SHapley Additive exPlanations (SHAP), a game-theoretic approach for model interpretability, quantifies feature contributions, linking predictions to observable network attributes. Evaluations on the CICIDS-2017, UNSW-NB15, and ToN-IoT datasets show consistent detection performance in both cloud-like and edge-like settings, with inference latency of 18–22 ms and memory usage of 92–115 MB. These results highlight HED-ID’s balanced trade-off between accuracy, interpretability, and resource efficiency, making it suitable for real-world network security applications.