ArXivCSExplorer
☆☆Bookmarks🏆RSSHow to UseFAQ
Built with and by Teycir Ben Soltane•
How to Use•FAQ•GitHub•arXiv.org•
Share:

~ similar to 2605.17530v1· 20 results

cs.CRRecentMay 6, 2026

Assessing Generalisation Capability of Machine Learning Models for Intrusion Detection

Md Zakir Hossain, Md Ayshik Rahman Khan, Md Rafiqul Islam, Syed Mohammed Shamsul Islam +1 more

The study assesses the generalization capability of supervised machine learning models for intrusion detection using UNSW-NB15 and TON_IoT, finding a significant performance drop when models are teste…

View →
cs.CRRecentMar 26, 2026

Understanding AI Methods for Intrusion Detection and Cryptographic Leakage

Reza Zilouchian, Michael Chavez, Fernando Koch

The paper evaluates AI's effectiveness in detecting network intrusions and cryptographic side-channel leakage, finding high accuracy in stable environments but performance degradation with novel traff…

View →
cs.CRRecentMay 18, 2026

From Detection to Response: A Deep Learning and Retrieval-Augmented Generation Framework for Network Intrusion Mitigation

Md Navid Bin Islam, Sajal Saha, Senior Member

The paper introduces an end-to-end framework that not only detects network intrusions using deep learning but also generates actionable, citation-grounded mitigation reports using a Retrieval-Augmente…

View →
cs.CRcs.NIRecentApr 25, 2026

Advanced Anomaly Detection and Threat Intelligence in Zero Trust IoT Environments Using Machine Learning

Muhammad Umair Basharat, Jawad Hussain, Waqas Khalid, Chiew Foong Kwong

This paper enhances anomaly detection and threat intelligence in Zero Trust IoT environments by applying and comparing various machine learning classifiers, notably using SMOTE to improve accuracy on…

View →
cs.CRcs.LGcs.NIRecentApr 20, 2026

Enhancing Anomaly-Based Intrusion Detection Systems with Process Mining

Francesco Vitale, Francesco Grimaldi, Massimiliano Rak, Nicola Mazzocca

This paper enhances anomaly-based Intrusion Detection Systems by integrating process mining to provide detailed, process-based explanations and severity ratings for detected network anomalies.

View →
cs.CRcs.LGcs.NIRecentMay 21, 2026

UNAD+: An Explainable Hybrid Framework for Unknown Network Attack Detection

Saif Alzubi, Frederic Stahl

UNAD+ is an enhanced, explainable hybrid framework that effectively detects unknown zero-day network attacks by combining unsupervised ensemble methods with supervised refinement and post hoc explaina…

View →
cs.LGcs.CRRecentMay 18, 2026

A No-Defense Defense Against Gradient-Based Adversarial Attacks on ML-NIDS: Is Less More?

Mohamed elShehaby, Ashraf Matrawy

The paper demonstrates that simpler, shallower Deep Neural Network architectures with reduced features and ReLU activations can inherently improve the robustness of ML-NIDS against gradient-based adve…

View →
cs.CRRecentApr 3, 2026

ML Defender (aRGus NDR): An Open-Source Embedded ML NIDS for Botnet and Anomalous Traffic Detection in Resource-Constrained Organizations

Alonso Isidoro Román

ML Defender (aRGus NDR) is an open-source, embedded Machine Learning Network Intrusion Detection System (NIDS) that achieves superior detection rates for botnet and anomalous traffic on resource-const…

View →
cs.CRRecentApr 19, 2026

SoK: Reshaping Research on Network Intrusion Detection Systems

Giovanni Apruzzese

This Survey of Knowledge (SoK) identifies a disconnect between academic NIDS research and real-world operational contexts, proposing foundational changes to reshape future research.

