Explainable Risk Aware Hybrid Intrusion Detection System Using Machine Learning and Deep Learning
DOI:
https://doi.org/10.32628/IJSRST2613317Keywords:
Intrusion Detection System, Hybrid Machine Learning, Deep Learning, LSTM, Explainable AI, SHAP, Risk-Aware Security, Network Security, Cybersecurity, Anomaly DetectionAbstract
The rapid growth of cyber threats has exposed the limitations of traditional intrusion detection systems, particularly their inability to detect complex attacks and provide interpretable results. This paper proposes an explainable and risk-aware hybrid intrusion detection system that integrates machine learning and deep learning techniques to enhance detection performance and transparency. The proposed framework combines Random Forest and Logistic Regression with a Long Short-Term Memory (LSTM) network to capture both statistical and sequential patterns in network traffic. Experiments conducted on benchmark datasets such as CIC-IDS2017 and NSL-KDD demonstrate that the hybrid model outperforms individual models in terms of accuracy, precision, recall, and F1-score, achieving detection accuracy of up to 94–97% while reducing false alarm rates. Furthermore, a risk scoring mechanism is introduced to classify detected intrusions into multiple severity levels, enabling prioritized threat response. To improve interpretability, SHAP-based explainable AI techniques are employed to provide both global and instance-level insights into model predictions. The results indicate that the proposed system enhances both performance and trust, making it suitable for practical cybersecurity applications.
Downloads
References
K. Arya, S. Siddhant, and L. Upadhyay, “An Explainable Hybrid Deep Learning Framework for Network Intrusion Detection Using Feature-Guided CNN Models,” IEEE Access, vol. 13, 2025.
M. Bakro, R. R. Kumar, A. Alabrah, Z. Ashraf, M. N. Ahmed, M. Shameem, and A. Abdelsalam, “An Improved Design for a Cloud Intrusion Detection System Using Hybrid Feature Selection Approach With ML Classifier,” IEEE Access, vol. 11, pp. 64228–64229, 2023.
H. Hakami, M. Faheem, and M. B. Ahmad, “Machine Learning Techniques for Enhanced Intrusion Detection in IoT Security,” IEEE Access, vol. 13, 2025.
Z. Azam, M. M. Islam, and M. N. Huda, “Comparative Analysis of Intrusion Detection Systems and Machine Learning-Based Model Analysis Through Decision Tree,” IEEE Access, vol. 11, pp. 80348–80353, 2023.
A. L. Buczak and E. Guven, “A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection,” IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153–1176, 2016.
H. J. Liao, C. H. R. Lin, Y. C. Lin, and K. Y. Tung, “Intrusion Detection System: A Comprehensive Review,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 16–24, 2013.
D. E. Denning, “An Intrusion-Detection Model,” IEEE Transactions on Software Engineering, vol. SE-13, no. 2, pp. 222–232, 1987.
L. Breiman, “Random Forests,” Machine Learning, vol. 45, no. 1, pp. 5–32, 2001.
C. Cortes and V. Vapnik, “Support-Vector Networks,” Machine Learning, vol. 20, no. 3, pp. 273–297, 1995.
M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A Detailed Analysis of the KDD CUP 99 Dataset,” in Proc. IEEE Symp. Computational Intelligence for Security and Defense Applications, 2009.
C. Yin, Y. Zhu, J. Fei, and X. He, “A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks,” IEEE Access, vol. 5, pp. 21954–21961, 2017.
S. Hochreiter and J. Schmidhuber, “Long Short-Term Memory,” Neural Computation, vol. 9, no. 8, pp. 1735–1780, 1997.
I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization,” in Proc. ICISSP, 2018.
W. L. Al-Yaseen, Z. A. Othman, and M. Z. Nazri, “Multi-Level Hybrid Support Vector Machine and Extreme Learning Machine Based on Modified K-Means for Intrusion Detection System,” Expert Systems with Applications, vol. 67, pp. 296–303, 2017.
Y. Zhang, X. Wang, and L. Zhu, “Hybrid Intrusion Detection System Using Deep Neural Networks,” Future Generation Computer Systems, vol. 93, pp. 686–694, 2019.
S. M. Lundberg and S. I. Lee, “A Unified Approach to Interpreting Model Predictions,” in Advances in Neural Information Processing Systems (NeurIPS), 2017.
M. T. Ribeiro, S. Singh, and C. Guestrin, “Why Should I Trust You? Explaining the Predictions of Any Classifier,” in Proc. ACM SIGKDD, 2016.
R. Sommer and V. Paxson, “Outside the Closed World: On Using Machine Learning for Network Intrusion Detection,” in Proc. IEEE Symposium on Security and Privacy, 2010.
A. Sahi, D. Lai, Y. Li, and M. Diykh, “An Efficient Deep Learning Approach for Cybersecurity Intrusion Detection,” Applied Sciences, vol. 10, no. 19, 2020.
J. Kim, J. Kim, H. L. T. Thu, and H. Kim, “Long Short-Term Memory Recurrent Neural Network Classifier for Intrusion Detection,” in Proc. International Conference on Platform Technology and Service, 2016.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 International Journal of Scientific Research in Science and Technology
This work is licensed under a Creative Commons Attribution 4.0 International License.
https://creativecommons.org/licenses/by/4.0
