Saved in:
Bibliographic Details
Main Authors: Yacoubi, Mohammed, Moussaoui, Omar, Drocourt, C.
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2509.10563
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866918140423700480
author Yacoubi, Mohammed
Moussaoui, Omar
Drocourt, C.
author_facet Yacoubi, Mohammed
Moussaoui, Omar
Drocourt, C.
contents Explainable Artificial Intelligence (XAI) enhances the transparency and interpretability of AI models, addressing their inherent opacity. In cybersecurity, particularly within the Internet of Medical Things (IoMT), the black-box nature of AI-driven threat detection poses a significant challenge. Cybersecurity professionals must not only detect attacks but also understand the reasoning behind AI decisions to ensure trust and accountability. The rapid increase in cyberattacks targeting connected medical devices threatens patient safety and data privacy, necessitating advanced AI-driven solutions. This study compares two ensemble learning techniques, bagging and boosting, for cyber-attack classification in IoMT environments. We selected Random Forest for bagging and CatBoost for boosting. Random Forest helps reduce variance, while CatBoost improves bias by combining weak classifiers into a strong ensemble model, making them effective for detecting sophisticated attacks. However, their complexity often reduces transparency, making it difficult for cybersecurity professionals to interpret and trust their decisions. To address this issue, we apply XAI models to generate local and global explanations, providing insights into AI decision-making. Using techniques like SHAP (Shapley Additive Explanations) and LIME (Local Interpretable Model-agnostic Explanations), we highlight feature importance to help stakeholders understand the key factors driving cyber threat detection.
format Preprint
id arxiv_https___arxiv_org_abs_2509_10563
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Enhancing IoMT Security with Explainable Machine Learning: A Case Study on the CICIOMT2024 Dataset
Yacoubi, Mohammed
Moussaoui, Omar
Drocourt, C.
Cryptography and Security
Explainable Artificial Intelligence (XAI) enhances the transparency and interpretability of AI models, addressing their inherent opacity. In cybersecurity, particularly within the Internet of Medical Things (IoMT), the black-box nature of AI-driven threat detection poses a significant challenge. Cybersecurity professionals must not only detect attacks but also understand the reasoning behind AI decisions to ensure trust and accountability. The rapid increase in cyberattacks targeting connected medical devices threatens patient safety and data privacy, necessitating advanced AI-driven solutions. This study compares two ensemble learning techniques, bagging and boosting, for cyber-attack classification in IoMT environments. We selected Random Forest for bagging and CatBoost for boosting. Random Forest helps reduce variance, while CatBoost improves bias by combining weak classifiers into a strong ensemble model, making them effective for detecting sophisticated attacks. However, their complexity often reduces transparency, making it difficult for cybersecurity professionals to interpret and trust their decisions. To address this issue, we apply XAI models to generate local and global explanations, providing insights into AI decision-making. Using techniques like SHAP (Shapley Additive Explanations) and LIME (Local Interpretable Model-agnostic Explanations), we highlight feature importance to help stakeholders understand the key factors driving cyber threat detection.
title Enhancing IoMT Security with Explainable Machine Learning: A Case Study on the CICIOMT2024 Dataset
topic Cryptography and Security
url https://arxiv.org/abs/2509.10563