Federated XAI IDS: An Explainable and Safeguarding privacy Approach to Detect Intrusion Combining Federated Learning and SHAP

1. Introduction

In the digital age, cybersecurity — the practice of safeguarding frameworks, networks, and confidential data from unwelcome inspection, distress, emerging cyber hazards as well [1], has become the essential battle line. Since people, organizations, and governments grow more interconnected and dependent on digital infrastructure, it is crucial to guarantee data availability, confidentiality, and integrity. In order to safeguard their valuable assets and lower risks, companies need to proactively create multilayer protection measures in response to evolving cyber threats. Within the ever-changing field of cybersecurity, safeguarding private data from a continuously increasing spectrum of cyber attacks is essential. In order to discover and prevent undesirable activity in network traffic, intrusion detection systems (IDS) are essential. They are the first line of defense against malicious attacks. An intrusion detection system (IDS) scans over malicious activity or unauthorized access through analysis of traffic dynamics, applications and session behavior, and signature-based features [2]. By emphasizing anomalies and recognized attack patterns, IDS alerts help organizations promptly address possible security risks.

In this new age of interconnected world, approximately 50% of startups disclose experiencing information theft, underscoring the urgency of robust IDS solutions in institutional security frameworks [3]. The integration of Deep Learning (DL), Machine Learning (ML) along with IDS has acquired substantial traction due to their superior classification accuracy. Nonetheless, conventional machine learning-based intrusion detection systems encounter considerable privacy and security vulnerabilities owing to their dependence on centralized data storage and transmission [4]. Additionally, The challenges of developing effective IDS systems include the substantial quantity of network information and the prevalence of imbalanced datasets, where minor yet critical attack types are often underrepresented [5].

Higher performance in interpreting complicated patterns within network data is made possible by recent developments in deep learning, especially the adoption of transformer models, which have showed significant prospects in sequencing frameworks and anomaly discovery[6]. Intrusion Detection Systems (IDS), which are crucial for locating and preventing existing network intrusions, are particularly affected by this.

However, there are serious concerns regarding confidentiality, with the use of deep learning-based IDS frameworks, especially when models are trained using private network traffic data. These issues can be effectively addressed by Federated Learning (FL), which permits for decentralized coordinated infrastructure refinement while maintaining the privacy and security of confidential information [7]. This research introduces a federated learning-based intrusion detection system that employs artificial neural networks as the local-end prediction system and incorporates SHapley Additive Explanations in order to enhance comprehensibility The decentralized training approach guarantees confidentiality while facilitating visibility in detecting threats to networks. This piece of literature is the expanded version of the initial manuscript previously laid out in[8]. Explainable artificial intelligence (XAI) has significantly enhanced intrusion detection systems (IDS) by providing accountability, understanding, and integrity in decision-making. Traditional IDS models, particularly those based on deep learning, frequently function as "black boxes," complicating security analysts’ understanding of their predictions. SHapley Additive ExPlanations (SHAP) has emerged as a powerful XAI approach, offering feature attribution scores that elucidate the influence of different input characteristics on the conclusions of the models. Employing SHAP in Intrusion Detection Systems aids researchers and practitioners in identifying significant attack patterns, reducing false positives, and enhancing model robustness. Research, including [9], demonstrates that SHAP provides equitable and consistent feature importance ratings, making it an ideal method for enhancing the interpretability of IDS. Moreover, SHAP facilitates feature selection and optimization, hence enhancing generalization and efficiency in IDSs that are constructed deploying FL, where privacy preservation is paramount [10]. Utilizing SHAP in FL-based IDS confidentiality security insights while safeguarding raw data, hence maintaining user privacy and delivering actionable knowledge for cyber defense.

