Proceedings of the Workshop on Computation: Theory and Practice (WCTP 2023)

Extracting Explanatory Information from LSTM for Binary Classification of Time Series Data for Intrusion Detection

Authors
Noriyoshi Ozawa1, *, Shigeki Hagihara2
1Graduate School of Science and Technology, Chitose Institute of Science and Technology, 758-65 Bibi, Chitose, Hokkaido, 066-8655, Japan
2Faculty of Science and Technology, Chitose Institute of Science and Technology, 758-65 Bibi, Chitose, Hokkaido, 066-8655, Japan
*Corresponding author. Email: m2230080@photon.chitose.ac.jp
Corresponding Author
Noriyoshi Ozawa
Available Online 29 February 2024.
DOI
10.2991/978-94-6463-388-7_12How to use a DOI?
Keywords
Deep learning; explainability; intrusion detection system; XAI
Abstract

In this study, we constructed a method for obtaining information that explains the classification results of a long short-term memory (LSTM) trained as an intrusion detection system (IDS). The LSTM learns two types of information: information about system accesses at each time point and time series information across multiple time points. We extracted explanatory information to rank the importances of these two information types. If the time series information was considered more important, we extracted information indicating which range of past information influenced the classification.

Copyright
© 2024 The Author(s)
Open Access
Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International License (http://creativecommons.org/licenses/by-nc/4.0/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

Download article (PDF)

Volume Title
Proceedings of the Workshop on Computation: Theory and Practice (WCTP 2023)
Series
Atlantis Highlights in Computer Sciences
Publication Date
29 February 2024
ISBN
978-94-6463-388-7
ISSN
2589-4900
DOI
10.2991/978-94-6463-388-7_12How to use a DOI?
Copyright
© 2024 The Author(s)
Open Access
Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International License (http://creativecommons.org/licenses/by-nc/4.0/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

Cite this article

TY  - CONF
AU  - Noriyoshi Ozawa
AU  - Shigeki Hagihara
PY  - 2024
DA  - 2024/02/29
TI  - Extracting Explanatory Information from LSTM for Binary Classification of Time Series Data for Intrusion Detection
BT  - Proceedings of the Workshop on Computation: Theory and Practice (WCTP 2023)
PB  - Atlantis Press
SP  - 193
EP  - 211
SN  - 2589-4900
UR  - https://doi.org/10.2991/978-94-6463-388-7_12
DO  - 10.2991/978-94-6463-388-7_12
ID  - Ozawa2024
ER  -