The paper introduces 'adversarial restlessness,' an activation-level signature in LLM residual streams, to detect multi-turn prompt injection attacks with high accuracy.

The paper develops a stochastic framework using Laplace-Carson transforms to model and quantify optimal proactive defense timing against a single cyberattack, providing closed-form solutions for defen…

This paper provides the first systematic threat analysis of State-Space Models (SSMs) in safety-critical applications, introducing novel attack classes and formal metrics to quantify their security an…

The paper demonstrates that simpler, shallower Deep Neural Network architectures with reduced features and ReLU activations can inherently improve the robustness of ML-NIDS against gradient-based adve…

This paper proposes a comprehensive framework for network intrusion detection using unified multi-modal datasets and evaluates advanced adversarial learning methods for generating high-fidelity synthe…

This paper proposes a gap-prioritization framework to bridge the gap between theoretical cyber attack prediction research and practical operational deployment by identifying critical implementation hu…

This study longitudinally evaluates the adversarial robustness of Android malware detection systems over a decade, finding that temporal separation significantly degrades robustness due to concept dri…

The paper introduces ParDef, a generalized defense mechanism that effectively mitigates various types of parameter attacks on deep neural networks while maintaining high performance.

AEGIS introduces a novel physics-based system that analyzes encrypted network traffic flow dynamics, achieving state-of-the-art zero-day evasion detection with high accuracy and low latency.

The paper introduces C-MADF, a causally constrained multi-agent framework that significantly reduces false positives in autonomous cyber defense by restricting response actions to structurally consist…

The paper proposes the Triple-tier Anomaly Defense (TRIAD) framework, a predictive model that treats safety verification as a dynamic trajectory problem to detect cumulative, cross-modal poisoning in…

The paper proposes a federated, high-throughput stream-processing framework for cross-sector threat detection and automated containment, achieving end-to-end operational convergence within 12-20 secon…

CALIBURN introduces a novel, five-component streaming pipeline for intrusion detection that allows operators to specify alerting behavior using cost and budget constraints, achieving state-of-the-art…

The paper introduces the Canonical Security Telemetry Substrate (CSTS), a standardized, AI-ready foundation designed to harmonize fragmented and heterogeneous cybersecurity data into a unified model f…

The paper introduces the Hiremath Early Detection (HED) Score, a new measure-theoretic standard that accurately quantifies the time-value of early detection, significantly outperforming traditional me…

NetVAD proposes a novel, identifier-free Variational Autoencoder that leverages frozen Foundation Models to achieve highly competitive unsupervised performance for zero-day intrusion detection.

The paper introduces Honeyval, a comprehensive evaluation framework, to rigorously test LLM-powered HTTP honeypots, demonstrating that these honeypots provide substantially longer and harder-to-detect…

The paper introduces Honeyval, a comprehensive evaluation framework, to rigorously test LLM-powered HTTP honeypots, demonstrating that these systems provide substantially longer and harder-to-detect i…

The paper introduces ARCANE, a Bayesian network framework for cross-campaign cyber attribution, finding that while aggregating telemetry improves identification, structural feature limitations prevent…

The paper systematically evaluates 27 Spiking Neural Network (SNN) configurations to determine the optimal combination of neuron model and spike encoding scheme for network intrusion detection, findin…