The CICIoT2023 dataset[11], a real-world dataset with contemporary attack types, has been used for the experiments. The system’s performance and generalizability in a range of intrusion scenarios, as well as its capacity to identify known and new network threats, has been the main areas of focus. In addition, the integration of explainable artificial intelligence (XAI) techniques, particularly SHAP, will provide essential transparency within the IDS framework. This comprehensibality constitutes an essential towards instilling assurance in AI-driven frameworks, specifically when legal and regulatory compliance is a factor in the deployment of network security solutions. The new study builds on the foundations laid by focusing on explainable AI and federated learning, while the earlier work concentrated on these conventional approaches. The goal is to improve the privacy, efficacy, and interpretability of IDS solutions. This research builds upon prior work with the CIC_IDS_2018 dataset, where the challenge of imbalanced datasets was addressed by developing an IDS using balanced data and exploring unorthodox categorization methods incorporating the Dendritic Cell Algorithm (DCA) [12]. In order to improve transparency and interpretability and facilitate a more thorough comprehension of model decisions, explainable artificial intelligence (XAI) approaches must be incorporated into the IDS framework. By elucidating the reasoning behind certain results, this transparency contributes to the development of trust in AI-driven frameworks, which is crucial for fulfilling legal and regulatory obligations.

This research attempts to tackle important network security issues by designing and deploying a sophisticated Intrusion Detection System (IDS) that integrates Explainable Artificial Intelligence (XAI), Federated Learning (FL), and Machine Learning (ML). This study aims to achieve the following goals:

• To assess the efficacy of an Intrusion Detection System utilizing cutting-edge Machine Learning methodologies, Federated Learning for decentralized training, and Explainable Artificial Intelligence for enhanced interpretability and transparency.
• To minimize computational overhead by utilizing Federated Learning, which allows decentralized data processing and eliminates the need for central data aggregation.
• To reduce the dangers of single points of failure and centralized data breaches by implementing a distributed, node-based architecture in Federated Learning.
• To ensure the reliability and trustworthiness of IDS predictions by employing Explainable AI, which provides insights into model decisions and fosters greater user trust in automated systems.

This research work has been structured in the following manner: Section 2 highlights relevant research on XAI, Federated Learning, and IDS. Section 3 details the proposed methodology, including model architecture and SHAP-based interpretability. Section 4 discusses the experimental setup, along with results and analysis. Section 5 discusses key findings, and Section 6 finishes with contributions and future study directions.

2. Literature Review

This sections analyzes a number of significant research works that paved the way for the proposed framework. The growing popularity popularity of Internet of Things(IoT) networks has generated considerable security concerns, prompting the creation of effective IDSs. Recent improvements in FL represents a viable approach, facilitating decentralized learning while safeguarding data privacy. This section examines current research initiatives that combine FL with DL.

Torre et al. [18] initiated an IDS built on FL adopting a 1D Convolutional Neural Network (CNN) to secure IoT networks. This framework enhances privacy through Diffie–Hellman Key Exchange, Dynamic Security, and Homomorphic Cryptography. Almadhor et al. [19] introduced a Federated Deep Neural Network (FDNN) for detecting and preventing Distributed Denial-of-Service (DDoS) integrating Explainable Artificial Intelligence (XAI) in IoT networks. Their methodology employed FDNNs trained across three client devices over multiple rounds without sharing raw data. Furthermore, XGBoost was used with SHapley Additive ExPlanations (SHAP) for selecting features, which improved model comprehensibility This method successfully preserved robustness, scalability, and confidentiality while obtaining high detection accuracy. To further optimize FL-based IDSs, Alsaleh et al. [20] offered a semi-distributed FL model that clusters IoT devices and assigns a cluster head to reduce communication overhead. The model incorporated Bidirectional LSTM (BiLSTM), Long Short-Term Memory (LSTM), and Wasserstein Generative Adversarial Networks (WGAN) to enhance intrusion detection, particularly focusing on DDoS attacks in scenarios with scarce resources. Their evaluation implementing CICIoT2023 dataset revealed BiLSTM as the most efficient model due to its optimized size. Testing on, WUSTL-IIoT-2021, Edge-IIoTset, and BoT-IoT, further confirmed its superior detection accuracy. An unorthodox Secure and Authenticated structure built on Federated Learning-employing Blockchain (SA-FLIDS) was initiated by Bensaid et al. [21] to enhance security in advanced healthcare systems that are enabled by fog-IoMT. Experimental results using CICIoT2023 and EdgeIIoTset datasets demonstrated the framework’s strong resilience against adversarial attacks while preserving confidentiality of the data and deducting the expenses of communication. Sun et al. [22] addressed the dilemma of attack class dispersion in FL-based IDSs by proposing FedMADE, an adaptive collaborative framework. FedMADE groups IoT gadgets based on the trends on the traffic and incorporates local approaches according to their significance to entire evaluation. This approach significantly improved the accuracy of minority attacks classification to 71.07% compared to existing FL methods for non-IID data. Additionally, FedMADE exhibited robustness against poisoning attacks while incurring only a 4.7% latency overhead (5.03 seconds per iteration) contrasting with FedAvg, without uploading computational weigh on IoT gadgets. These research works collectively underlines the efficacy of FL-based IDSs in intensifying cybersecurity within IoT networks. The combination of deep learning simulations, privacy-preserving techniques, and blockchain technology shows great promise for protecting modern IoT systems. However, issues such as communication overhead, data disparity, and adversarial resilience remain critical areas for further research and optimization.

