Enhancing Robustness and Generalizability of Explainable AI in Cross-Platform Malware Detection

Shelar, Yash Mahesh (2025) Enhancing Robustness and Generalizability of Explainable AI in Cross-Platform Malware Detection. Masters thesis, Dublin, National College of Ireland.

Preview	PDF (Master of Science) Download (916kB) | Preview
Preview	PDF (Configuration Manual) Download (783kB) | Preview

Abstract

Machine learning models are now central to malware detection, yet their widespread use is hampered by a lack of transparency and susceptibility to adversarial attacks. Contemporary explainable AI (XAI) methods often fail to offer consistent and actionable explanations, particularly across heterogeneous operating systems. The development of explainable AI malware detection models addresses an emerging legal need for transparency and accountability in cybersecurity applications. This study proposes a unified, cross-platform malware detection framework that addresses these shortcomings. Leveraging the HistGradientBoostingClassifier for classification, the approach integrates an ensemble of LEMNA (Local Explanation Method using Nonlinear Approximations)-based explainers to generate stable, high-fidelity local explanations. Adversarial training is embedded to fortify resilience, with the system demonstrating only a 2.41% drop in accuracy under targeted feature-space perturbations surpassing standard benchmarks for robustness. The framework is evaluated using harmonized datasets covering both Windows and Android platforms, directly addressing the need for solutions deployable across diverse environments. Results show consistently strong detection performance, with an F1-score of 99.67% and an explanation consistency measure of 0.73, underscoring both predictive accuracy and interpretability. This advance not only improves operational trust for practitioners in cybersecurity but also establishes a replicable architecture for robust, explainable malware detection. The findings point toward a new standard in deploying transparent, adaptable AI systems capable of meeting the evolving demands of malware defense in real-world, multi-platform scenarios.

Item Type:	Thesis (Masters)
Supervisors:	Name Email Sahni, Vikas UNSPECIFIED
Uncontrolled Keywords:	Malware detection; Explainable AI; Adversarial robustness; LEMNA explanations; Cross-platform
Subjects:	Q Science > QH Natural history > QH301 Biology > Methods of research. Technique. Experimental biology > Data processing. Bioinformatics > Artificial intelligence Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Artificial intelligence Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions:	School of Computing > Master of Science in Cyber Security
Depositing User:	Ciara O'Brien
Date Deposited:	17 Jun 2026 08:57
Last Modified:	17 Jun 2026 08:57
URI:	https://norma.ncirl.ie/id/eprint/9377

Actions (login required)

View Item