A Real-Time Threat Intelligence System for Comprehensive Cyber Attack Detection and Mitigation Using Explainable AI

This study proposes a comprehensive and agile method for detecting and preventing cyber threats through a collection of AI-XAI Techniques. Furthermore, this research presents a set of ML models employed by an organization to monitor Cyber attacks: DDoS, Malware, Phishing, Brute Force, Anomaly. The implementation of XAI Methods (SHAP & LIME) allows users to see the rationale behind each ML-based cyber detection model generated in real-time which not only improves the credibility of the model itself but also provides end-users with easier ways to interpret model outputs. Additionally, Adversarial Robustness Testing is incorporated to assess the effectiveness of these defence mechanisms against attackers attempting to manipulate AI models for nefarious purposes. Combining signature and anomaly detection enables organizations to improve accuracy, coverage, and efficiency in terms of monitoring systems, as they will be automatically generating alerts without delay. The proposed framework provides a unique solution to existing challenges for real-time monitoring systems, including the provision of robust real-time threat intelligence analysis capabilities and the ability to scale with an organization’s cyber threat environment.