Deep Learning (DL) and Machine Learning (ML) have become foundational approaches for constructing IDS, significantly improving network confidentiality by spotting various attacks, anomalies as well. Several ML techniques are widely used for their robustness and efficiency. Support Vector Machine (SVM) is valued for handling high-dimensional data, while Decision Tree (DT) offers simplicity and interpretability. Random Forest (RF), an association of decision trees, amplifying efficacy and deduces overfitting. Naïve Bayes (NB) provides probabilistic classification with efficiency in large datasets, and K-Nearest Neighbor (KNN) excels in instance-based learning for classification tasks. In DL, CNN are highly efficient at pooling out complex hierarchical patterns from structured data, while Gradient Boosting (GB) and another updated version of GB, Extreme Gradient Boosting (XGB) iteratively improve weak learners for superior predictive performance. These techniques [13,23,24] have demonstrated considerable success in advancing IDS capabilities. However, evolving cyber threats pose ongoing challenges, including scalability, real-time detection, and addressing imbalanced data, which require further research and innovation to enhance future IDS frameworks.

Apart from traditional techniques, bio-inspired frameworks have been quite effective for IDS. Though there have been fewer works in this genre, some have proved the significance of bio-inspired techniques, particularly in anomaly detection. In article [25], a bi-layer structure, with the initial stage eliminates recursive patterns incorporating RF-based methodology (RF-RFE) and optimization approaches that are inspired from biological style, is employed in the following layer. In article [26], the support vector machine was optimized using Whale Optimization (WO), Grey Wolf Optimization (GWO), and Firefly Optimization (FO) algorithms. However, the detection rates of the irregularities by the optimized methodologies did not demonstrate optimal efficiency. In article [27], a novel combination of Deep Learning and the Dendritic Cell Algorithm (DeepDCA) was integrated into the framework alongside a Neural Network that normalises itself (SNN). However, the implementation utilized a relatively outdated and less diverse dataset.

In addition to traditional methods, FL has become a popular architecture for developing Intrusion Detection Systems (IDS), offering distributes training without allowing access to original data. Various studies have explored different FL-based approaches, including RF-based federated learning [16], shallow Artificial Neural Networks (ANN) with FedAvg for aggregation [17], CNN and RNN [28], and combinations of Multi-Layer Perceptron (MLP) with CNN [29]. Euclides et al. introduced the CICIoT2023 dataset, which has been widely used in experiments involving ML algorithms for classification [11]. Notable studies include [30], which proposed a convoluted structure depending on LSTM for attack detection, and Fray et al., who explored DL models with different stages and functions that activates the model [31]. Maryam et al. deployed unbiased ML algorithms for detecting irregularities and [32], emphasizing fairness and accuracy in model predictions. These efforts highlight the evolution of IDS using FL and advanced machine learning techniques.

3. Methodology

In this section of the article will represent the methodology of the entire research work. This section highlights the research approach, encompassing dataset compilation, data analysis, prior processing, and the proposed framework.

The sections includes the architectural depiction of the proposed framework in the Figure 3. The illustration depicts the process of a federated learning model. It specifies the procedure of initialising a server, disseminating the global framework to local end nodes, changing the model regionally, and transmitting revisions back to the server. The server subsequently incorporates the updates with the Federated Averaging (FedAvg) mechanism. The diagram illustrates the allocation of models and upgrades to features between the server and remote nodes, where multiple users (Client-1, Client-2, Client-3, and Client-4) utilise their datasets to enhance the effectiveness of the models. The remainder of this section will proceed to explore the suggested framework in in greater depth.

