The paper introduces VisAnomReasoner, a parameter-efficient Vision-Language Model (VLM), trained on a new benchmark (VisAnomBench) to accurately and interpretably detect anomalies in time-series data.

The paper proposes MaskDiff-AD, a forward-only masked diffusion model trained on nominal data to achieve state-of-the-art anomaly detection across various categorical, mixed-type, and text datasets.

This paper evaluates unsupervised temporal learning models, specifically recurrent autoencoders, for real-time anomaly detection in vulnerable IEC-61850 GOOSE networks, demonstrating that the GRU mode…

This paper presents a fully unsupervised framework called CRAFTIIF for detecting four types of anomalies in multivariate time series data.

IstGPT introduces a novel LLM-based framework for real-time, fine-grained anomaly detection in complex industrial cyber-physical systems, achieving state-of-the-art performance across multiple benchma…

NLLog introduces a lightweight system that converts structured security logs into natural language sentences for improved anomaly detection, achieving high performance with low false-positive rates su…

NLLog is a lightweight pipeline that rewrites system-generated logs into natural language for improved analysis and comprehension.

The paper introduces QuITE, a plug-and-play embedding module that uses learnable query tokens to effectively embed irregular multivariate time series data into latent representations compatible with e…

The paper proposes TEMG-TTA, a novel framework that combines temporal motif awareness and test-time adaptation to significantly improve Out-of-Distribution (OOD) anomaly detection in complex blockchai…

The paper proposes TEMG-TTA, a novel framework that uses temporal motif-aware graph test-time adaptation to significantly improve Out-of-Distribution (OOD) anomaly detection on complex cryptocurrency…

NetVAD proposes a novel, identifier-free Variational Autoencoder that leverages frozen Foundation Models to achieve highly competitive unsupervised performance for zero-day intrusion detection.

This paper enhances anomaly-based Intrusion Detection Systems by integrating process mining to provide detailed, process-based explanations and severity ratings for detected network anomalies.

ML Defender (aRGus NDR) is an open-source, embedded Machine Learning Network Intrusion Detection System (NIDS) that achieves superior detection rates for botnet and anomalous traffic on resource-const…

The paper proposes PROVFUSION, a multi-view fusion framework that integrates anomaly signals from attribute, structure, and causality views to overcome the limitations of single node- or edge-centric…

The paper proposes a system-aware unsupervised framework that combines lightweight online detection with a contextual digital twin and LLM to provide interpretable, actionable anomaly diagnoses for In…

CHRONOS is a novel three-layer architecture designed to address coupled failures in temporal data marketplaces by integrating temporal decay, changepoint-aware pricing, and differential privacy for ro…

The paper proposes INTARG, an informed and selective adversarial attack framework for time-series forecasting that significantly increases prediction error by targeting only the most vulnerable time s…

The paper systematically evaluates various tabular representation learning techniques to automatically extract robust features from NetFlow data for network intrusion detection, finding that supervise…

The paper demonstrates that using the transformer-based foundation model TabPFNv2.5 can significantly speed up IoT intrusion detection compared to traditional ensemble methods while maintaining high a…

This study longitudinally evaluates the adversarial robustness of Android malware detection systems over a decade, finding that temporal separation significantly degrades robustness due to concept dri…