EXPLAINABLE FEDERATED DEEP LEARNING FRAMEWORK FOR PRIVACY-PRESERVING INTRUSION DETECTION IN CRITICAL INFRASTRUCTURE NETWORKS

Abstract

The increasing digitization and interconnectivity of critical infrastructure systems such as smart grids, industrial control systems, and IoT-enabled environments have significantly expanded the cyberattack surface, making intrusion detection a critical cybersecurity requirement. Traditional centralized intrusion detection systems (IDS) are limited by privacy risks, scalability constraints, and lack of interpretability, particularly in sensitive and distributed environments. To address these challenges, this study proposes an Explainable Federated Deep Learning (E-FDL) framework for privacy-preserving intrusion detection in critical infrastructure networks. The proposed framework integrates federated learning to enable decentralized model training without sharing raw data, thereby ensuring data privacy and regulatory compliance. Deep learning models, including convolutional and recurrent neural architectures, are employed to capture complex temporal and spatial patterns in network traffic data for accurate intrusion classification. In addition, explainable artificial intelligence (XAI) techniques such as SHAP and LIME are incorporated to enhance transparency by identifying key features influencing model decisions. The experimental evaluation demonstrates that the proposed E-FDL framework outperforms traditional centralized and federated baseline models in terms of accuracy, precision, recall, F1-score, and false positive rate. Furthermore, the integration of explainability improves trustworthiness and interpretability, making the system suitable for real-world deployment in high-stakes cybersecurity environments. The study concludes that the integration of federated learning, deep learning, and explainable AI provides a robust, scalable, and privacy-preserving solution for intrusion detection in critical infrastructure networks.