Leveraging explainable artificial intelligence for early detection and mitigation of cyber threat in large-scale network environments.

Cybersecurity has often gained much popularity over the years in a fast-evolving discipline, as the number of cybercriminals and threats rises consistently to stay ahead of law enforcement. Recently, cybercriminals have become more complex with their approaches, though the underlying motives for conducting cyber threats remain largely the same. Classical cybersecurity solutions have become poor at identifying and alleviating evolving cyber threats. Machine learning (ML) plays a crucial role in cybersecurity by making malware detection more scalable, efficient, and automated, reducing reliance on conventional human intervention methods. The cybersecurity domain comprises ML challenges that require effective theoretical and methodical handling. Various statistical and ML approaches, like Bayesian classification, deep learning (DL), and support vector machines (SVM), have efficiently alleviated cyber threats. The insights and hidden trends detected from network data and the architecture of a data-driven ML to avoid this attack are essential to establishing an intelligent security system. This study develops a novel Leveraging Explainable Artificial Intelligence for Early Detection and Mitigation of Cyber Threats in Large-Scale Network Environments (LXAIDM-CTLSN) method. The projected LXAIDM-CTLSN method aims to recognize and classify cyber-attacks in achieving cybersecurity. Initially, the normalization is performed using Min-max normalization to standardize the data. The Mayfly Optimization Algorithm (MOA) is then utilized for feature selection, effectively mitigating computational complexity. A Sparse Denoising Autoencoder (SDAE) model recognizes and classifies cyber threats. Additionally, the Hiking Optimization Algorithm (HOA) is employed to fine-tune the hyperparameters of the SDAE model. Finally, the XAI method LIME is integrated to enhance the explainability and understanding of the Blackbox technique, ensuring superior classification of cyberattacks. Extensive experiments were conducted to evaluate the overall robustness of the proposed XAIDM-CTLSN method using the NSLKDD2015 and CICIDS2017 datasets. The experimental validation of the XAIDM-CTLSN method portrayed a superior accuracy value of 99.09% over other techniques.