<![CDATA[Computer networks are vital to modern organizations, yet growing digital dependence has increased both the frequency and complexity of cyberattacks. To address this challenge, this study proposes an interpretable cyberattack detection framework that combines rule-based reasoning with machine learning through a hybrid Certainty Factor (CF)–XGBoost model. The framework integrates CF confidence scores and XGBoost probability outputs within a meta-learning classifier, enabling strong predictive performance while preserving explainability. Experiments conducted on the TON_IoT dataset using an 80:20 stratified split demonstrate that XGBoost achieved the highest accuracy at 99.61%, followed closely by the hybrid model at 99.42%, whereas the standalone CF model reached 76.31%. Although the hybrid approach produced a slightly lower accuracy than XGBoost alone, it substantially enhanced interpretability by connecting predictions to explicit rule-based reasoning. This makes the proposed framework especially suitable for Security Operations Center (SOC) environments, where transparent decision-making is essential. Overall, the findings suggest that the hybrid CF–XGBoost model offers a practical and explainable solution for cyberattack detection, though further validation on more diverse datasets is necessary before real-world deployment.]]>
Copyrights © 2026