3.1. Dataset Compilation

In this work, the CICIoT2023 [11] data set was used for the proposed model. The dataset was created to meet the growing demand for reliable security analytics applications in real-world IoT contexts. The experimental setup comprises of a complete IoT architecture with 105 networked devices that simulate a genuine operational environment. Within this network, 33 different cyberattacks were carried out, each meticulously planned to mirror the changing threat landscape of IoT security. In order to provide diversity and authenticity in attack situations, compromised IoT devices were intentionally used as hostile entities, attacking other IoT devices in the network. The dataset encompasses a wide range of harmful activities, with the goal of serving as a standard for the research community in developing and assessing intrusion detection and mitigation solutions. The assault diversion is shown in the Figure 1.

The recorded attacks are systematically categorized into seven major classes, each representing a fundamental aspect of IoT security threats:

• Distributed Denial of Service (DDoS): Large-scale flooding assaults meant to harm multiple IoT gadgets simultaneously to exhaust computational resources and disrupt network availability.
• Denial of Service (DoS): Single-source attack tactics designed to overwhelm a specific IoT device, making it unresponsive to valid queries.
• Reconnaissance (Recon): Passive and active network scanning techniques are used to obtain information on vulnerable IoT devices, services, and network setups.
• Web-based Attacks: Exploitation of IoT web interfaces using security holes in IoT web interfaces, including SQL infiltration, command insertion, and cross- website scripting to gain unauthorized access.
• Brute Force Attacks: Systematic password-guessing attacks targeting IoT authentication mechanisms to compromise credentials and gain illicit control over devices.
• Spoofing Attacks: Identity forging techniques, such as ARP and IP spoofing, are used to masquerade as legitimate IoT organizations in order to eavesdrop or manipulate communications.
• Mirai-based Attacks: Malware-driven attacks use the Mirai botnet to exploit vulnerabilities in IoT device security, allowing for large-scale infections and subsequent coordinated cyberattacks.

This dataset is a crucial asset for cybersecurity research, allowing for the creation and testing of advanced machine learning models, intrusion detection systems, and anomaly detection approaches designed specifically for IoT security applications.

3.2. Data Investigation & Pre-Processing

In this level of the suggested approach, the dataset is thoroughly inspected if the data are in eligible format to use. In order to get an impactful work, the datasets were pre-processed in several steps. The details of the pre-processing is visually represented in the Figure 2 as well as described below,

3.2.1. Data Cleaning

Proper handling of missing values is important because they could result in errors during model building. Missing rows or columns had been either removed. If the input data contains the same thing multiple times, this can skew the learning outcome. Duplicate values were checked and removed from the dataset.

3.2.2. Data Type Correcting

In order to ensure precise calculations, inconsistent data types (e.g., numeric columns erroneously saved as strings) were transformed to their correct formats.

• Data Standardizing : Standardizing the data is a transformation process that increases the integrity and quality of the data that you can use in future calculations. For this study, we used Z-index standardization 1. This method normalizes the data to have zero mean and unit variance.

  $$Z={\displaystyle \frac{X-\mu }{\sigma }}$$

  (1)
  Here:
  • Z denotes the standardised merit,
  • X signifies the initial data instance,
  • $\mu$ represents the mean value of the data,
  • $\sigma$ indicates the standard deviation of the results.
• Categorical Encoding : Any machine learning algorithm requires numerical input to perform mathematical operations, so categorical encoding converts categorical data, which contains arbitrary labels or discrete components, into a numerical format. For the encoding technique, we used label encoding in this study. Unlike one hot encoding, label encoding preserves the ordinal nature of categorical variables, allowing for interaction between dummy variables while providing meaningful numeric representation of the synonyms. Treats Categorical Features as a variable to keep the categorical variables interpretability and thus helps in efficient data processing

3.2.3. Class-Conversion

A robust representation of class conversion is essential in machine learning, as it simplifies the model derived from complex datasets, enhances model performance, and facilitates improved interpretability. The data is simplified and expedited for training due to consolidating classes, which aggregates like assault types. This approach addresses data imbalance by integrating minor attack types into a more significant segment. Moreover, it decreases bias and enhances generalization. Simulataneousy, it aligns with purpose of real-world intrusion detection and increaases the significance of cyber-security. CICIoT2023 was classified into, Benign, DDoS, DoS, Mirai, Recon and Other.

