Stabilising Explainability Fragility in Cybersecurity AI: The Impact and Mitigation of Multicollinearity in Public Benchmark Datasets
Summary
This paper identifies multicollinearity as a significant, unexplored vulnerability impacting AI explainability in intrusion detection systems (IDS). It formally proves that multicollinearity inflates attribution variance, rendering explanations and feature importances non-identifiable. Comprehensive experiments on the UNSW-NB15 benchmark dataset validate this theorem across linear, tree-based, kernel, and neural models, using both full and pruned feature sets. The research introduces the "Explanability Fragility Score" and proposes two novel mitigation methods: CAA-Filtering, which stabilizes explanations by grouping attributions of trained models, and SHARP, a training-time regularization framework that penalizes attribution instability for monotonic improvement. The findings, quantified using Kendall's τ for instability, support stable predictive performance and have direct implications for the trustworthiness and reproducibility of XAI in security-critical contexts.
Key takeaway
For AI Security Engineers deploying XAI in intrusion detection systems, you must address multicollinearity in your datasets. Ignoring this vulnerability inflates explanation variance, compromising the trustworthiness and reproducibility of your AI's insights. Incorporate multicollinearity mitigations like CAA-Filtering or SHARP into your IDS pipelines to ensure stable and reliable explanations, thereby enhancing the integrity of your security decisions.
Key insights
Multicollinearity in cybersecurity datasets inflates AI explanation variance, making attributions non-identifiable and impacting XAI trustworthiness.
Principles
- Multicollinearity inflates AI attribution variance.
- Explanations are non-identifiable under multicollinearity.
- XAI trustworthiness requires multicollinearity mitigation.
Method
The paper proposes CAA-Filtering to stabilize explanations by grouping attributions of trained models, and SHARP, a training-time regularization framework that penalizes attribution instability.
In practice
- Evaluate explainability fragility with Explanability Fragility Score.
- Apply CAA-Filtering for post-hoc explanation stabilization.
- Implement SHARP for training-time attribution regularization.
Topics
- AI Explainability
- Multicollinearity
- Intrusion Detection Systems
- Cybersecurity AI
- UNSW-NB15 Dataset
- Attribution Stability
Best for: Research Scientist, AI Scientist, AI Security Engineer, Machine Learning Engineer
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by Machine Learning.