Abstract
Due to ever-evolving cyber threats, there’s a need for a highly robust and interpretable intrusion detection system to strengthen network security. This research proposes an Explainable Artificial Intelligence (AI)-based Hybrid Model for network intrusion detection incorporating the use of an ensemble of classifiers trained on the CICIDS2017 dataset. The model consists of preprocessing, PCA for dimensionality reduction, and feature selection to detect key attributes. A Voting Classifier combines the strengths of individual classifiers so that it performs equally well on precision, recall and F1 score. We also tune its parameters using RandomizedSearchCV to optimise the classifier. The hybrid ensemble method captures network intrusion by merging the strengths of all classifiers. To make the system very transparent, we have used SHAP analysis to explain the important features and their interpretations. This allows network security executives to find out why a decision was made. SMOTE (Synthetic Minority Over-sampling Technique) is also applied to handle class imbalance and further enhance the model robustness. The model achieves high performance with 98.58% accuracy, 98.59% precision, 98.58% recall, F1 score of 98.56%, and ROC AUC score of 99.35%, successfully distinguishing between benign and malicious traffic. This study will offer security experts a real-time security solution that is accurate, transparent and explainable. It will advance explainable AI-based IDS.