ArXivCSExplorer
☆☆Bookmarks🏆RSSHow to UseFAQ
Built with and by Teycir Ben Soltane•
How to Use•FAQ•GitHub•arXiv.org•
Share:

~ similar to 2605.04250v2· 20 results

cs.CRRecentMay 6, 2026

A Novel Byte-Level Flow-to-Image Encoding Method for Network Intrusion Detection Systems

Ziyu Mu, Zihui Yan, Xiyu Shi, Safak Dogan

The paper introduces a novel byte-level method to encode network flow records into fixed-size RGB images, significantly improving the performance of Intrusion Detection Systems (IDS) by allowing convo…

View →
cs.CRRecentApr 23, 2026

On the Challenges of Holistic Intrusion Detection in ICS

Stefan Lenz, Julia Raab, Benedikt Holzbach, Deniz Köller +2 more

This paper discusses the significant challenges in developing a holistic intrusion detection system for Industrial Control Systems (ICS) that must cover all operational dimensions.

View →
cs.CRRecentApr 28, 2026

Large Language Models as Explainable Cyberattack Detectors for Energy Industrial Control Systems

Weiyi Kong, Ahmad Mohammad Saber, Amr Youssef, Deepa Kundur

This paper demonstrates that an off-the-shelf Large Language Model (LLM) can function as a high-performing, explainable, human-in-the-loop layer for detecting cyberattacks in Industrial Control System…

View →
cs.CRcs.LGcs.NIRecentApr 13, 2026

BRIDGE and TCH-Net: Heterogeneous Benchmark and Multi-Branch Baseline for Cross-Domain IoT Botnet Detection

Ammar Bhilwarawala, Likhamba Rongmei, Harsh Sharma, Arya Jena +3 more

The paper introduces BRIDGE, a standardized benchmark for cross-domain IoT botnet detection, and TCH-Net, a novel multi-branch network that achieves state-of-the-art generalization performance across…

View →
cs.NIcs.CRRecentMar 21, 2026

immUNITY: Detecting and Mitigating Low Volume & Slow Attacks with Programmable Switches and SmartNICs

Cuidi Wei, Shaoyu Tu, Daiki Hata, Toru Hasegawa +4 more

immUNITY is a system that enhances network security by combining programmable switches and SmartNICs to efficiently detect and mitigate low-volume and slow network attacks.

View →
cs.CRcs.AIstat.APRecentMar 18, 2026

Machine Learning for Network Attacks Classification and Statistical Evaluation of Adversarial Learning Methodologies for Synthetic Data Generation

Iakovos-Christos Zarkadis, Christos Douligeris

This paper proposes a comprehensive framework for network intrusion detection using unified multi-modal datasets and evaluates advanced adversarial learning methods for generating high-fidelity synthe…

View →
cs.CRcs.LGRecentMar 24, 2026

Explainable Threat Attribution for IoT Networks Using Conditional SHAP and Flow Behavior Modelling

Samuel Ozechi, Jennifer Okonkwoabutu

This paper proposes an explainable threat attribution system for IoT networks that uses SHAP and flow behavior modeling to accurately classify and explain over 30 distinct attack variants into 8 meani…

View →
cs.CRRecentMar 24, 2026

An Experimental Study of Machine Learning-Based Intrusion Detection for OPC UA over Industrial Private 5G Networks

Song Son Ha, Kunal Singh, Florian Foerster, Henry Beuster +3 more

This paper experimentally demonstrates the high detection performance of machine learning-based intrusion detection systems for identifying cyberattacks targeting OPC UA applications running over priv…

View →
cs.CRcs.NIRecentMay 14, 2026

Characterizing AI-Assisted Bot Traffic in Darknet Data: Implications for ICS and IIoT Security

Alex Carbajal, Caleb Faultersack, Jonahtan Vasquez, Shereen Ismail +1 more

This paper analyzes darknet traffic to characterize advanced, AI-assisted bot reconnaissance, finding that modern evasion techniques allow most bot traffic to bypass standard IDS thresholds.

