MA-IDS proposes a Multi-Agent RAG framework that uses LLMs and a self-building Experience Library to achieve explainable and self-improving intrusion detection for resource-constrained IoT networks.

This paper introduces an attribution-driven analysis of encoder-based Large Language Models (LLMs) for network intrusion detection, demonstrating that the models make decisions based on meaningful tra…

The paper proposes XAI-SOH-FL, an enhanced Federated Learning framework that improves IoT intrusion detection by integrating adaptive aggregation and explainable AI, achieving high accuracy and interp…

The paper proposes XAI-SOH-FL, an enhanced Federated Learning framework that improves IoT intrusion detection by integrating adaptive aggregation and explainable AI, achieving high accuracy and interp…

The paper proposes an ensemble learning framework combined with SHAP-based Explainable AI (XAI) to achieve robust and interpretable anomaly detection for network traffic in embedded systems.

This paper proposes a lightweight, multi-layer Machine Learning-based security framework for Industrial IoT (IIoT) to enhance trust convergence and detect advanced threats.

The paper proposes ExAI5G, a logic-based explainable AI framework that integrates a Transformer-based IDS with XAI techniques to provide highly accurate and transparent intrusion detection for 5G netw…

This paper enhances anomaly detection and threat intelligence in Zero Trust IoT environments by applying and comparing various machine learning classifiers, notably using SMOTE to improve accuracy on…

The study assesses the generalization capability of supervised machine learning models for intrusion detection using UNSW-NB15 and TON_IoT, finding a significant performance drop when models are teste…

CLOUDBURST introduces a novel framework and taxonomy for passive cloud-native beacons, demonstrating that IAM Canary Roles are the most effective vector for real-time threat attribution in modern clou…

This paper provides the first comprehensive threat model for IoT-enabled Controlled Environment Agriculture (CEA) systems, identifying 123 unique threats and proposing a defense-in-depth framework to…

The paper introduces BRIDGE, a standardized benchmark for cross-domain IoT botnet detection, and TCH-Net, a novel multi-branch network that achieves state-of-the-art generalization performance across…

This paper analyzes how vulnerable various machine learning models are to data poisoning attacks in IoT intrusion detection, finding that ensemble methods are more robust than Logistic Regression and…

This paper proposes a lightweight, machine learning-based model for on-device intrusion detection in resource-constrained IoT devices, achieving high detection accuracy for common cyber threats.

This paper proposes and evaluates the KAN-LSTM model, demonstrating that Kolmogorov-Arnold Networks (KANs) significantly outperform traditional deep learning models for accurate and parameter-efficien…

The paper introduces ARCANE, a Bayesian network framework for cross-campaign cyber attribution, finding that while aggregating telemetry improves identification, structural feature limitations prevent…

The paper proposes a novel semi-automated method to perform continuous threat modeling by inferring the actual system architecture from combined static configuration and dynamic network flow data, sig…

UNAD+ is an enhanced, explainable hybrid framework that effectively detects unknown zero-day network attacks by combining unsupervised ensemble methods with supervised refinement and post hoc explaina…

The paper proposes EFAH-ZTM, an explainable federated framework that uses hypergraphs and autoencoders to perform robust zero-trust micro-segmentation in complex IIoT networks.

This survey comprehensively analyzes the IoT threat landscape by detailing 28 common attacks and mapping them to foundational vulnerability classes, providing a structured roadmap for building secure…