![[2602.19087] Detecting Cybersecurity Threats by Integrating Explainable AI with SHAP Interpretability and Strategic Data Sampling](https://arxiv.org/static/browse/0.3.4/images/arxiv-logo-fb.png){kind=logo}
[2602.19087] Detecting Cybersecurity Threats by Integrating Explainable AI with SHAP Interpretability and Strategic Data Sampling
Summary
This article presents a novel framework for detecting cybersecurity threats by integrating Explainable AI (XAI) with SHAP interpretability and strategic data sampling, enhancing transparency and efficiency in threat detection.
Why It Matters
As cybersecurity threats evolve, the need for transparent and reliable AI systems becomes critical. This research addresses key challenges in AI deployment for security, ensuring that models are interpretable, efficient, and rigorously tested, thus fostering trust in automated systems used by security analysts.
Key Takeaways
- Integrates Explainable AI with SHAP for better interpretability in cybersecurity.
- Utilizes strategic data sampling to maintain class distributions while enhancing model efficiency.
- Implements automated data leakage prevention to ensure experimental integrity.
- Demonstrates that explainability and computational efficiency can coexist in AI systems.
- Provides actionable insights for security analysts, improving decision-making processes.
Computer Science > Cryptography and Security arXiv:2602.19087 (cs) [Submitted on 22 Feb 2026] Title:Detecting Cybersecurity Threats by Integrating Explainable AI with SHAP Interpretability and Strategic Data Sampling Authors:Norrakith Srisumrith, Sunantha Sodsee View a PDF of the paper titled Detecting Cybersecurity Threats by Integrating Explainable AI with SHAP Interpretability and Strategic Data Sampling, by Norrakith Srisumrith and 1 other authors View PDF HTML (experimental) Abstract:The critical need for transparent and trustworthy machine learning in cybersecurity operations drives the development of this integrated Explainable AI (XAI) framework. Our methodology addresses three fundamental challenges in deploying AI for threat detection: handling massive datasets through Strategic Sampling Methodology that preserves class distributions while enabling efficient model development; ensuring experimental rigor via Automated Data Leakage Prevention that systematically identifies and removes contaminated features; and providing operational transparency through Integrated XAI Implementation using SHAP analysis for model-agnostic interpretability across algorithms. Applied to the CIC-IDS2017 dataset, our approach maintains detection efficacy while reducing computational overhead and delivering actionable explanations for security analysts. The framework demonstrates that explainability, computational efficiency, and experimental integrity can be simultaneously achieved, pr...
