Multi-Granular Discretization for Interpretable Generalization in Precise Cyberattack Identification
Chung, Wen-Cheng, Huang, Shu-Ting, Pai, Hao-Ting
–arXiv.org Artificial Intelligence
Explainable intrusion detection systems (IDS) are now recognized as essential for mission-critical networks, yet most "XAI" pipelines still bolt an approximate explainer onto an opaque classifier, leaving analysts with partial and sometimes misleading insights. The Interpretable Generalization (IG) mechanism, published in IEEE Transactions on Information Forensics and Security, eliminates that bottleneck by learning coherent patterns - feature combinations unique to benign or malicious traffic - and turning them into fully auditable rules. IG already delivers outstanding precision, recall, and AUC on NSL-KDD, UNSW-NB15, and UKM-IDS20, even when trained on only 10% of the data. To raise precision further without sacrificing transparency, we introduce Multi-Granular Discretization (IG-MD), which represents every continuous feature at several Gaussian-based resolutions. On UKM-IDS20, IG-MD lifts precision by greater than or equal to 4 percentage points across all nine train-test splits while preserving recall approximately equal to 1.0, demonstrating that a single interpretation-ready model can scale across domains without bespoke tuning.
arXiv.org Artificial Intelligence
Jul-22-2025
- Genre:
- Research Report (0.83)
- Industry:
- Information Technology > Security & Privacy (1.00)
- Government > Military
- Cyberwarfare (0.50)
- Technology:
- Information Technology
- Security & Privacy (1.00)
- Data Science > Data Mining (1.00)
- Artificial Intelligence > Machine Learning
- Performance Analysis > Accuracy (0.69)
- Neural Networks > Deep Learning (0.69)
- Information Technology