The paper proposes a machine learning framework for detecting DoS and DDoS attacks in network traffic, strengthened by Explainable AI (XAI) and Large Language Models (LLMs). It emphasizes that while ML classifiers achieve high accuracy in identifying malicious traffic, their black-box nature limits trust. To address this, LIME and SHAP are integrated to provide local and global interpretability, helping analysts understand why specific traffic is flagged. Additionally, LLMs are leveraged to enhance contextual analysis and improve the interpretability of detection outcomes, bridging technical insights with human-readable explanations. Overall, the study highlights that combining ML with XAI and LLMs not only improves detection performance but also ensures transparency, trust, and usability in AI-driven cybersecurity systems.
V K R SUBHASH CH (Sat,) studied this question.