• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

用于物联网中僵尸网络检测的可解释人工智能

Explainable artificial intelligence for botnet detection in internet of things.

作者信息

Saied Mohamed, Guirguis Shawkat

机构信息

Institute of Graduate Studies & Research, Alexandria University, 832, Elhorrya Road, Alexandria, 21526, Egypt.

出版信息

Sci Rep. 2025 Mar 4;15(1):7632. doi: 10.1038/s41598-025-90420-6.

DOI:10.1038/s41598-025-90420-6
PMID:40038372
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC11880306/
Abstract

The proliferation of internet of things (IoT) devices has led to unprecedented connectivity and convenience. However, this increased interconnectivity has also introduced significant security challenges, particularly concerning the detection and mitigation of botnet attacks. Detecting botnet activities in IoT environments is challenging due to the diverse nature of IoT devices and the large-scale data generated. Artificial intelligence and machine learning based approaches showed great potential in IoT botnet detection. However, as these approaches continue to advance and become more complex, new questions are opened about how decisions are made using such technologies. Integrating an explainability layer into these models can increase trustworthy and transparency. This paper proposes the utilization of explainable artificial intelligence (XAI) techniques for improving the interpretability and transparency of the botnet detection process. It analyzes the impact of incorporating XAI in the botnet detection process, including enhanced model interpretability, trustworthiness, and potential for early detection of emerging botnet attack patterns. Three different XAI based techniques are presented i.e. rule extraction and distillation, local interpretable model-agnostic explanations (LIME), Shapley additive explanations (SHAP). The experimental results demonstrate the effectiveness of the proposed approach, providing valuable insights into the inner workings of the detection model and facilitating the development of robust defense mechanisms against IoT botnet attacks. The findings of this study contribute to the growing body of research on XAI in cybersecurity and offer practical guidance for securing IoT ecosystems against botnet threats.

摘要

物联网(IoT)设备的激增带来了前所未有的连接性和便利性。然而,这种增强的互联性也带来了重大的安全挑战,特别是在僵尸网络攻击的检测和缓解方面。由于物联网设备的多样性以及所产生的大规模数据,在物联网环境中检测僵尸网络活动具有挑战性。基于人工智能和机器学习的方法在物联网僵尸网络检测中显示出巨大潜力。然而,随着这些方法不断发展并变得更加复杂,关于如何使用此类技术做出决策出现了新的问题。将可解释性层集成到这些模型中可以提高可信度和透明度。本文提出利用可解释人工智能(XAI)技术来提高僵尸网络检测过程的可解释性和透明度。它分析了在僵尸网络检测过程中纳入XAI的影响,包括增强模型的可解释性、可信度以及早期检测新兴僵尸网络攻击模式的潜力。提出了三种不同的基于XAI的技术,即规则提取与提炼、局部可解释模型无关解释(LIME)、沙普利值加法解释(SHAP)。实验结果证明了所提方法的有效性,为检测模型的内部工作原理提供了有价值的见解,并促进了针对物联网僵尸网络攻击的强大防御机制的开发。本研究结果有助于网络安全领域中关于XAI的研究不断发展,并为保护物联网生态系统免受僵尸网络威胁提供实际指导。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/0c8ec85098df/41598_2025_90420_Fig9_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/133e034a6fc2/41598_2025_90420_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/3bc906b85de7/41598_2025_90420_Figa_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/c9ab72946219/41598_2025_90420_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/748ad308c767/41598_2025_90420_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/1c0b4f39432d/41598_2025_90420_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/8ef65f725678/41598_2025_90420_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/77270d19ee5a/41598_2025_90420_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/66384889c562/41598_2025_90420_Fig7_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/609970b4c0d3/41598_2025_90420_Fig8_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/0c8ec85098df/41598_2025_90420_Fig9_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/133e034a6fc2/41598_2025_90420_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/3bc906b85de7/41598_2025_90420_Figa_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/c9ab72946219/41598_2025_90420_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/748ad308c767/41598_2025_90420_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/1c0b4f39432d/41598_2025_90420_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/8ef65f725678/41598_2025_90420_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/77270d19ee5a/41598_2025_90420_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/66384889c562/41598_2025_90420_Fig7_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/609970b4c0d3/41598_2025_90420_Fig8_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d350/11880306/0c8ec85098df/41598_2025_90420_Fig9_HTML.jpg

