Topology-Independent SHAP-Based Explainable Intrusion Detection for ROS Networks

The Robot Operating System (ROS) is widely used in modern robotics, but its open architecture makes it vulnerable to numerous cyber threats. Although machine learning (ML)-based intrusion detection systems (IDSs) demonstrate strong classification performance on ROS-specific datasets, reliance on topology-dependent identifiers such as source and destination IP addresses, port numbers, and Flow IDs remains a critical limitation in current research. This reliance may encourage algorithms to exploit scenario-specific endpoint signatures instead of relying primarily on transferable behavioral patterns. Consequently, classification scores may be artificially inflated due to data leakage. This study addresses this issue by quantitatively measuring the impact of data leakage and introducing a topology-independent, explainable ROS framework that provides a more realistic, leakage-aware, and topology-independent evaluation framework. The evaluation involved testing the LightGBM, XGBoost, and CatBoost algorithms on ROSIDS23. Additionally, Random Forest and Gradient Boosting were included to verify the presence of data leakage. In our ablation study, models that included topology features achieved near-perfect Macro-F1 values of 0.999 to 1.000. In contrast, removing topology-dependent features reduced the Macro-F1 score to about 0.66. This finding shows that topology descriptors, rather than just transferable attack behaviors, can significantly influence the near-perfect scores seen with topology-preserving protocols. Even without topology data, ML models effectively captured temporal behavioral patterns and detected DoS attacks with nearly perfect performance, reaching F1 scores of 0.99 or higher. However, semantic attacks like Unauthorized Subscribe remained tough to classify, with F1 scores of 0.43 or lower. Additionally, SHapley Additive exPlanations (SHAP) analysis improves the interpretability of IDSs by identifying the main behavioral features that drive model decisions and suggesting feature-level directions for rule-based defense configurations in ROS environments.