The paper introduces an end-to-end framework that not only detects network intrusions using deep learning but also generates actionable, citation-grounded mitigation reports using a Retrieval-Augmente…

This paper proposes and evaluates the KAN-LSTM model, demonstrating that Kolmogorov-Arnold Networks (KANs) significantly outperform traditional deep learning models for accurate and parameter-efficien…

SentinelSphere is an AI platform that integrates advanced deep learning for real-time threat detection with an LLM-powered training system to holistically address both technical and human-factor cyber…

NetVAD proposes a novel, identifier-free Variational Autoencoder that leverages frozen Foundation Models to achieve highly competitive unsupervised performance for zero-day intrusion detection.

ML Defender (aRGus NDR) is an open-source, embedded Machine Learning Network Intrusion Detection System (NIDS) that achieves superior detection rates for botnet and anomalous traffic on resource-const…

The paper demonstrates that simpler, shallower Deep Neural Network architectures with reduced features and ReLU activations can inherently improve the robustness of ML-NIDS against gradient-based adve…

The paper proposes a graph-based framework for detecting attacks in LLM agent tool-call traffic, finding that content-level embeddings are crucial for high accuracy and that tree ensembles on these em…

This paper compares lightweight machine learning models (like Random Forest) against computationally intensive deep learning methods for botnet detection on the CTU-13 dataset, showing that these simp…

The paper introduces 'adversarial restlessness,' an activation-level signature in LLM residual streams, to detect multi-turn prompt injection attacks with high accuracy.

The paper proposes LARAR, a novel layer-wise adaptive regularization approach that enhances the adversarial robustness of neural network-based Network Intrusion Detection Systems by analyzing and miti…

This paper proposes an explainable threat attribution system for IoT networks that uses SHAP and flow behavior modeling to accurately classify and explain over 30 distinct attack variants into 8 meani…

This paper addresses the lack of research on adversarial malware generation for Linux ELF binaries by developing a new semantic-preserving generator that achieves a high evasion rate against modern de…

The paper proposes an embarrassingly simple detector that monitors model extraction attacks by testing whether the aggregate distribution of incoming LLM queries deviates from the historical distribut…

This paper proposes a gap-prioritization framework to bridge the gap between theoretical cyber attack prediction research and practical operational deployment by identifying critical implementation hu…

The paper introduces the concept of 'host-space perturbations,' arguing that real-world attackers can only manipulate network inputs by controlling specific hosts, a constraint that significantly weak…

FedTrident proposes a comprehensive framework to defend Federated Learning-based Road Condition Classification against Targeted Label-Flipping Attacks, achieving robust performance comparable to non-a…

The paper systematically maps LLM agent vulnerabilities by testing 10,000 prompt variations, finding that 'goal reframing' language is the primary trigger for exploitation, rather than broad adversari…

The paper proposes a lightweight hybrid MLP framework that uses structural URL features to achieve highly accurate and computationally efficient real-time phishing URL detection, outperforming several…

This paper introduces an attribution-driven analysis of encoder-based Large Language Models (LLMs) for network intrusion detection, demonstrating that the models make decisions based on meaningful tra…

CyberCane is a neuro-symbolic framework that enhances phishing detection by combining symbolic rule analysis with privacy-preserving RAG and formal ontology reasoning, achieving high recall against AI…