Cognitive Threat Intelligence and Explainable Federated Security Analytics for distributed Infrastructure Systems
DOI:
https://doi.org/10.64882/ijrt.v13.i1.1384Keywords:
Deep Learning, Distributed Network Security, Privacy-Preserving Security, Cybersecurity Analytics, Distributed Infrastructure Security, Intrusion Detection System, Anomaly Detection, Explainable Artificial Intelligence, Cognitive Threat IntelligenceAbstract
The increasing adoption of distributed infrastructure systems, cloud computing, Internet of Things (IoT) technologies, and edge-based architectures has significantly expanded the cybersecurity attack surface and introduced increasingly sophisticated cyber threats. Conventional centralized intrusion detection approaches often face challenges related to scalability, data privacy, communication overhead, and limited transparency in artificial intelligence-driven decision-making processes. To address these limitations, this study proposes a Cognitive Threat Intelligence and Explainable Federated Security Analytics framework for distributed infrastructure systems.
The proposed framework integrates Federated Learning (FL), Explainable Artificial Intelligence (XAI), and cognitive cybersecurity analytics to enable collaborative and privacy-preserving cyber threat detection across distributed network environments. Instead of transmitting sensitive raw network traffic data to centralized servers, local security models are independently trained at distributed nodes, where only encrypted model parameters and updates are shared through a federated aggregation mechanism. This decentralized learning architecture improves privacy protection while reducing communication dependency and centralized security risks.
To enhance intelligent threat analysis, the framework incorporates machine learning and deep learning algorithms including Random Forest, XGBoost, Autoencoder, and Long Short-Term Memory (LSTM) networks for anomaly detection and cyberattack classification. In addition, Explainable AI techniques such as SHAP and LIME are integrated to generate interpretable insights into anomaly predictions, enabling cybersecurity professionals to better understand the reasoning behind attack identification and risk assessment processes.
The effectiveness of the proposed framework is evaluated using benchmark cybersecurity datasets including NSL-KDD and CIC-IDS2017. Performance assessment is conducted using metrics such as accuracy, precision, recall, F1-score, ROC-AUC, detection latency, and communication efficiency. The expected outcomes of this research include improved intrusion detection capability, enhanced privacy preservation, reduced reliance on centralized infrastructures, and increased trustworthiness of AI-based cybersecurity systems. This study contributes to the development of intelligent, explainable, and resilient cybersecurity architectures designed to secure modern distributed infrastructure environments and critical digital systems.
References
Akbar, R., &Zafer, A. (2024). Next-gen information security: AI-driven solutions for real-time cyber threat detection in cloud and network environments. J. Cybersecur. Res, 12, 123-145.
Akhter, J., Annie Jerusha, Y., Syed Ibrahim, S. P., &Varadharajan, V. (2024, September). EXPLAINABLE AI for Applied Federated Learning in Network Intrusion Detection. In International Conference on Smart Cities (pp. 308-322). Singapore: Springer Nature Singapore.
Almadhor, A., Altalbe, A., Bouazzi, I., Hejaili, A. A., &Kryvinska, N. (2024). Strengthening network DDOS attack detection in heterogeneous IoT environment with federated XAI learning approach. Scientific reports, 14(1), 24322.
Asiri, A., Wang, W., Wu, F., Vo, H., & Yu, S. (2024, November). FedXAI for detecting DDoS on IoT edge networks in federated learning. In 2024 34th International Telecommunication Networks and Applications Conference (ITNAC) (pp. 1-6). IEEE.
Attique, D., Hao, W., Ping, W., Javeed, D., &Adil, M. (2024, June). Ex-dfl: An explainable deep federated-based intrusion detection system for industrial iot. In 2024 21st International Joint Conference on Computer Science and Software Engineering (JCSSE) (pp. 358-364). IEEE.
Bahadoripour, S. (2024). An Explainable Deep Federated Multi-Modal Cyber-Attack Detection in Industrial Control Systems.
