Evaluation of Explainable Artificial Intelligence in IoT Intrusion Detection Systems Under DeepFool Adversarial Conditions

As IoT systems complexity grows, transparent and trustworthy machine-learning Intrusion Detection Systems are crucial. Post hoc explainable AI methods, such as SHAP and LIME, are the most widely used ways to explain how models work, but the degree to which these methods are robust to adversarial conditioning is understudied. In this paper, we propose to create a unified system of evaluating explanation fidelity by using three metrics : sparsity, completeness and robustness based on minimally distorting DeepFool input perturbations. Our study benchmarks SHAP and LIME across three datasets (BoT-IoT, Edge-IIoT, N-BaIoT) using four classifiers: CNN, DNN, LSTM, and RF. Our results demonstrate a consistent trade-off: SHAP achieves stronger causal alignment and higher completeness under attack, whereas LIME exhibits greater rank-stability in terms of top-k feature overlap. However, LIME also produces more spurious attributions and offers less explanatory power than SHAP, especially in the presence of synthetic or non-causal features. Our findings reveal that high model accuracy does not guarantee that the provided explanation is also high-fidelity. This investigation highlights the necessity for robustness-aware XAI in cybersecurity and provides reproducible parameters to guide the adoption of XAI in adversarial environments.