ChronosAD introduces a novel architecture that uses time series foundation models and a custom Temporal Block to achieve robust and highly accurate anomaly detection across diverse domains.

The paper introduces VisAnomReasoner, a parameter-efficient Vision-Language Model (VLM), trained on a new benchmark (VisAnomBench) to accurately and interpretably detect anomalies in time-series data.

This paper evaluates unsupervised temporal learning models, specifically recurrent autoencoders, for real-time anomaly detection in vulnerable IEC-61850 GOOSE networks, demonstrating that the GRU mode…

The paper proposes the Distilled Explanation Model (DEM), a novel glass-box framework that achieves high-accuracy, clinically interpretable anomaly detection in physiological sensor data by distilling…

The paper introduces QuITE, a plug-and-play embedding module that uses learnable query tokens to effectively embed irregular multivariate time series data into latent representations compatible with e…

IstGPT introduces a novel LLM-based framework for real-time, fine-grained anomaly detection in complex industrial cyber-physical systems, achieving state-of-the-art performance across multiple benchma…

The paper proposes MaskDiff-AD, a forward-only masked diffusion model trained on nominal data to achieve state-of-the-art anomaly detection across various categorical, mixed-type, and text datasets.

The paper proposes a novel nonparametric mutual information estimator to robustly quantify dependence between heterogeneous temporal data, specifically continuous time series and discrete event sequen…

The study assesses the generalization capability of supervised machine learning models for intrusion detection using UNSW-NB15 and TON_IoT, finding a significant performance drop when models are teste…

This paper analyzes how vulnerable various machine learning models are to data poisoning attacks in IoT intrusion detection, finding that ensemble methods are more robust than Logistic Regression and…

This paper enhances anomaly-based Intrusion Detection Systems by integrating process mining to provide detailed, process-based explanations and severity ratings for detected network anomalies.

The paper proposes PROVFUSION, a multi-view fusion framework that integrates anomaly signals from attribute, structure, and causality views to overcome the limitations of single node- or edge-centric…

The paper proposes a system-aware unsupervised framework that combines lightweight online detection with a contextual digital twin and LLM to provide interpretable, actionable anomaly diagnoses for In…

SCAFDS introduces a novel, seven-stage graph attention system that models fraud propagation using co-occurrence edge features and generates forensically traceable SAR narratives, significantly improvi…

The paper proposes reframing mechanistic anomaly detection (MAD) as a functional attribution problem, using influence functions to measure how much a model's output depends on specific input samples,…

This paper proposes using genetic programming (GP) to jointly evolve both the feature sets and the structure of survival trees, resulting in highly interpretable and high-performing shallow models for…

The paper proposes ICSA, a robust anonymization technique that replaces PCA with invariant coordinate selection to improve data privacy protection, especially when the dataset contains outliers, outpe…

The paper investigates forecasting sparse and bursty vulnerability sightings, concluding that traditional time-series models like SARIMAX are inadequate, and count-based methods like Poisson regressio…

The paper introduces a structured benchmark (TGAD) showing that current text-guided anomaly detection models often overstate their language conditioning, as performance significantly degrades when the…

The paper identifies a universal, statistically predictable distribution (Mandelbrot) governing LLM outputs, enabling a highly efficient, model-agnostic scoring primitive for provenance and quality as…