Blika, A., Palmos, S., Doukas, G., Lamprou, V., Pelekis, S., Kontoulis, M., ... &Askounis, D. (2024). Federated learning for enhanced cybersecurity and trustworthiness in 5G and 6G networks: A comprehensive survey. IEEE Open Journal of the Communications Society, 6, 3094-3130.
Dipto, S. M., Reza, M. T., Mim, N. T., Ksibi, A., Alsenan, S., Uddin, J., &Samad, M. A. (2024). An analysis of decipherable red blood cell abnormality detection under federated environment leveraging XAI incorporated deep learning. Scientific Reports, 14(1), 25664.
Eren, E., YILDIRIM OKAY, F., &Özdemir, S. (2024). Unveiling anomalies: a survey on XAI-based anomaly detection for IoT. Turkish Journal of Electrical Engineering and Computer Sciences, 32(3), 358-381.
Fatema, K., Anannya, M., Dey, S. K., Su, C., &Mazumder, R. (2024, October). Securing networks: a deep learning approach with explainable ai (xai) and federated learning for intrusion detection. In International Conference on Data Security and Privacy Protection (pp. 260-275). Singapore: Springer Nature Singapore.
Gajula, S. (2023). A Review of Anomaly Identification in Finance Frauds using Machine Learning System. International Journal of Current Engineering and Technology, 13(06).
Gajula, S. (2024). Adaptive zero trust architecture for securing financial microservices. Computer Fraud & Security, 643-655.
Gummadi, A. N., Napier, J. C., & Abdallah, M. (2024). XAI-IoT: an explainable AI framework for enhancing anomaly detection in IoT systems. IEEE Access, 12, 71024-71054.
Kalakoti, R., Bahsi, H., &Nõmm, S. (2024, September). Explainable federated learning for botnet detection in iot networks. In 2024 IEEE International Conference on Cyber Security and Resilience (CSR) (pp. 01-08). IEEE.
Marry, P., Mounika, Y., Nanditha, S., Shiva, R., &Saikishore, R. (2024, July). Federated Learning-Driven Decentralized Intelligence for Explainable Anomaly Detection in Industrial Operations. In 2024 2nd International Conference on Sustainable Computing and Smart Systems (ICSCSS) (pp. 874-880). IEEE.
Nwachukwu, C., Durodola-Tunde, K., &Akwiwu-Uzoma, C. (2024). AI-driven anomaly detection in cloud computing environments. International Journal of Science and Research Archive, 13(2), 692-710.
Oki, A., Ogawa, Y., Ota, K., & Dong, M. (2024). Evaluation of applying federated learning to distributed intrusion detection systems through explainable ai. IEEE Networking Letters, 6(3), 198-202.
Pai, H. T., Kang, Y. H., & Chung, W. C. (2024). An interpretable generalization mechanism for accurately detecting anomaly and identifying networking intrusion techniques. IEEE Transactions on Information Forensics and Security, 19, 10302-10313.
Rahman, M. M., Soumik, M. S., Farids, M. S., Abdullah, C. A., Sutrudhar, B., Ali, M., & HOSSAIN, M. S. (2024). Explainable anomaly detection in encrypted network traffic using data analytics. Journal of Computer Science and Technology Studies, 6(1), 272-281.
Rahman, M. W., & Hossain, M. S. (2024). An Explainable AI Framework for Insider Threat Detection Using Behavioral Business Analytics. An Explainable AI Framework for Insider Threat Detection Using Behavioral Business Analytics, 1(8), 70-97.
Sahu, A., El-Ebiary, Y. A. B., Saravanan, K. A., Thilagam, K., Devi, G. R., Gopi, A., &Taloba, A. I. (2024). Federated LSTM Model for Enhanced Anomaly Detection in Cyber Security: A Novel Approach for Distributed Threat. International Journal of Advanced Computer Science & Applications, 15(6).
Sarker, M. A. A., Shanmugam, B., Azam, S., &Thennadil, S. (2024). Enhancing smart grid load forecasting: An attention-based deep learning model integrated with federated learning and XAI for security and interpretability. Intelligent Systems with Applications, 23, 200422.
Usman Haider, A. Z. (2024). Building resilient cyber defense architectures: AI and machine learning in cloud and network security.
Downloads
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