3.2.4. Dataset Splitting

At the last step of pre-processing, the selected data sets are partitioned into two segments. One part is training, consuming 80 percentage of the data and another part is evaluation test, consuming 20 percentage of the data.

3.3. Proposed Framework

Our extensive research work experimented with both ML and DL models with two different datasets. We have implemented explainable DL model on CICIoT2023 dataset. The description of the models are given below.

I

FedXAIIDS: The proposed Federated Learning (FL) model for intrusion detection leverages a distributed architecture, incorporating the devices attached to the local end. These gadgets regionally implement the frameworks on their particular dataset. Later the computing device at the server end integrates these trained schemes. For this study, the CICIoT2023 dataset was distributed across four clients to simulate a federated environment. The following stages define the operation of the proposed model:

(a)

Initialization : In FL, initialization implies the procedure of establishing the initial universal model prior to the commencement with instruction across various client endpoints. A centralised computer establishes a global architecture and disseminates it to all collaborating peers. Upon acquiring the global framework each client initiates local training utilising their specific data.

(b)

Local Model Training : Locally model development in FL denotes the procedure whereby every collaborating client (e.g., smartphone or tablet edge nodes) autonomously trains a replica of the global framework on its own dataset prior to transmitting updates to the central server. Every client develops a distinct ANN architecture and explains its results utilising SHAP. ANN is modelled after the architecture of the human brain, utilising layers of interconnected neurones. In this work, the ANN framework is fabricated as following:

• Input Layer : The input layer in an Artificial Neural Network (ANN) with 64 neurons represents the 64 features of the dataset, where each neuron processes a corresponding feature. Using the activation strategy of ReLU 2,

  $$f\left(X\right)=max(0,X)$$

  (2)
  , it passes only positive values, ensuring efficient learning and faster convergence. Each feature has calculated weighted inputs, while making negative inputs be 0. Due to its simplicity and non-linearity, ReLU allows for sparse activation and, therefore, scalability, making it suitable for more complicated tasks such as intrusion detection.
• Dropout Layer : Two dropout layer with a fifty percent reduction in rate helps to reduce over fitting by randomly adjusting fifty percent of the units used for input to zero throughout each training iteration.This technique minimises reliance on single neurones, allowing the network to learn more robust properties.
• Hidden Layer : The model has two hidden layers to improve learning and feature abstraction. The first hidden layer is made up of 128 neurones with ReLU activation, which allows the network to record complicated patterns using non-linear transformations. The second hidden layer has 64 neurones and uses ReLU activation to reduce dimensionality while retaining abstraction for better computational efficiency. This layered structure strikes a compromise between learning capacity and processing speed, allowing for deeper pattern identification and more effective generalisation.
• Output Layer : The layer that is designed to provide outcomes, contains six neuronal cells, each corresponding to one of the six categories of interest in the classifying task. The activation function of softmax is employed, transforming the output into the distribution of probabilities among every category. The softmax function guarantees the sum of probabilities is 1 and enables the model to simply make the most likely class prediction and give more probability to whatever output is more relevant, which makes it popular for multi-class classification problems.
• Loss Function : This framework employs a loss function approach that is know as categorical cross-entropy, quantifying the disparity between the one-hot actual label distribution and the projected distribution of probabilities. This method is used where there is multi-class classification, and it punishes when the prediction is neither close to the labels nor close to the class by solving a loss of negative log likelihood of the actual class. Preventing this loss can help tune the model so it is more left-leaning or right-leaning, which improves its accuracy, resulting in predicted probability aligning better to actual labels.
• Optimizer : This model employs an optimizing techniques of Adam with a primary learning ratio of 0.001 to take advantage of momentum and adaptation rates for improved training. Adam adapts the learning rates for each individual parameter, which leads to quicker convergence and resilient performance across different types of issues, making it frequently employed in deep learning models.

(c)

Global Aggregator : The centralised computer consolidates modifications to the model from each client to formulate a unified framework utilising Federated Averaging (FedAvg) 3. This method involves the server systematically calculating a weighted average of the clients’ model parameters (weights) according to the magnitude of their local data. FedAvg enhances the global model by integrating varied local insights while maintaining data privacy, establishing it as a fundamental technique in FL [33]. The calculation as follows [33],

$${\theta }^{(t+1)}=\sum _{k=1}^K{\displaystyle \frac{n_k}{N}}{\theta }_k^{\left(t\right)}$$

(3)

where:

• ${\theta }^{(t+1)}$ represents the new global model parameters,
• K denotes the number of participating clients,
• $n_k$ is the number of local training samples for client k,
• $N={\sum }_{k=1}^K{n}_k$ is the total number of training samples across all selected clients,
• ${\theta }_k^{\left(t\right)}$ represents the locally updated model parameters from client k at round t.

