EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Interpretable Anomaly Detection for Cyber-Physical System Risk Mitigation Using CNN and SHAP

Kamal Bella, Azidine Guezzaz (), Ravikumar Patchmuthu (), Said Benkirane, Mouaad Mohy-Eddine and Mourade Azrour
Additional contact information
Kamal Bella: Higher School of Technology, Cadi Ayyad University, SISAR Team, LaRTiD Laboratory
Azidine Guezzaz: Higher School of Technology, Cadi Ayyad University, SISAR Team, LaRTiD Laboratory
Ravikumar Patchmuthu: Universiti Teknology Brunei
Said Benkirane: Higher School of Technology, Cadi Ayyad University, SISAR Team, LaRTiD Laboratory
Mouaad Mohy-Eddine: National School of Arts and Crafts, Hassan II University, DELTA Lab
Mourade Azrour: Moulay Ismail University, Faculty of Sciences and Technics

A chapter in Reliability in Cyber-Physical Systems: The Human Factor Perspective, 2026, pp 119-129 from Springer

Abstract: Abstract Cyber-physical systems (CPS) increasingly underlie critical infrastructures, and ensuring they remain free of anomalies is paramount, although many existing detection techniques either struggle to adapt to novel threats or offer little insight into how decisions are reached. In this paper, we introduce a convolutional neural network (CNN) combined with SHAP (SHapley Additive exPlanations) that not only achieves an accuracy of 98.89% but also provides transparent justifications for each anomaly prediction. By carefully preprocessing the NSL-KDD dataset—merging and standardizing features, as well as encoding categorical fields—we create a robust foundation for our CNN, which employs one-dimensional convolutions, dropout, and global average pooling to capture subtle patterns while mitigating overfitting risks. Empirical evaluations show that precision, recall, and F1-score all exceed 98%, with the ROC AUC reaching 99.93%, yet the true novelty lies in how SHAP clarifies feature-level contributions, empowering system operators and security professionals to understand precisely why particular instances are flagged as malicious or benign.

Keywords: Shapley values; Anomaly detection; XAI; CNN; NSL-KDD; IDS; CPS (search for similar items in EconPapers)
Date: 2026
References: Add references at CitEc
Citations:

There are no downloads for this item, see the EconPapers FAQ for hints about obtaining it.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:ssrchp:978-3-032-09917-4_8

Ordering information: This item can be ordered from
http://www.springer.com/9783032099174

DOI: 10.1007/978-3-032-09917-4_8

Access Statistics for this chapter

More chapters in Springer Series in Reliability Engineering from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2026-01-23
Handle: RePEc:spr:ssrchp:978-3-032-09917-4_8