相似文献

1
Explainable artificial intelligence for botnet detection in internet of things.用于物联网中僵尸网络检测的可解释人工智能
Sci Rep. 2025 Mar 4;15(1):7632. doi: 10.1038/s41598-025-90420-6.
2
Machine Learning-Based IoT-Botnet Attack Detection with Sequential Architecture.基于机器学习的物联网僵尸网络攻击检测的序列架构。
Sensors (Basel). 2020 Aug 5;20(16):4372. doi: 10.3390/s20164372.
3
Strengthening network DDOS attack detection in heterogeneous IoT environment with federated XAI learning approach.使用联邦可解释人工智能学习方法加强异构物联网环境中的网络分布式拒绝服务攻击检测。
Sci Rep. 2024 Oct 17;14(1):24322. doi: 10.1038/s41598-024-76016-6.
4
Securing the 6G-IoT Environment: A Framework for Enhancing Transparency in Artificial Intelligence Decision-Making Through Explainable Artificial Intelligence.保障6G物联网环境:一个通过可解释人工智能提高人工智能决策透明度的框架。
Sensors (Basel). 2025 Jan 30;25(3):854. doi: 10.3390/s25030854.
5
Review of Botnet Attack Detection in SDN-Enabled IoT Using Machine Learning.基于机器学习的 SDN 赋能物联网中的僵尸网络攻击检测综述。
Sensors (Basel). 2022 Dec 14;22(24):9837. doi: 10.3390/s22249837.
6
IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection.基于优化极端梯度提升和特征选择的物联网僵尸网络攻击检测。
Sensors (Basel). 2020 Nov 6;20(21):6336. doi: 10.3390/s20216336.
7
Cross Deep Learning Method for Effectively Detecting the Propagation of IoT Botnet.基于交叉深度学习的物联网僵尸网络传播检测方法
Sensors (Basel). 2022 May 20;22(10):3895. doi: 10.3390/s22103895.
8
An Aggregated Mutual Information Based Feature Selection with Machine Learning Methods for Enhancing IoT Botnet Attack Detection.基于聚合互信息的特征选择与机器学习方法在增强物联网僵尸网络攻击检测中的应用。
Sensors (Basel). 2021 Dec 28;22(1):185. doi: 10.3390/s22010185.
9
An Explainable LSTM-Based Intrusion Detection System Optimized by Firefly Algorithm for IoT Networks.一种基于萤火虫算法优化的、用于物联网网络的可解释长短期记忆(LSTM)入侵检测系统。
Sensors (Basel). 2025 Apr 4;25(7):2288. doi: 10.3390/s25072288.
10
A Proactive Attack Detection for Heating, Ventilation, and Air Conditioning (HVAC) System Using Explainable Extreme Gradient Boosting Model (XGBoost).基于可解释极端梯度提升模型(XGBoost)的主动式 HVAC 系统攻击检测
Sensors (Basel). 2022 Nov 27;22(23):9235. doi: 10.3390/s22239235.

本文引用的文献

1
A Proactive Attack Detection for Heating, Ventilation, and Air Conditioning (HVAC) System Using Explainable Extreme Gradient Boosting Model (XGBoost).基于可解释极端梯度提升模型(XGBoost)的主动式 HVAC 系统攻击检测
Sensors (Basel). 2022 Nov 27;22(23):9235. doi: 10.3390/s22239235.
2
Botnet Attack Detection in IoT Using Machine Learning.基于机器学习的物联网僵尸网络攻击检测
Comput Intell Neurosci. 2022 Oct 4;2022:4515642. doi: 10.1155/2022/4515642. eCollection 2022.
3
FIDChain: Federated Intrusion Detection System for Blockchain-Enabled IoT Healthcare Applications.
FIDChain:用于支持区块链的物联网医疗保健应用的联邦入侵检测系统。
Healthcare (Basel). 2022 Jun 15;10(6):1110. doi: 10.3390/healthcare10061110.