Swarm-Enhanced Federated Learning with XAI for Robust and Interpretable Cyber Threat Detection
Article Information
Abstract
As cyberattacks grow more advanced and privacy laws become stricter, security systems must be powerful, transparent, and privacy-friendly. This paper introduces SwarmFL-XAI, a new framework that blends nature-inspired intelligence, collaborative learning, and explainable AI to deliver secure, scalable, and trustworthy threat detection. By using an ant-based strategy for sharing and updating models across devices, the system handles uneven data and malicious behaviour while avoiding the risks of a central server. Tools like SHAP and LIME explain why decisions are made, giving analysts clear insights and greater confidence. Tests on the UNSW-NB15 and CICIDS2017 datasets show strong results, with 0.95 accuracy, a 0.92 F1-Score, and a response time of 300 ms , outperforming traditional and existing AI – based security systems. Built-in privacy protection ensures compliance with GDPR and CCPA, making it suitable for both IoT and enterprise networks. In addition, smart client selection and secure data combining reduce breach risks by up to 95%. SwarmFL-XAI therefore offers a balanced and practical approach to modern cybersecurity.
Graphical Abstract
Keywords
Data Availability Statement
Funding
Conflicts of Interest
AI Use Statement
Ethical Approval and Consent to Participate
References
- Khan, M. A., Farooq, M. S., Saleem, M., Shahzad, T., Ahmad, M., Abbas, S., & Abu-Mahfouz, A. M. (2025). Smart buildings: Federated learning-driven secure, transparent and smart energy management system using XAI. Energy Reports, 13, 2066-2081.
[CrossRef] [Google Scholar] - Alketbi, K. S., & Mehmood, A. (2025). A Comprehensive Survey of Explainable Artificial Intelligence Techniques for Malicious Insider Threat Detection. IEEE Access.
[CrossRef] [Google Scholar] - Hemalatha, A., Kumar, V., Graf, F. T., Pavithra, P., & Suresh, R. (2025, February). A Hybrid Intrusion Detection System using Explainable AI for Enhanced Accuracy and Transparency. In 2025 International Conference on Electronics and Renewable Systems (ICEARS) (pp. 923-929). IEEE.
[CrossRef] [Google Scholar] - Ducange, P., Marcelloni, F., Renda, A., & Ruffini, F. (2024). Federated learning of XAI models in healthcare: a case study on Parkinson’s disease. Cognitive Computation, 16(6), 3051-3076.
[CrossRef] [Google Scholar] - Sarker, M. A. A., Shanmugam, B., Azam, S., & Thennadil, S. (2024). Enhancing smart grid load forecasting: An attention-based deep learning model integrated with federated learning and XAI for security and interpretability. Intelligent Systems with Applications, 23, 200422.
[CrossRef] [Google Scholar] - Fatema, K., Dey, S. K., Anannya, M., Khan, R. T., Rashid, M. M., Su, C., & Mazumder, R. (2025). Federated XAI IDS: An explainable and safeguarding privacy approach to detect intrusion combining federated learning and SHAP. Future Internet, 17(6), 234.
[CrossRef] [Google Scholar] - Kumar, P., Javeed, D., Kumar, R., & Islam, A. N. (2024). Blockchain and explainable AI for enhanced decision making in cyber threat detection. Software: Practice and Experience, 54(8), 1337-1360.
[CrossRef] [Google Scholar] - Nadeem, A. (2024). Understanding Adversary Behavior via XAI: Leveraging Sequence Clustering To Extract Threat Intelligence.
[CrossRef] [Google Scholar] - Gwassi, O. A. H., Uçan, O. N., & Navarro, E. A. (2025). Cyber-XAI-Block: an end-to-end cyber threat detection & fl-based risk assessment framework for iot enabled smart organization using xai and blockchain technologies. Multimedia Tools and Applications, 84(23), 26527-26568.
[CrossRef] [Google Scholar] - Prity, F. S., Islam, M. S., Fahim, E. H., Hossain, M. M., Bhuiyan, S. H., Islam, M. A., & Raquib, M. (2024). Machine learning-based cyber threat detection: an approach to malware detection and security with explainable AI insights. Human-Intelligent Systems Integration, 6(1), 61-90.
[CrossRef] [Google Scholar] - Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z. B., & Swami, A. (2016). Practical black-box attacks against deep learning systems using adversarial examples. arXiv preprint arXiv:1602.02697.
[Google Scholar] - Al Essa, M. M. M. (2024). Leveraging explainable artificial intelligence to enhance cyber-threat detection. University of Bari Aldo Moro. \url{https://hdl.handle.net/11586/532300
[Google Scholar] - Daole, M., Schiavo, A., Bárcena, J. L. C., Ducange, P., Marcelloni, F., & Renda, A. (2023). OpenFL-XAI: Federated learning of explainable artificial intelligence models in Python. SoftwareX, 23, 101505.
[CrossRef] [Google Scholar] - Thumpala, L. (n.d.). My-dataset [Data set]. GitHub. Retrieved from \url{https://github.com/LikhithaThumpala/My-dataset
[Google Scholar] - López-Blanco, R., Alonso, R. S., González-Arrieta, A., Chamoso, P., & Prieto, J. (2023, July). Federated learning of explainable artificial intelligence (FED-XAI): A review. In International Symposium on Distributed Computing and Artificial Intelligence (pp. 318-326). Cham: Springer Nature Switzerland.