(d)

Explainable AI (XAI) Integration : Explainability is critical for understanding complex machine learning models. SHAP is a model-agnostic approach that provides local interpretability by assigning importance values to individual features. In this study, the Python library of SHAP was used to calculate SHAP values for a test trial subset. Kernel SHAP, suitable of explaining deep learning models, was employed to interpret predictions and ensure efficient, representative interpretability of the CICIoT2023 dataset [9].

4. Experimental Result

The research experiment was conducted on a portable computer with the configuration features of, Core i5 processor, 4GB main memory, 2.4GHz CPU momentum, and running Microsoft Windows 11. The programming environment utilized Jupyter Notebook and Kaggle Notebook, both with Python 3. Furthermore, the Colab at Google acted as a program framework for conducting the experiment.

4.1. Evaluative Metric

The properties employed for the suggested framework in this investigation include precision, accuracy, recall, alongside F1-score.

• ACCURACY : The metric that indicates how frequently an ML approach correctly projects an outcome is known as Accuracy. The division of the number of correct predictions by the total estimation quantity, is implemented to evaluate the accuracy.

$$ACCURACY={\displaystyle \frac{{TP}^1+{TN}^2}{{FP}^3+TP+{FN}^4+TN}}$$

(4)

RECALL : The capacity to identify all pertinent instances within the dataset is termed as Recall. It is defined as the ratio of actual positives to the total of true positives and false negatives in the genre of mathematics.

$$RRCALL={\displaystyle \frac{TP}{FN+TP}}$$

(5)

• PRECISION : the metric that represents the efficacy of an ML approach is known as Precision. It reflects the accuracy of the algorithms’ positive predictions. It is the ratio of genuine successes to the total number of positive projections.

$$PRECISION={\displaystyle \frac{TP}{FP+TP}}$$

(6)

• F1-SCORE : the balanced average of accuracy and recall is termed as F1-SCORE. Accuracy and Recall are aggregated into a single statistics in order to enhance the comprehension of the efficacy of the suggested framework.

$$F1-SCORE={\displaystyle \frac{2\times RECALL\times PRECISION}{PRECISION+RECALL}}$$

(7)

• LOSS : A function called a loss function is a formula of algebra that quantifies the variance between the envisioned results derived from the computerised model and the actual target values. The loss function evaluates the degree to which the forecasts of the model align with the factual information.

$$\mathrm{Loss}=-\sum _{i=1}^n\sum _{c=1}^C{y}_{i,c}log\left({\widehat{y}}_{i,c}\right)$$

(8)

4.2. Prior Experiment

In both Model-A and Model-B, the first layer was meant to extract 20 attributes from the dataset’s original 79. This layer was crucial in determining the value of various traits and choosing the most significant ones.

The Deep Component Analysis (DCA) layer in the prior two experimental models refined these features by reducing the 39 retrieved features to ten. This phase improves the ability of the framework to concentrate on the most important elements, hence increasing overall performance and efficiency. The third model, on the other hand, took a completely different strategy. Rather than a two-stage feature extraction, 15 features were recovered directly from the dataset’s 79 original attributes. This direct extraction simplifies the model but may lead to differences in feature interpretability and performance compared to the more refined multi-stage process of initial two models.

After the feature extraction process, the models proceed to learning and evaluation using the classifiers discussed in the previous section. It is evident that first framework successfully acquired knowledge of categories of assaults during the learning session, achieving a remarkable learning percentage of 100%. Even the testing phase performance is incredible with a 100% detection rate, showing that the model is extremely accurate and resilient to intrusions. Similar to the previous models, the third framework is extremely efficient with a 100% learning and assessment rate, reflecting its accuracy and reliability in identifying diverse classifications attacks. The images, Figure 5, Figure 6, and Figure 7, depict the results of our previous research employing precision, recall, and F1-score, correspondingly. Here, we can see that although this model has a slightly lower success of 99% in both the learning and assessment elements, it is still admirable. Although marginally less effective than Models A and B, Model-C maintains a high level of accuracy and remains a competitive choice for intrusion detection. The reason behind to switch to our current study is that the previous experiment demonstrated a high probability of overfitting issue of the frameworks as well as the inefficient data quality as the experimented dataset was published quite a long time ago.

