Organizations and businesses are focusing on information systems for cybersecurity decision-making due to the exponential growth of the cyber threat landscape and the critical need to protect digital infrastructure. Threat hunting provides a data-driven, proactive approach that enables organizations to efficiently detect, analyze, and respond to cyber threats. Despite recreating a crucial role, the systems face considerable challenges, including high false-positive rates, inadequate interpretability and explainability, and high computational costs. The study employs a computational approach to present a novel cybersecurity decision-making model, DeepGuardXAI. First, a feature selection technique is introduced to improve performance, reduce overfitting, and accelerate training. Second, the model uses a deep neural network with an attention mechanism to enhance classification accuracy. Third, the model incorporated a human-in-the-loop feedback mechanism with XAI to address the gap between high-speed machine analysis and human contextual judgment. The NASA-TLX metric is used to validate trust-building and informed decision-making. The DeepGuardXAI is evaluated on two benchmark datasets and achieves 99.86% accuracy while using 121 MB of memory on the CIC-IDS2017 dataset. The model outperforms standard classifiers and existing studies. Beyond demonstrating practical utility, the proposed model can help address the computational costs, transparency, explainability, and trust-building, enabling the organization to respond effectively to security incidents.
Barik et al. (Fri,) studied this question.