ArXivCSExplorer
☆☆Bookmarks🏆RSSHow to UseFAQ
Built with and by Teycir Ben Soltane•
How to Use•FAQ•GitHub•arXiv.org•
Share:

~ similar to 2604.04952v5· 20 results

cs.CRRecentMay 18, 2026

From Detection to Response: A Deep Learning and Retrieval-Augmented Generation Framework for Network Intrusion Mitigation

Md Navid Bin Islam, Sajal Saha, Senior Member

The paper introduces an end-to-end framework that not only detects network intrusions using deep learning but also generates actionable, citation-grounded mitigation reports using a Retrieval-Augmente…

View →
cs.LGcs.CRRecentMay 18, 2026

A No-Defense Defense Against Gradient-Based Adversarial Attacks on ML-NIDS: Is Less More?

Mohamed elShehaby, Ashraf Matrawy

The paper demonstrates that simpler, shallower Deep Neural Network architectures with reduced features and ReLU activations can inherently improve the robustness of ML-NIDS against gradient-based adve…

View →
cs.CEcs.AIcs.CRRecentApr 8, 2026

SentinelSphere: Integrating AI-Powered Real-Time Threat Detection with Cybersecurity Awareness Training

Nikolaos D. Tantaroudas, Ilias Karachalios, Andrew J. McCracken

SentinelSphere is an AI platform that integrates advanced deep learning for real-time threat detection with an LLM-powered training system to holistically address both technical and human-factor cyber…

View →
cs.CRcs.NIRecentMay 14, 2026

Characterizing AI-Assisted Bot Traffic in Darknet Data: Implications for ICS and IIoT Security

Alex Carbajal, Caleb Faultersack, Jonahtan Vasquez, Shereen Ismail +1 more

This paper analyzes darknet traffic to characterize advanced, AI-assisted bot reconnaissance, finding that modern evasion techniques allow most bot traffic to bypass standard IDS thresholds.

View →
cs.CRcs.AIRecentMay 29, 2026

A Protocol-Language Model for Network Intrusion (Without Deep Packet Inspection)

Vivek Kumar Sharma

The paper introduces PLM-NIDS, a novel intrusion detection system that models network flows as a language based solely on L3/L4 metadata, successfully detecting attacks by identifying deviations from…

View →
cs.CRcs.AIRecentMay 29, 2026

A Protocol-Language Model for Network Intrusion (Without Deep Packet Inspection)

Vivek Kumar Sharma

The paper introduces PLM-NIDS, a novel intrusion detection system that models network flows as a language based solely on L3/L4 metadata, successfully detecting attacks by identifying deviations from…

View →
cs.CRcs.AIRecentApr 7, 2026

MA-IDS: Multi-Agent RAG Framework for IoT Network Intrusion Detection with an Experience Library

Md Shamimul Islam, Luis G. Jaimes, Ayesha S. Dina

MA-IDS proposes a Multi-Agent RAG framework that uses LLMs and a self-building Experience Library to achieve explainable and self-improving intrusion detection for resource-constrained IoT networks.

View →
cs.CRRecentMay 31, 2026

NetVAD: Foundation-Model Representation Learning for Identifier-Free Unsupervised Intrusion Detection

Darren Fürst, Patrick Levi, Sebastian Steindl

NetVAD proposes a novel, identifier-free Variational Autoencoder that leverages frozen Foundation Models to achieve highly competitive unsupervised performance for zero-day intrusion detection.

View →
cs.NIcs.CRcs.LGRecentApr 16, 2026

MLDAS: Machine Learning Dynamic Algorithm Selection for Software-Defined Networking Security

Pablo Benlloch, Oscar Romero, Antonio Leon, Jaime Lloret

The paper proposes MLDAS, a framework that dynamically selects the optimal Machine Learning algorithm for Intrusion Detection Systems within Software-Defined Networking to enhance adaptive network sec…

View →
cs.CRcs.AIstat.APRecentMar 18, 2026

Machine Learning for Network Attacks Classification and Statistical Evaluation of Adversarial Learning Methodologies for Synthetic Data Generation

Iakovos-Christos Zarkadis, Christos Douligeris

This paper proposes a comprehensive framework for network intrusion detection using unified multi-modal datasets and evaluates advanced adversarial learning methods for generating high-fidelity synthe…

