Swarm-Enhanced Federated Learning with XAI for Robust and Interpretable Cyber Threat Detection
Research Article  ·  Published: 18 April 2026
Issue cover
ICCK Transactions on Cybersecurity
Volume 1, Issue 2, 2026: 58-74
Research Article Free to Read

Swarm-Enhanced Federated Learning with XAI for Robust and Interpretable Cyber Threat Detection

1 Department of Computer Science and Engineering, Pragati Engineering College, Surampalem 533437, India
* Corresponding Author: Manas Kumar Yogi, [email protected]
Volume 1, Issue 2

Article Information

Abstract

As cyberattacks grow more advanced and privacy laws become stricter, security systems must be powerful, transparent, and privacy-friendly. This paper introduces SwarmFL-XAI, a new framework that blends nature-inspired intelligence, collaborative learning, and explainable AI to deliver secure, scalable, and trustworthy threat detection. By using an ant-based strategy for sharing and updating models across devices, the system handles uneven data and malicious behaviour while avoiding the risks of a central server. Tools like SHAP and LIME explain why decisions are made, giving analysts clear insights and greater confidence. Tests on the UNSW-NB15 and CICIDS2017 datasets show strong results, with 0.95 accuracy, a 0.92 F1-Score, and a response time of 300 ms , outperforming traditional and existing AI – based security systems. Built-in privacy protection ensures compliance with GDPR and CCPA, making it suitable for both IoT and enterprise networks. In addition, smart client selection and secure data combining reduce breach risks by up to 95%. SwarmFL-XAI therefore offers a balanced and practical approach to modern cybersecurity.

Graphical Abstract

Swarm-Enhanced Federated Learning with XAI for Robust and Interpretable Cyber Threat Detection

Keywords

swarm intelligence federated learning explainable artificial intelligence(XAI) cyber threat detection ant colony optimization differential privacy non-IID data intrusion detection systems SHAP LIME

Data Availability Statement

The dataset used and/or analyzed during the current study is publicly available in the GitHub repository: https://github.com/LikhithaThumpala/My-dataset

Funding

This work was supported without any funding.

Conflicts of Interest

The authors declare no conflicts of interest.

AI Use Statement

The authors declare that no generative AI was used in the preparation of this manuscript.

Ethical Approval and Consent to Participate

Not applicable.

