An Explainable AI-Driven Zero-Day Attack Detection Framework for Securing Edge Devices in Smart Cities

 

 

 

Santhiyakumari N.1,*, Sabarinathan S.2, Veerakumar S.2, Chandraman M.2, Kiruthika G.3

 

1Professor, Department of ECE, Knowledge Institute of Technology, Salem, Tamil Nadu, India

 

2Assistant Professor, Department of ECE, Knowledge Institute of Technology, Salem, Tamil Nadu, India

 

3PG Scholar, Department of ECE, Knowledge Institute of Technology, Salem, Tamil Nadu, India

 

Emails: dirrd@kiot.ac.in; ssnece@kiot.ac.in; svkece@kiot.ac.in; mcece@kiot.ac.in; 2k22vlsi09@kiot.ac.in

 

 

 

 

 

Abstract

 

The rapid proliferation of edge computing in smart cities has enhanced real-time data processing capabilities, but it has also exposed critical vulnerabilities to sophisticated cyber threats such as zero-day attacks. Traditional signature-based intrusion detection systems often fail to identify these previously unknown threats due to their lack of adaptive intelligence and interpretability. This research proposes an Explainable Artificial Intelligence (XAI)-driven zero-day attack detection framework tailored for edge devices deployed in smart city environments. The proposed system combines deep anomaly detection using a hybrid Convolutional Neural Network–Long Short-Term Memory (CNN–LSTM) model with SHAP (SHapley Additive exPlanations)-based interpretability to detect and explain anomalous behaviors in real-time network traffic. The model is trained on diverse datasets mimicking heterogeneous edge devices in smart infrastructures, ensuring robustness and scalability. Experimental results demonstrate high detection accuracy, low false-positive rates, and strong resilience against unseen attack patterns. Moreover, the integration of XAI components provides actionable insights to administrators, thereby enhancing trust, transparency, and decision-making in cybersecurity operations. This framework marks a significant step toward proactive and explainable security solutions for safeguarding smart urban ecosystems.

 

Keywords: Explainable AI (XAI); Zero-Day Attack Detection; Edge Computing; Smart Cities; CNN-LSTM; SHAP; Anomaly Detection; Cybersecurity; Intrusion Detection System (IDS); Interpretable Deep Learning