View →
cs.CRRecentMay 18, 2026

From Detection to Response: A Deep Learning and Retrieval-Augmented Generation Framework for Network Intrusion Mitigation

Md Navid Bin Islam, Sajal Saha, Senior Member

The paper introduces an end-to-end framework that not only detects network intrusions using deep learning but also generates actionable, citation-grounded mitigation reports using a Retrieval-Augmente…

View →
cs.CRRecentMar 24, 2026

How Far Should We Need to Go : Evaluate Provenance-based Intrusion Detection Systems in Industrial Scenarios

Yue Xiao, Ling Jiang, Sen Nie, Ding Li +3 more

This paper systematically evaluates Provenance-based Intrusion Detection Systems (PIDSes) in real industrial scenarios, revealing that existing systems struggle with data heterogeneity, advanced attac…

View →
cs.CRcs.AIcs.LGRecentMay 11, 2026

MambaNetBurst: Direct Byte-level Network Traffic Classification without Tokenization or Pretraining

Gayan K. Kulatilleke, Siamak Layeghy, Mahsa Baktashmotlagh, Marius Portmann

MambaNetBurst introduces a compact, tokenizer-free byte-level classifier using a Mamba-2 backbone to achieve strong network traffic classification without requiring pre-training or complex data prepro…

View →
cs.CRRecentApr 19, 2026

SoK: Reshaping Research on Network Intrusion Detection Systems

Giovanni Apruzzese

This Survey of Knowledge (SoK) identifies a disconnect between academic NIDS research and real-world operational contexts, proposing foundational changes to reshape future research.

View →
cs.CVcs.AIcs.CRRecentApr 7, 2026

Hybrid ResNet-1D-BiGRU with Multi-Head Attention for Cyberattack Detection in Industrial IoT Environments

Afrah Gueriani, Hamza Kheddar, Ahmed Cherif Mazari

A hybrid deep learning model combining ResNet-1D, BiGRU, and Multi-Head Attention achieves high accuracy and low latency for robust cyberattack detection in Industrial IoT environments.

View →
cs.CRcs.AIRecentMar 26, 2026

CANGuard: A Spatio-Temporal CNN-GRU-Attention Hybrid Architecture for Intrusion Detection in In-Vehicle CAN Networks

Rakib Hossain Sajib, Md. Rokon Mia, Prodip Kumar Sarker, Abdullah Al Noman +1 more

The paper proposes CANGuard, a hybrid CNN-GRU-Attention deep learning model, to accurately detect sophisticated Denial-of-Service and spoofing attacks targeting critical in-vehicle CAN bus networks.

View →
cs.CRRecentMay 6, 2026

Assessing Generalisation Capability of Machine Learning Models for Intrusion Detection

Md Zakir Hossain, Md Ayshik Rahman Khan, Md Rafiqul Islam, Syed Mohammed Shamsul Islam +1 more

The study assesses the generalization capability of supervised machine learning models for intrusion detection using UNSW-NB15 and TON_IoT, finding a significant performance drop when models are teste…

View →
cs.CRcs.LGRecentApr 14, 2026

Anomaly Detection in IEC-61850 GOOSE Networks: Evaluating Unsupervised and Temporal Learning for Real-Time Intrusion Detection

Joseph Moore

This paper evaluates unsupervised temporal learning models, specifically recurrent autoencoders, for real-time anomaly detection in vulnerable IEC-61850 GOOSE networks, demonstrating that the GRU mode…

View →
cs.CRcs.LGRecentApr 2, 2026

AEGIS: Adversarial Entropy-Guided Immune System -- Thermodynamic State Space Models for Zero-Day Network Evasion Detection

Vickson Ferrel

AEGIS introduces a novel physics-based system that analyzes encrypted network traffic flow dynamics, achieving state-of-the-art zero-day evasion detection with high accuracy and low latency.

View →
cs.CRcs.NIRecentMay 4, 2026

Analyzing Unsolicited Internet Traffic: Measuring IoT Security Threats via Network Telescopes

Shereen Ismail, Taelyn Dyer, Raul Martinez, Garrett Gastman +2 more

Analyzing 10 days of global internet traffic from a network telescope reveals that a small fraction of source IPs dominate traffic, with a notable focus on exploiting legacy IoT devices via Telnet por…

View →
cs.CRRecentMay 28, 2026

FIDEM: A Standard-Compliant Framework for Secure Binding of MUD Profiles to IoT Devices

Alessandro Lotto, Savio Sciancalepore, Alessandro Brighente, Mauro Conti

FIDEM introduces a standard-compliant framework that uses Zero-Knowledge Proofs to securely bind IoT devices to their Manufacturer Usage Description (MUD) profiles, mitigating risks associated with in…

View →