References

  1. Khan, M. A., Farooq, M. S., Saleem, M., Shahzad, T., Ahmad, M., Abbas, S., & Abu-Mahfouz, A. M. (2025). Smart buildings: Federated learning-driven secure, transparent and smart energy management system using XAI. Energy Reports, 13, 2066-2081.
    [CrossRef] [Google Scholar]
  2. Alketbi, K. S., & Mehmood, A. (2025). A Comprehensive Survey of Explainable Artificial Intelligence Techniques for Malicious Insider Threat Detection. IEEE Access.
    [CrossRef] [Google Scholar]
  3. Hemalatha, A., Kumar, V., Graf, F. T., Pavithra, P., & Suresh, R. (2025, February). A Hybrid Intrusion Detection System using Explainable AI for Enhanced Accuracy and Transparency. In 2025 International Conference on Electronics and Renewable Systems (ICEARS) (pp. 923-929). IEEE.
    [CrossRef] [Google Scholar]
  4. Ducange, P., Marcelloni, F., Renda, A., & Ruffini, F. (2024). Federated learning of XAI models in healthcare: a case study on Parkinson’s disease. Cognitive Computation, 16(6), 3051-3076.
    [CrossRef] [Google Scholar]
  5. Sarker, M. A. A., Shanmugam, B., Azam, S., & Thennadil, S. (2024). Enhancing smart grid load forecasting: An attention-based deep learning model integrated with federated learning and XAI for security and interpretability. Intelligent Systems with Applications, 23, 200422.
    [CrossRef] [Google Scholar]
  6. Fatema, K., Dey, S. K., Anannya, M., Khan, R. T., Rashid, M. M., Su, C., & Mazumder, R. (2025). Federated XAI IDS: An explainable and safeguarding privacy approach to detect intrusion combining federated learning and SHAP. Future Internet, 17(6), 234.
    [CrossRef] [Google Scholar]
  7. Kumar, P., Javeed, D., Kumar, R., & Islam, A. N. (2024). Blockchain and explainable AI for enhanced decision making in cyber threat detection. Software: Practice and Experience, 54(8), 1337-1360.
    [CrossRef] [Google Scholar]
  8. Nadeem, A. (2024). Understanding Adversary Behavior via XAI: Leveraging Sequence Clustering To Extract Threat Intelligence.
    [CrossRef] [Google Scholar]
  9. Gwassi, O. A. H., Uçan, O. N., & Navarro, E. A. (2025). Cyber-XAI-Block: an end-to-end cyber threat detection & fl-based risk assessment framework for iot enabled smart organization using xai and blockchain technologies. Multimedia Tools and Applications, 84(23), 26527-26568.
    [CrossRef] [Google Scholar]
  10. Prity, F. S., Islam, M. S., Fahim, E. H., Hossain, M. M., Bhuiyan, S. H., Islam, M. A., & Raquib, M. (2024). Machine learning-based cyber threat detection: an approach to malware detection and security with explainable AI insights. Human-Intelligent Systems Integration, 6(1), 61-90.
    [CrossRef] [Google Scholar]
  11. Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z. B., & Swami, A. (2016). Practical black-box attacks against deep learning systems using adversarial examples. arXiv preprint arXiv:1602.02697.
    [Google Scholar]
  12. Al Essa, M. M. M. (2024). Leveraging explainable artificial intelligence to enhance cyber-threat detection. University of Bari Aldo Moro. \url{https://hdl.handle.net/11586/532300
    [Google Scholar]
  13. Daole, M., Schiavo, A., Bárcena, J. L. C., Ducange, P., Marcelloni, F., & Renda, A. (2023). OpenFL-XAI: Federated learning of explainable artificial intelligence models in Python. SoftwareX, 23, 101505.
    [CrossRef] [Google Scholar]
  14. Thumpala, L. (n.d.). My-dataset [Data set]. GitHub. Retrieved from \url{https://github.com/LikhithaThumpala/My-dataset
    [Google Scholar]
  15. López-Blanco, R., Alonso, R. S., González-Arrieta, A., Chamoso, P., & Prieto, J. (2023, July). Federated learning of explainable artificial intelligence (FED-XAI): A review. In International Symposium on Distributed Computing and Artificial Intelligence (pp. 318-326). Cham: Springer Nature Switzerland.
    [CrossRef] [Google Scholar]
  16. Bechini, A., Daole, M., Ducange, P., Marcelloni, F., & Renda, A. (2023, August). An application for federated learning of XAI models in edge computing environments. In 2023 IEEE International Conference on Fuzzy Systems (FUZZ) (pp. 1-7). IEEE.
    [CrossRef] [Google Scholar]
  17. Lopez-Ramos, L. M., Leiser, F., Rastogi, A., Hicks, S., Strümke, I., Madai, V. I., ... & Hilbert, A. (2024). Interplay between federated learning and explainable artificial intelligence: a scoping review. arXiv preprint arXiv:2411.05874.
    [Google Scholar]
  18. Renda, A., Ducange, P., Marcelloni, F., Sabella, D., Filippou, M. C., Nardini, G., ... & Baltar, L. G. (2022). Federated learning of explainable AI models in 6G systems: Towards secure and automated vehicle networking. Information, 13(8), 395.
    [CrossRef] [Google Scholar]
  19. Huong, T. T., Bac, T. P., Ha, K. N., Hoang, N. V., Hoang, N. X., Hung, N. T., & Tran, K. P. (2022). Federated learning-based explainable anomaly detection for industrial control systems. IEEE Access, 10, 53854-53872.
    [CrossRef] [Google Scholar]
  20. Malik, A. E., Andresini, G., Appice, A., & Malerba, D. (2022, September). An XAI-based adversarial training approach for cyber-threat detection. In 2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech) (pp. 1-8). IEEE.
    [CrossRef] [Google Scholar]
  21. Mahbooba, B., Timilsina, M., Sahal, R., & Serrano, M. (2021). Explainable artificial intelligence (XAI) to enhance trust management in intrusion detection systems using decision tree model. Complexity, 2021(1), 6634811.
    [CrossRef] [Google Scholar]

