An assessment framework for explainable AI with applications to cybersecurity

Several explainable AI methods are available, but there is a lack of a systematic comparison of such methods. This paper contributes in this direction, by providing a framework for comparing alternative explanations in terms of complexity and robustness. We exemplify our proposal on a real case study in the cybersecurity domain, namely, phishing website detection. In fact, in this domain explainability is a compelling issue because of its potential benefits for the detection of fraudulent attacks and for the design of efficient security defense mechanisms. For this purpose, we apply our methodology to the machine learning models obtained by analyzing a publicly available dataset containing features extracted from malicious and legitimate web pages. The experiments show that our methodology is quite effective in selecting the explainability method which is, at the same time, less complex and more robust.