Jove
Visualize
Contact Us
JoVE
x logofacebook logolinkedin logoyoutube logo
ABOUT JoVE
OverviewLeadershipBlogJoVE Help Center
AUTHORS
Publishing ProcessEditorial BoardScope & PoliciesPeer ReviewFAQSubmit
LIBRARIANS
TestimonialsSubscriptionsAccessResourcesLibrary Advisory BoardFAQ
RESEARCH
JoVE JournalMethods CollectionsJoVE Encyclopedia of ExperimentsArchive
EDUCATION
JoVE CoreJoVE BusinessJoVE Science EducationJoVE Lab ManualFaculty Resource CenterFaculty Site
Terms & Conditions of Use
Privacy Policy
Policies

Related Experiment Videos

A method for forensic-ready intrusion detection using explainable learning, prediction-aware graph modeling, and

Sghaier Guizani1,2, Sneha Xavier2,3, Amal Ajayan2,4

  • 1Department of Electrical Engineering, Alfaisal University, Riyadh, Saudi Arabia.

Methodsx
|June 19, 2026
PubMed
Summary

Related Concept Videos

Steps in Outbreak Investigation01:18

Steps in Outbreak Investigation

In the ever-evolving field of public health, statistical analysis serves as a cornerstone for understanding and managing disease outbreaks. By leveraging various statistical tools, health professionals can predict potential outbreaks, analyze ongoing situations, and devise effective responses to mitigate impact. For that to happen, there are a few possible stages of the analysis:

You might also read

Related Articles

Articles linked to this work by shared authors, journal, and citation graph.

Sort by
Same author

RETRACTED: Srivastava et al. Match-Level Fusion of Finger-Knuckle Print and Iris for Human Identity Validation Using Neuro-Fuzzy Classifier. <i>Sensors</i> 2022, <i>22</i>, 3620.

Sensors (Basel, Switzerland)·2026
Same author

Stacking Deep Neural Networks to Detect Multiple Types of Cardiac Arrhythmias.

IEEE journal of biomedical and health informatics·2026
Same author

A LangChain-facilitated conversational approach to cataract disease: A pilot study with large language models.

Digital health·2026
Same author

Ensemble machine learning for proactive android ransomware detection using network traffic.

Scientific reports·2026
Same author

Unveiling the black box: Explainable transfer learning for ocular disorder diagnosis.

Digital health·2026
Same author

Explainable bidirectional encoder representations from image transformers for Alzheimer's disease prediction.

Digital health·2026
This summary is machine-generated.

This study introduces a reproducible intrusion detection workflow integrating data partitioning, preprocessing, Random Forest prediction, explainability (SHAP, LIME), and graph analysis for enhanced cyber defense. The method ensures auditable and verifiable forensic-ready intrusion detection.

Area of Science:

  • Cybersecurity
  • Data Science
  • Network Security

Background:

  • Intrusion detection systems (IDS) often lack reproducibility due to fragmented workflows.
  • Challenges include undocumented preprocessing, model configuration, and analysis.
  • This hinders verification, reuse, and forensic readiness.

Purpose of the Study:

  • To present a unified, reproducible, and forensic-ready intrusion detection method.
  • To integrate multiple stages of the detection pipeline into a single executable workflow.
  • To enhance audibility and verifiability of intrusion detection processes.

Main Methods:

  • Developed a leakage-safe stratified partitioning and deterministic preprocessing workflow.
  • Implemented Random Forest for multi-class prediction.
Keywords:
Counterfactual reasoningDiCEExplainable artificial intelligenceForensic analyticsIntrusion detectionPrediction-aware graph modelingRandomforestReproducible machine learning

Related Experiment Videos

  • Integrated explainability methods (SHAP, LIME) and prediction-aware interaction graph construction.
  • Incorporated counterfactual reasoning (DiCE) for decision-sensitive analysis.
  • Main Results:

    • The complete workflow was implemented on the TON-IoT dataset.
    • Reproducible outputs and intermediate artifacts were packaged for verification.
    • Demonstrated a unified procedure for building and analyzing intrusion detection systems.
    • Enabled graph-based ranking of suspicious nodes and flows.

    Conclusions:

    • The proposed method provides a unified procedure for building and analyzing intrusion detection systems.
    • Achieved explicit control over data partitioning, feature transformation, model behavior, and forensic decision-making.
    • Facilitates reproducible forensic and cyber defense studies through artifact-backed outputs.