Cite This Article

APA Style
Tumpala, L., & Yogi, M. K. (2026). Swarm-Enhanced Federated Learning with XAI for Robust and Interpretable Cyber Threat Detection. ICCK Transactions on Cybersecurity, 1(1), 58–74. https://doi.org/10.62762/TC.2026.123135
Export Citation
RIS Format
Compatible with EndNote, Zotero, Mendeley, and other reference managers
TY  - JOUR
AU  - Tumpala, Likhitha
AU  - Yogi, Manas Kumar
PY  - 2026
DA  - 2026/04/18
TI  - Swarm-Enhanced Federated Learning with XAI for Robust and Interpretable Cyber Threat Detection
JO  - ICCK Transactions on Cybersecurity
T2  - ICCK Transactions on Cybersecurity
JF  - ICCK Transactions on Cybersecurity
VL  - 2
IS  - 1
SP  - 58
EP  - 74
DO  - 10.62762/TC.2026.123135
UR  - https://www.icck.org/article/abs/TC.2026.123135
KW  - swarm intelligence
KW  - federated learning
KW  - explainable artificial intelligence(XAI)
KW  - cyber threat detection
KW  - ant colony optimization
KW  - differential privacy
KW  - non-IID data
KW  - intrusion detection systems
KW  - SHAP
KW  - LIME
AB  - As cyberattacks grow more advanced and privacy laws become stricter, security systems must be powerful, transparent, and privacy-friendly. This paper introduces SwarmFL-XAI, a new framework that blends nature-inspired intelligence, collaborative learning, and explainable AI to deliver secure, scalable, and trustworthy threat detection. By using an ant-based strategy for sharing and updating models across devices, the system handles uneven data and malicious behaviour while avoiding the risks of a central server. Tools like SHAP and LIME explain why decisions are made, giving analysts clear insights and greater confidence. Tests on the UNSW-NB15 and CICIDS2017 datasets show strong results, with 0.95 accuracy, a 0.92 F1-Score, and a response time of 300 ms , outperforming traditional and existing AI – based security systems. Built-in privacy protection ensures compliance with GDPR and CCPA, making it suitable for both IoT and enterprise networks. In addition, smart client selection and secure data combining reduce breach risks by up to 95%. SwarmFL-XAI therefore offers a balanced and practical approach to modern cybersecurity.
SN  - 3069-3349
PB  - Institute of Central Computation and Knowledge
LA  - English
ER  - 
BibTeX Format
Compatible with LaTeX, BibTeX, and other reference managers
@article{Tumpala2026SwarmEnhan,
  author = {Likhitha Tumpala and Manas Kumar Yogi},
  title = {Swarm-Enhanced Federated Learning with XAI for Robust and Interpretable Cyber Threat Detection},
  journal = {ICCK Transactions on Cybersecurity},
  year = {2026},
  volume = {2},
  number = {1},
  pages = {58-74},
  doi = {10.62762/TC.2026.123135},
  url = {https://www.icck.org/article/abs/TC.2026.123135},
  abstract = {As cyberattacks grow more advanced and privacy laws become stricter, security systems must be powerful, transparent, and privacy-friendly. This paper introduces SwarmFL-XAI, a new framework that blends nature-inspired intelligence, collaborative learning, and explainable AI to deliver secure, scalable, and trustworthy threat detection. By using an ant-based strategy for sharing and updating models across devices, the system handles uneven data and malicious behaviour while avoiding the risks of a central server. Tools like SHAP and LIME explain why decisions are made, giving analysts clear insights and greater confidence. Tests on the UNSW-NB15 and CICIDS2017 datasets show strong results, with 0.95 accuracy, a 0.92 F1-Score, and a response time of 300 ms , outperforming traditional and existing AI – based security systems. Built-in privacy protection ensures compliance with GDPR and CCPA, making it suitable for both IoT and enterprise networks. In addition, smart client selection and secure data combining reduce breach risks by up to 95\%. SwarmFL-XAI therefore offers a balanced and practical approach to modern cybersecurity.},
  keywords = {swarm intelligence, federated learning, explainable artificial intelligence(XAI), cyber threat detection, ant colony optimization, differential privacy, non-IID data, intrusion detection systems, SHAP, LIME},
  issn = {3069-3349},
  publisher = {Institute of Central Computation and Knowledge}
}

Article Metrics

Citations
Crossref
0
Scopus
0
Views
332
PDF Downloads
97

Publisher's Note

ICCK stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and Permissions

Institute of Central Computation and Knowledge (ICCK) or its licensor holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
ICCK Transactions on Cybersecurity
ICCK Transactions on Cybersecurity
ISSN: 3069-3349 (Online)
Portico
Preserved at
Portico