The paper proposes SDNGuardStack, an explainable ensemble learning framework that achieves high-accuracy intrusion detection (99.98%) in Software-Defined Networks using the InSDN dataset.

ML Defender (aRGus NDR) is an open-source, embedded Machine Learning Network Intrusion Detection System (NIDS) that achieves superior detection rates for botnet and anomalous traffic on resource-const…

This paper proposes a comprehensive framework for network intrusion detection using unified multi-modal datasets and evaluates advanced adversarial learning methods for generating high-fidelity synthe…

This paper introduces an attribution-driven analysis of encoder-based Large Language Models (LLMs) for network intrusion detection, demonstrating that the models make decisions based on meaningful tra…

This paper evaluates a novel black-box adversarial attack to demonstrate the vulnerability of ML-based IoT Intrusion Detection Systems (IDS) and proposes a robust defense mechanism to mitigate these e…

The paper evaluates AI's effectiveness in detecting network intrusions and cryptographic side-channel leakage, finding high accuracy in stable environments but performance degradation with novel traff…

The study assesses the generalization capability of supervised machine learning models for intrusion detection using UNSW-NB15 and TON_IoT, finding a significant performance drop when models are teste…

FlowGuard introduces an identity-independent defense using flow matching to detect data-free model stealing attacks by identifying synthetic queries as out-of-distribution based on their lower-dimensi…

The paper introduces an end-to-end framework that not only detects network intrusions using deep learning but also generates actionable, citation-grounded mitigation reports using a Retrieval-Augmente…

This paper proposes a lightweight, multi-layer Machine Learning-based security framework for Industrial IoT (IIoT) to enhance trust convergence and detect advanced threats.

The paper proposes a graph-based framework for detecting attacks in LLM agent tool-call traffic, finding that content-level embeddings are crucial for high accuracy and that tree ensembles on these em…

The paper demonstrates that simpler, shallower Deep Neural Network architectures with reduced features and ReLU activations can inherently improve the robustness of ML-NIDS against gradient-based adve…

The paper proposes a novel Retrieval-Augmented Generation (RAG) framework utilizing Large Language Models (LLMs) for real-time, intelligent detection and mitigation of evasive Carpet-Bombing DDoS atta…

The paper proposes a confidence-aware, multi-layered Cloud-IDS pipeline that integrates adaptive Q-Learning, Chroma memory, and LLM semantic analysis to enhance detection accuracy and reduce reliance…

This paper experimentally demonstrates the high detection performance of machine learning-based intrusion detection systems for identifying cyberattacks targeting OPC UA applications running over priv…

The paper proposes a novel semi-automated method to perform continuous threat modeling by inferring the actual system architecture from combined static configuration and dynamic network flow data, sig…

MambaNetBurst introduces a compact, tokenizer-free byte-level classifier using a Mamba-2 backbone to achieve strong network traffic classification without requiring pre-training or complex data prepro…

This paper proposes an improved CNN-LSTM model for IoT intrusion detection, achieving high accuracy by combining spatial and temporal feature learning from network traffic.

MA-IDS proposes a Multi-Agent RAG framework that uses LLMs and a self-building Experience Library to achieve explainable and self-improving intrusion detection for resource-constrained IoT networks.

This paper analyzes how vulnerable various machine learning models are to data poisoning attacks in IoT intrusion detection, finding that ensemble methods are more robust than Logistic Regression and…