A comprehensive review of explainable AI in cybersecurity: Decoding the black box
Anshika Sharma, Shalli Rani, Mohammad Shabaz
Abstract
Artificial Intelligence (AI) has been used extensively in all aspects of everyday life among people in recent times. Many techniques utilizing machine learning (ML) and deep learning (DL) models are being presented in this rapidly growing field of study. Most such models are generally regarded as “Black-Box” models since they are intrinsically complex and lack interpretable explanations for their decisions and conclusions. The lack of transparency increases the issue in the field of cybersecurity as implementing critical decisions in a system that cannot provide explanations for itself offers some evident risks. The lack of interpretability and transparency in existing AI techniques would make users distrust the models used to defend against cyberattacks, particularly given the increasingly complex and diverse nature of cyberattacks. Thus, Explainable Artificial Intelligence (XAI) must be utilized to construct cyber security models that are more understandable while keeping high accuracy and that enable users to understand, be reliable, and manage the future of cyber defence systems. This study provides a comprehensive survey of existing literature on using XAI to mitigate these challenges of cybersecurity black-box models. It emphasizes the significance of explainability in boosting faith and transparency in AI-driven systems and presents a thorough taxonomy of XAI techniques and technologies for cybersecurity applications. The study describes the evaluation criteria that are used to evaluate the effectiveness of XAI models, addresses different kinds of attacks like malware, phishing, and network intrusions, and shows how XAI techniques may mitigate these risks by providing a comprehensible understanding of model decisions. Along with the real-world case studies, it also explores the industrial applications of XAI in cybersecurity and examines the challenges in implementing XAI technology. The survey concludes with a review of the limitations of the existing XAI techniques and makes recommendations for future research, such as the requirement for more reliable XAI frameworks that can function in real-time and across a variety of cyber threat situations.