Optimizing Hybrid Intrusion Detection Systems Using Federated Learning and Explainable AI for Enhanced Network Security

Abstract

The escalating sophistication and volume of cyberattacks demand robust and adaptable intrusion detection systems (IDSs). Traditional centralized IDSs often struggle with scalability, data privacy concerns, and the ability to detect novel attacks. This paper proposes a novel hybrid IDS framework that leverages federated learning (FL) and explainable AI (XAI) to overcome these limitations. The framework combines the strengths of signature-based and anomaly-based detection methods within a federated learning environment, allowing for collaborative model training across multiple network edge devices without sharing sensitive raw data. Furthermore, XAI techniques are integrated to provide insights into the IDS's decision-making process, enhancing transparency and trust. The effectiveness of the proposed approach is evaluated using a benchmark network intrusion dataset, demonstrating significant improvements in detection accuracy, reduced false positive rates, and enhanced model explainability compared to traditional centralized and non-federated IDS deployments. The results highlight the potential of FL and XAI to revolutionize network security by enabling decentralized, privacy-preserving, and interpretable intrusion detection.