The paper systematically evaluates various tabular representation learning techniques to automatically extract robust features from NetFlow data for network intrusion detection, finding that supervise…

The paper systematically evaluates 27 Spiking Neural Network (SNN) configurations to determine the optimal combination of neuron model and spike encoding scheme for network intrusion detection, findin…

The paper evaluates 27 different Spiking Neural Network (SNN) configurations to determine the optimal design for network intrusion detection, finding that the LeakyParallel neuron combined with latenc…

NetVAD proposes a novel, identifier-free Variational Autoencoder that leverages frozen Foundation Models to achieve highly competitive unsupervised performance for zero-day intrusion detection.

MambaNetBurst introduces a compact, tokenizer-free byte-level classifier using a Mamba-2 backbone to achieve strong network traffic classification without requiring pre-training or complex data prepro…

This paper proposes and evaluates two lightweight deep learning-based intelligent Intrusion Detection Systems (CNN and LSTM) to enhance the security of large-scale IoT networks, achieving high classif…

The paper introduces an end-to-end framework that not only detects network intrusions using deep learning but also generates actionable, citation-grounded mitigation reports using a Retrieval-Augmente…

This paper proposes an improved CNN-LSTM model for IoT intrusion detection, achieving high accuracy by combining spatial and temporal feature learning from network traffic.

The paper evaluates AI's effectiveness in detecting network intrusions and cryptographic side-channel leakage, finding high accuracy in stable environments but performance degradation with novel traff…

The paper introduces ESPRESSO, a deep learning model that significantly improves the detection of sophisticated stepping-stone intrusions by correlating network flows across multiple relay hosts.

The paper demonstrates that simpler, shallower Deep Neural Network architectures with reduced features and ReLU activations can inherently improve the robustness of ML-NIDS against gradient-based adve…

This paper proposes a comprehensive framework for network intrusion detection using unified multi-modal datasets and evaluates advanced adversarial learning methods for generating high-fidelity synthe…

The paper proposes PROVFUSION, a multi-view fusion framework that integrates anomaly signals from attribute, structure, and causality views to overcome the limitations of single node- or edge-centric…

This paper adapts the Single Packet Header Binary Image (SPHBI) intrusion detection method from IoT to Modbus TCP, achieving high binary accuracy (98.1%) and strong multiclass classification performan…

The paper introduces PLM-NIDS, a novel intrusion detection system that models network flows as a language based solely on L3/L4 metadata, successfully detecting attacks by identifying deviations from…

The paper introduces PLM-NIDS, a novel intrusion detection system that models network flows as a language based solely on L3/L4 metadata, successfully detecting attacks by identifying deviations from…

FlowGuard introduces an identity-independent defense using flow matching to detect data-free model stealing attacks by identifying synthetic queries as out-of-distribution based on their lower-dimensi…

The paper proposes CANGuard, a hybrid CNN-GRU-Attention deep learning model, to accurately detect sophisticated Denial-of-Service and spoofing attacks targeting critical in-vehicle CAN bus networks.

ML Defender (aRGus NDR) is an open-source, embedded Machine Learning Network Intrusion Detection System (NIDS) that achieves superior detection rates for botnet and anomalous traffic on resource-const…

This paper discusses the significant challenges in developing a holistic intrusion detection system for Industrial Control Systems (ICS) that must cover all operational dimensions.