View →
cs.CRcs.AIcs.LGRecentMay 11, 2026

Content-Aware Attack Detection in LLM Agent Tool-Call Traffic: An Empirical Study of Features, Architectures, and Evaluation Protocols

Sultan Zavrak

The paper proposes a graph-based framework for detecting attacks in LLM agent tool-call traffic, finding that content-level embeddings are crucial for high accuracy and that tree ensembles on these em…

View →
cs.CRcs.LGRecentApr 2, 2026

AEGIS: Adversarial Entropy-Guided Immune System -- Thermodynamic State Space Models for Zero-Day Network Evasion Detection

Vickson Ferrel

AEGIS introduces a novel physics-based system that analyzes encrypted network traffic flow dynamics, achieving state-of-the-art zero-day evasion detection with high accuracy and low latency.

View →
cs.CRRecentMay 26, 2026

Landseer: Exploring the Machine Learning Defense Landscape

Ayushi Sharma, Rosemary Agbozo, Santiago Torres-Arias, Zahra Ghodsi

The paper introduces Landseer, a modular framework designed to systematically evaluate and compose multiple machine learning defenses to address complex, real-world security requirements.

View →
cs.CRcs.AIcs.LGRecentMay 28, 2026

Honeyval: A Comprehensive Evaluation Framework for LLM-powered HTTP Honeypots

Mark Vero, Fabian Kaczmarczyck, Ivan Petrov, Ilia Shumailov +5 more

The paper introduces Honeyval, a comprehensive evaluation framework, to rigorously test LLM-powered HTTP honeypots, demonstrating that these honeypots provide substantially longer and harder-to-detect…

View →
cs.CRcs.AIcs.LGRecentMay 28, 2026

Honeyval: A Comprehensive Evaluation Framework for LLM-powered HTTP Honeypots

Mark Vero, Fabian Kaczmarczyck, Ivan Petrov, Ilia Shumailov +5 more

The paper introduces Honeyval, a comprehensive evaluation framework, to rigorously test LLM-powered HTTP honeypots, demonstrating that these systems provide substantially longer and harder-to-detect i…

View →
cs.CRcs.AIRecentMay 29, 2026

Stateful Online Monitoring Catches Distributed Agent Attacks

Davis Brown, Samarth Bhargav, Arav Santhanam, Kasper Hong +6 more

The paper introduces a novel stateful online monitoring system that detects distributed multi-agent cyberattacks by aggregating weak suspiciousness signals across many user accounts, overcoming the bl…

View →
cs.CRcs.AIRecentMay 29, 2026

Stateful Online Monitoring Catches Distributed Agent Attacks

Davis Brown, Samarth Bhargav, Arav Santhanam, Kasper Hong +6 more

The paper introduces a novel stateful online monitoring system that detects distributed multi-agent cyberattacks by aggregating weak suspiciousness signals across many user accounts, overcoming the bl…

View →
cs.CRcs.AIcs.CLRecentMay 21, 2026

Blind Spots in the Guard: How Domain-Camouflaged Injection Attacks Evade Detection in Multi-Agent LLM Systems

Aaditya Pai

The paper identifies a critical vulnerability, the Camouflage Detection Gap (CDG), where standard LLM injection detectors fail dramatically when malicious payloads mimic the target domain's language a…

View →
cs.CRcs.AIRecentJun 2, 2026

FlowGuard: Flow Matching for Identity-Independent Detection of Data-Free Model Stealing Attacks on Energy System Intrusion Detection Systems

Maxime Schwarzer, Laurin Holz, Tobias Huerten, Johannes Loevenich +3 more

FlowGuard introduces an identity-independent defense using flow matching to detect data-free model stealing attacks by identifying synthetic queries as out-of-distribution based on their lower-dimensi…

View →
cs.CRcs.LGRecentMay 20, 2026

HIDBench: Benchmarking Large Language Models for Host-Based Intrusion Detection

Danyu Sun, Jinghuai Zhang, Yuan Tian, Zhou Li

The paper introduces HIDBench, a new benchmark for evaluating LLMs' ability to perform host-based intrusion detection using complex, noisy system logs, finding that model performance degrades signific…

View →