4.3. FedXAIIDS

The envisioned infrastructure built on FL was allocated among four end-users along with the global framework. The findings have been assembled from the local ends utilizing the aggregator strategy of FedAvg. The resultant products produced during the testing cycles are illustrated in Figure 9. The suggested method has an 88.4% achievement rate during the training session and an 88.2% achievement rate during the testing session. SHAP was employed in order to clarify the significance of the attributes on the anticipated output. Figure 10 illustrates the influence of the characteristics during both the training and testing sessions utilising SHAP. The attributes are represented on the Y- axis ranking from high influence to low influence. The SHAP data are represented on the X-axis . Each dot depicted in the illustration indicate each data of integrated feature. In this context, red signifies a larger importance, while blue denotes the opposite. The illustrated components exert a greater influence on our IDS compared to the other dataset characteristics.

The Figure 8, depicts the accuracy trends of a federated learning model across many clients over a number of repetitions. The horizontal axis depicts the quantity of repetitions, indicating the advancement of training, and the vertical-axis represents accuracy in percentage, representing the model’s performance. Every curve in the figure displays an individual client, showcasing how their respective models improve over time. The accuracy deviations could be attributed to differences in data distributions, local model updates, or computing resources. The graph illustrates the converging behavior of federated learning, demonstrating whether all clients attain equal performance levels or if there are differences because of disparities in data or system-related constraints. This approach is important in federated learning because it helps evaluate model consistency across clients, discover potential fairness issues, and ensure that no client suffers a large disadvantage during training. The detected trends can also be used to inform optimization tactics, such as modifying learning rates, enhancing aggregation approaches, and dealing with straggler effects.

5. Discussion

The results of this study facilitate multiple promising avenues for the advancement of Intrusion Detection Systems (IDS). Notwithstanding the remarkable outcomes attained with the proposed Federated Learning (FL) framework, the scalability of these models in extensive, heterogeneous contexts continues to offer a significant issue. Future research may concentrate on enhancing federated learning methodologies to accommodate larger datasets, fluctuating network conditions, and immediate threats. This necessitates improving the effectiveness of model aggregation and exploring edge computing solutions to mitigate latency and bandwidth challenges. The existing methodology can be enhanced by investigating hybrid models that integrate various classifiers, perhaps incorporating deep learning frameworks, to augment detection precision, resilience, and adaptation to emerging attack vectors. The incorporation of explainable AI (XAI) methodologies, such as SHAP, has enhanced model transparency; nevertheless, the development of more advanced techniques could yield even more comprehensive and accessible insights, aiding security analysts in interpreting and responding to the system’s decisions more effectively. Moreover, although the federated approach provides robust privacy-preserving features, supplementary techniques like differential privacy or secure multi-party computation could be integrated to enhance security without undermining the system’s performance. Mitigating the persistent issue of class imbalance in real-world datasets is a vital area for enhancement, with sophisticated data augmentation tactics and semi-supervised learning methodologies offering avenues for improved model training in data-deficient contexts. Furthermore, the real-time implementation of these IDS systems is essential, particularly in dynamic networks, where the capacity to evolve as well as to react to emerging threats instantaneously is crucial. This necessitates the integration of online learning techniques and the development of adaptive models that progress in tandem with evolving assault patterns. Ultimately, the incorporation of these sophisticated IDS methodologies with current cybersecurity frameworks, including SIEM systems and firewalls, could augment their efficacy within a comprehensive security ecosystem, facilitating an integrated detection and response mechanism. Further exploration of these research domains indicates that the integration of federated learning, explainable artificial intelligence, and sophisticated feature refinement techniques offers significant potential for developing robust, scalable, and transparent intrusion detection system solutions that can more effectively safeguard distributed networks against an expanding array of cybersecurity threats.