View →
cs.CRcs.AIstat.APRecentMar 18, 2026

Machine Learning for Network Attacks Classification and Statistical Evaluation of Adversarial Learning Methodologies for Synthetic Data Generation

Iakovos-Christos Zarkadis, Christos Douligeris

This paper proposes a comprehensive framework for network intrusion detection using unified multi-modal datasets and evaluates advanced adversarial learning methods for generating high-fidelity synthe…

View →
cs.CEcs.AIcs.CRRecentApr 8, 2026

SentinelSphere: Integrating AI-Powered Real-Time Threat Detection with Cybersecurity Awareness Training

Nikolaos D. Tantaroudas, Ilias Karachalios, Andrew J. McCracken

SentinelSphere is an AI platform that integrates advanced deep learning for real-time threat detection with an LLM-powered training system to holistically address both technical and human-factor cyber…

View →
cs.CRRecentMay 31, 2026

NetVAD: Foundation-Model Representation Learning for Identifier-Free Unsupervised Intrusion Detection

Darren Fürst, Patrick Levi, Sebastian Steindl

NetVAD proposes a novel, identifier-free Variational Autoencoder that leverages frozen Foundation Models to achieve highly competitive unsupervised performance for zero-day intrusion detection.

View →
cs.CRRecentMar 30, 2026

KAN-LSTM: Benchmarking Kolmogorov-Arnold Networks for Cyber Security Threat Detection in IoT Networks

Mohammed Hassanin

This paper proposes and evaluates the KAN-LSTM model, demonstrating that Kolmogorov-Arnold Networks (KANs) significantly outperform traditional deep learning models for accurate and parameter-efficien…

View →
cs.CRcs.LGcs.NIRecentApr 20, 2026

Dynamic Risk Assessment by Bayesian Attack Graphs and Process Mining

Francesco Vitale, Simone Guarino, Stefano Perone, Massimiliano Rak +1 more

The paper proposes a dynamic risk assessment framework that combines Bayesian Attack Graphs (BAGs) with process mining to continuously monitor system behavior and update the probability of active vuln…

View →
cs.CRcs.AIRecentApr 7, 2026

MA-IDS: Multi-Agent RAG Framework for IoT Network Intrusion Detection with an Experience Library

Md Shamimul Islam, Luis G. Jaimes, Ayesha S. Dina

MA-IDS proposes a Multi-Agent RAG framework that uses LLMs and a self-building Experience Library to achieve explainable and self-improving intrusion detection for resource-constrained IoT networks.

View →
cs.CRcs.LGRecentApr 9, 2026

Tracing the Chain: Deep Learning for Stepping-Stone Intrusion Detection

Nate Mathews, Nicholas Hopper, Matthew Wright

The paper introduces ESPRESSO, a deep learning model that significantly improves the detection of sophisticated stepping-stone intrusions by correlating network flows across multiple relay hosts.

View →
cs.CRcs.LGRecentMay 30, 2026

A Lightweight Hybrid MLP-Based Framework for Real-Time Phishing URL Detection Using Structural URL Features

Uche Unoke Emmanuel, Gideon Francis Oghie

The paper proposes a lightweight hybrid MLP framework that uses structural URL features to achieve highly accurate and computationally efficient real-time phishing URL detection, outperforming several…

View →
cs.CRcs.AIcs.LGRecentMay 29, 2026

Improving IoT Intrusion Detection Through SMOTE-Based Oversampling and Extended Multi-Model Evaluation on Side-Channel Power Data

Muhammad Khuram Shahzad, Haseeb Khan, Muhammad Masood Khan, Mubashra Bibi

This paper improves IoT intrusion detection by addressing severe class imbalance using SMOTE and evaluating eight machine learning models, finding that Random Forest and Extra Trees achieve high perfo…

View →
cs.CRcs.AIcs.LGRecentMay 29, 2026

Improving IoT Intrusion Detection Through SMOTE-Based Oversampling and Extended Multi-Model Evaluation on Side-Channel Power Data

Muhammad Khuram Shahzad, Haseeb Khan, Muhammad Masood Khan, Mubashra Bibi

This paper improves IoT intrusion detection by addressing severe class imbalance using SMOTE and comparing the performance of multiple machine learning models on side-channel power data, showing Rando…

View →
cs.CRcs.AIcs.LGRecentMar 19, 2026

A Novel Solution for Zero-Day Attack Detection in IDS using Self-Attention and Jensen-Shannon Divergence in WGAN-GP

Ziyu Mu, Xiyu Shi, Safak Dogan

The paper proposes an enhanced Wasserstein GAN with Gradient Penalty (SA-JS-WGAN-GP) incorporating Self-Attention and Jensen-Shannon Divergence to synthesize diverse network traffic data, significantl…

View →