Intrusion detection systems(IDS)can play a significant role in detecting security threats or malicious attacks that aim to steal information and/or corrupt network protocols.To deal with the dynamic and complex nature of cyber-attacks,advanced intelligent tools have been applied resulting into powerful and automated IDS that rely on the latest advances of machine learning(ML)and deep learning(DL).Most of the reported effort has been devoted on building complex ML/DL architectures adopting a brute force approach towards the maximization of their detection capacity.However,just a limited number of studies have focused on the identification or extraction of user-friendly risk indicators that could be easily used by security experts.Many papers have explored various dimensionality reduction algorithms,however a large number of selected features is still required to detect the attacks successfully,which humans cannot intuitively or immediately understand.To enhance users trust and understanding on data without sacrificing on accuracy,this paper contributes to the transformation of the available data collected by IDS into a single actionable and easy-to-understand risk indicator.To achieve this,a novel feature extraction pipeline was implemented consisting of the following components:(i)a fuzzy allocation scheme that transforms raw data to fuzzy class memberships,(ii)a novel modality transformation mechanism for converting feature vectors to images(Vec2im)and(iii)a dimensionality reduction module that makes use of Siamese convolutional neural networks that finally reduces the input data dimensionality into a 1-d feature space.The performance ofthe proposed methodology was validated with respect to detection accuracy,dimensionality reduction performance andexecution time on the NSL-KDD dataset via a thorough comparative analysis that demonstrated its effectiveness(86.64％testing accuracy using only one feature)over a number of well-known feature selection(FS)and extraction techniques.Theoutput of the proposed feature extraction pipeline could be potentially used by security experts as an indicator of maliciousactivity,whereas the generated images could be further utilized and/or integrated as a visual analytics tool in existing IDS.