The findings in the Table 2 show that FedXAIIDS is effective in addressing major intrusion detection concerns, particularly in terms of privacy preservation, explainability, and decentralized learning. While the recommended framework attained training efficacy of 88.4% and testing efficacy of 88.2% on the CICIoT2023 dataset, which is lower than some centralized approaches, its advantages in security, interpretability, and real-world applicability make it a superior choice for modern cybersecurity frameworks. FedXAIIDS, unlike standard IDS models, uses Federated Learning (FL) to ensure that sensitive network data is dispersed across edge devices. This considerably decreases the danger of data breaches and ensures compliance with severe privacy requirements such as GDPR (General Data Protection Regulation). While other high-accuracy models rely on centralized datasets (e.g. Adamova et al. [100% accuracy] and Saadouni et al. [99.83% accuracy]), they compromise data privacy by requiring data aggregation at a central location [34]. Most existing models prioritize accuracy but lack interpretability, making them unsuitable for real-world security operations where decision transparency is crucial. FedXAIIDS integrates SHAP to rank feature importance, allowing cybersecurity professionals to understand attack patterns rather than treating the IDS as a black box. In contrast to high-accuracy systems (e.g. Saadouni et al. and Gulzar et al.) [35,40], which do not explain why specific attacks are categorized, FedXAIIDS delivers reliable insights, allowing for speedier and more informed decision-making. Traditional IDS models perform well on particular datasets, but they frequently suffer in real-world dynamic situations. FedXAIIDS, with its federated learning architecture, learns continually from remote sources, allowing it to adapt to new attack patterns. Centralized models such as Ji et al. (98.27% accuracy) rely on static datasets, making them vulnerable to zero-day attacks and adversarial manipulations [38]. Despite lower accuracy, FedXAIIDS surpasses traditional IDS in security resilience. It reduces single points of failure, a significant risk in centralized architectures, and integrates smoothly with SIEM systems and firewalls to improve threat detection capabilities. Future advancements, such as distinct confidentiality and safe collective manufacturing, will increase its robustness. While FedXAIIDS does not achieve the highest accuracy, its balance of security, privacy, explainability, and adaptability makes it a more practical and scalable IDS solution for real-world deployment. Future advances in federated model aggregation, machine learning with adaptive features, and hybrid deep learning have the potential to significantly improve its detection performance, driving it to the forefront of next-generation IDSs.

6. Conclusion

This research introduces Federated XAI IDS, a novel explainable and privacy-preserving intrusion detection system (IDS) that effectively addresses the key limitations of traditional IDS, including high inaccurate positive detection and inaccurate negative detection percentage, lack of interpretability, as well as data privacy concerns. By leveraging Federated Learning (FL) and Shapley Additive Explanations (SHAP), our approach ensures that IDS models can be collaboratively trained across multiple decentralized devices while preserving data privacy by keeping sensitive information on local edge nodes. This decentralized paradigm mitigates security risks associated with centralized approaches, making it a commendatory solution for modern network circumstances. The proposed IDS framework utilizes an Artificial Neural Network (ANN) distributed across four federated clients, with model aggregation performed using FedAvg on the CICIoT2023 dataset. The output highlighted the efficiency of this approach, achieving 88.4% training accuracy and 88.2% testing accuracy. Additionally, SHAP was incorporated to analyze feature importance, providing a transparent perspective of the most significant attributes influencing model predictions. The ability to rank and interpret feature significance enhances model trustworthiness and supports cybersecurity professionals in making informed decisions. Though our accuracy is lower than other current studies, SHAP analysis ensured the efficiency our result. Our findings demonstrate that the Federated XAI IDS successfully tackles two critical challenges in intrusion detection: explainability and privacy preservation. By integrating federated learning with explainable AI (XAI), this work offers a scalable, interpretable, and secure IDS solution suited for modern cybersecurity applications, particularly in scenarios where sensitive data cannot be centrally shared. Moreover, by promoting more open and responsible intrusion detection framework, the proposed architecture advances the field of reliable AI-driven security solutions. Promising direction for investigation comprise investigating sophisticated federated aggregation tactics, integrating adaptive learning methodologies, and refining model performance in various network contexts. Furthermore, realistic implementation and assessment in extensive, diverse networks will confirm the resilience and applicability of our methodology. We may move closer to a cybersecurity environment that is more safe, considerate of privacy, and interpretable by further improving and developing federated explainable AI-based IDS solutions.