Interpretable AI-Based Intrusion Detection with Hybrid Feature Optimization for Smart Infrastructures
摘要
The increasing interconnection of smart infrastructures, including industrial IoT and smart grids, has amplified the risk of cyberattacks, creating an urgent need for interpretable and trustworthy intrusion detection systems (IDS). This study presents a comprehensive AI-driven framework that integrates hybrid optimization with interpretable models to enhance cybersecurity resilience in complex digital environments. The framework combines ensemble-based stacking and Recursive Feature Elimination (RFE) for effective feature selection, while optimizing Logistic Regression and Extreme Gradient Boosting classifiers through a novel Attack–Leave Optimizer (ALO) with Quadratic Interpolation Optimization (QIO) to improve detection accuracy and computational efficiency. Local Interpretable Model-Agnostic Explanations (LIME) are employed to provide transparency in decision-making, highlighting critical features and defining clear decision boundaries. Evaluation on the UNSW-NB15 dataset demonstrates a high test accuracy of 0.987, with strong precision and recall across diverse attack categories, confirming both the robustness and interpretability of the framework. The proposed approach supports deployment in smart grids, connected urban infrastructures, and industrial IoT systems, and can be extended toward online learning for real-time adaptive intrusion detection, enabling continuous protection in dynamic network environments.