This paper introduces a machine learning system that detects phishing emails by analyzing contextual features from the entire email body content, achieving 95.41% accuracy using Logistic Regression.

This paper proposes an explainable threat attribution system for IoT networks that uses SHAP and flow behavior modeling to accurately classify and explain over 30 distinct attack variants into 8 meani…

This paper develops and evaluates supervised machine learning models to detect malicious tool descriptions within the Model Context Protocol (MCP), achieving high detection rates in both binary and mu…

The paper proposes a lightweight hybrid MLP framework that uses structural URL features to achieve highly accurate and computationally efficient real-time phishing URL detection, outperforming several…

This paper develops and analyzes various ensemble models, culminating in an XGBoost-based system, to reliably detect UAV intrusions using XAI and advanced statistical methods to pinpoint the root caus…

The paper proposes XAI FL-IDS, a novel framework that combines Federated Learning and SHAP-based explainability to build a privacy-preserving and highly accurate distributed Intrusion Detection System…

The paper proposes a unified closed-loop threat taxonomy to systematically analyze and defend foundation models by explicitly framing the bidirectional security interactions between data and models.

The paper proposes a graph-based framework for detecting attacks in LLM agent tool-call traffic, finding that content-level embeddings are crucial for high accuracy and that tree ensembles on these em…

The paper proposes an ensemble learning framework combined with SHAP-based Explainable AI (XAI) to achieve robust and interpretable anomaly detection for network traffic in embedded systems.

CyberCane is a neuro-symbolic framework that enhances phishing detection by combining symbolic rule analysis with privacy-preserving RAG and formal ontology reasoning, achieving high recall against AI…

This paper enhances anomaly detection and threat intelligence in Zero Trust IoT environments by applying and comparing various machine learning classifiers, notably using SMOTE to improve accuracy on…

This paper proposes a two-stage machine learning system that accurately detects I2P traffic and subsequently classifies it as data exfiltration or legitimate activity, achieving high accuracy in both…

The paper demonstrates that generative AI can automate and scale highly personalized, context-aware spear-phishing attacks using only public social media data, resulting in messages that are significa…

The paper introduces GuardPhish, a large-scale dataset and evaluation framework, demonstrating that even high-performing open-source LLMs can generate actionable phishing content despite accurate inte…

UNAD+ is an enhanced, explainable hybrid framework that effectively detects unknown zero-day network attacks by combining unsupervised ensemble methods with supervised refinement and post hoc explaina…

The paper introduces a synthetic dataset of multi-round conversations to detect conversational smishing, finding that XGBoost with TF-IDF features achieved the best performance (72.5% accuracy).

PhishSigma++ is a novel entity-relation-based detector that improves malicious email detection by focusing on invariant functional relationships between typed entities, significantly outperforming tex…

The paper evaluates AI's effectiveness in detecting network intrusions and cryptographic side-channel leakage, finding high accuracy in stable environments but performance degradation with novel traff…

The study analyzed TLS certificate and domain features in the Danish .dk namespace to distinguish phishing sites, concluding that while combined features are useful, no single attribute reliably ident…

This study provides the first measurement of authentication security in real-world remote Model Context Protocol (MCP) servers, finding pervasive and critical authentication weaknesses, particularly i…