[CrossRef] [Google Scholar] - Bechini, A., Daole, M., Ducange, P., Marcelloni, F., & Renda, A. (2023, August). An application for federated learning of XAI models in edge computing environments. In 2023 IEEE International Conference on Fuzzy Systems (FUZZ) (pp. 1-7). IEEE.
[CrossRef] [Google Scholar] - Lopez-Ramos, L. M., Leiser, F., Rastogi, A., Hicks, S., Strümke, I., Madai, V. I., ... & Hilbert, A. (2024). Interplay between federated learning and explainable artificial intelligence: a scoping review. arXiv preprint arXiv:2411.05874.
[Google Scholar] - Renda, A., Ducange, P., Marcelloni, F., Sabella, D., Filippou, M. C., Nardini, G., ... & Baltar, L. G. (2022). Federated learning of explainable AI models in 6G systems: Towards secure and automated vehicle networking. Information, 13(8), 395.
[CrossRef] [Google Scholar] - Huong, T. T., Bac, T. P., Ha, K. N., Hoang, N. V., Hoang, N. X., Hung, N. T., & Tran, K. P. (2022). Federated learning-based explainable anomaly detection for industrial control systems. IEEE Access, 10, 53854-53872.
[CrossRef] [Google Scholar] - Malik, A. E., Andresini, G., Appice, A., & Malerba, D. (2022, September). An XAI-based adversarial training approach for cyber-threat detection. In 2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech) (pp. 1-8). IEEE.
[CrossRef] [Google Scholar] - Mahbooba, B., Timilsina, M., Sahal, R., & Serrano, M. (2021). Explainable artificial intelligence (XAI) to enhance trust management in intrusion detection systems using decision tree model. Complexity, 2021(1), 6634811.
[CrossRef] [Google Scholar]
Cite This Article
TY - JOUR AU - Tumpala, Likhitha AU - Yogi, Manas Kumar PY - 2026 DA - 2026/04/18 TI - Swarm-Enhanced Federated Learning with XAI for Robust and Interpretable Cyber Threat Detection JO - ICCK Transactions on Cybersecurity T2 - ICCK Transactions on Cybersecurity JF - ICCK Transactions on Cybersecurity VL - 2 IS - 1 SP - 58 EP - 74 DO - 10.62762/TC.2026.123135 UR - https://www.icck.org/article/abs/TC.2026.123135 KW - swarm intelligence KW - federated learning KW - explainable artificial intelligence(XAI) KW - cyber threat detection KW - ant colony optimization KW - differential privacy KW - non-IID data KW - intrusion detection systems KW - SHAP KW - LIME AB - As cyberattacks grow more advanced and privacy laws become stricter, security systems must be powerful, transparent, and privacy-friendly. This paper introduces SwarmFL-XAI, a new framework that blends nature-inspired intelligence, collaborative learning, and explainable AI to deliver secure, scalable, and trustworthy threat detection. By using an ant-based strategy for sharing and updating models across devices, the system handles uneven data and malicious behaviour while avoiding the risks of a central server. Tools like SHAP and LIME explain why decisions are made, giving analysts clear insights and greater confidence. Tests on the UNSW-NB15 and CICIDS2017 datasets show strong results, with 0.95 accuracy, a 0.92 F1-Score, and a response time of 300 ms , outperforming traditional and existing AI – based security systems. Built-in privacy protection ensures compliance with GDPR and CCPA, making it suitable for both IoT and enterprise networks. In addition, smart client selection and secure data combining reduce breach risks by up to 95%. SwarmFL-XAI therefore offers a balanced and practical approach to modern cybersecurity. SN - 3069-3349 PB - Institute of Central Computation and Knowledge LA - English ER -
@article{Tumpala2026SwarmEnhan,
author = {Likhitha Tumpala and Manas Kumar Yogi},
title = {Swarm-Enhanced Federated Learning with XAI for Robust and Interpretable Cyber Threat Detection},
journal = {ICCK Transactions on Cybersecurity},
year = {2026},
volume = {2},
number = {1},
pages = {58-74},
doi = {10.62762/TC.2026.123135},
url = {https://www.icck.org/article/abs/TC.2026.123135},
abstract = {As cyberattacks grow more advanced and privacy laws become stricter, security systems must be powerful, transparent, and privacy-friendly. This paper introduces SwarmFL-XAI, a new framework that blends nature-inspired intelligence, collaborative learning, and explainable AI to deliver secure, scalable, and trustworthy threat detection. By using an ant-based strategy for sharing and updating models across devices, the system handles uneven data and malicious behaviour while avoiding the risks of a central server. Tools like SHAP and LIME explain why decisions are made, giving analysts clear insights and greater confidence. Tests on the UNSW-NB15 and CICIDS2017 datasets show strong results, with 0.95 accuracy, a 0.92 F1-Score, and a response time of 300 ms , outperforming traditional and existing AI – based security systems. Built-in privacy protection ensures compliance with GDPR and CCPA, making it suitable for both IoT and enterprise networks. In addition, smart client selection and secure data combining reduce breach risks by up to 95\%. SwarmFL-XAI therefore offers a balanced and practical approach to modern cybersecurity.},
keywords = {swarm intelligence, federated learning, explainable artificial intelligence(XAI), cyber threat detection, ant colony optimization, differential privacy, non-IID data, intrusion detection systems, SHAP, LIME},
issn = {3069-3349},
publisher = {Institute of Central Computation and Knowledge}
}
Article Metrics
Publisher's Note
ICCK stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.