This paper enhances anomaly-based Intrusion Detection Systems by integrating process mining to provide detailed, process-based explanations and severity ratings for detected network anomalies.

The paper proposes an ensemble learning framework combined with SHAP-based Explainable AI (XAI) to achieve robust and interpretable anomaly detection for network traffic in embedded systems.

ChronosAD introduces a novel architecture that uses time series foundation models and a custom Temporal Block to achieve robust and highly accurate anomaly detection across diverse domains.

This paper enhances anomaly detection and threat intelligence in Zero Trust IoT environments by applying and comparing various machine learning classifiers, notably using SMOTE to improve accuracy on…

This paper evaluates unsupervised temporal learning models, specifically recurrent autoencoders, for real-time anomaly detection in vulnerable IEC-61850 GOOSE networks, demonstrating that the GRU mode…

The paper evaluates AI's effectiveness in detecting network intrusions and cryptographic side-channel leakage, finding high accuracy in stable environments but performance degradation with novel traff…

GRASP introduces a novel graph-based anomaly detection system that uses masked self-supervised classification on process provenance graphs to robustly identify unknown and unknown-unknown anomalous be…

The study assesses the generalization capability of supervised machine learning models for intrusion detection using UNSW-NB15 and TON_IoT, finding a significant performance drop when models are teste…

The paper proposes a novel Federated Learning framework combined with Homomorphic Encryption and a dynamic agent selection scheme to enhance privacy and efficiency for anomaly detection in the Industr…

This paper improves IoT intrusion detection by addressing severe class imbalance using SMOTE and evaluating eight machine learning models, finding that Random Forest and Extra Trees achieve high perfo…

This paper improves IoT intrusion detection by addressing severe class imbalance using SMOTE and comparing the performance of multiple machine learning models on side-channel power data, showing Rando…

The paper proposes MaskDiff-AD, a forward-only masked diffusion model trained on nominal data to achieve state-of-the-art anomaly detection across various categorical, mixed-type, and text datasets.

This paper discusses the significant challenges in developing a holistic intrusion detection system for Industrial Control Systems (ICS) that must cover all operational dimensions.

IstGPT introduces a novel LLM-based framework for real-time, fine-grained anomaly detection in complex industrial cyber-physical systems, achieving state-of-the-art performance across multiple benchma…

This paper develops and analyzes various ensemble models, culminating in an XGBoost-based system, to reliably detect UAV intrusions using XAI and advanced statistical methods to pinpoint the root caus…

The paper proposes a few-shot network intrusion detection system using online triplet mining and a KNN classifier, achieving competitive performance even when trained on very limited samples of malici…

The paper introduces a structured benchmark (TGAD) showing that current text-guided anomaly detection models often overstate their language conditioning, as performance significantly degrades when the…

This paper proposes and evaluates a federated deep learning framework using autoencoders for lightweight, privacy-preserving, and scalable real-time anomaly detection in resource-constrained IoT netwo…

The paper proposes a novel method to generate adversarial malware samples that evade deep learning detectors while simultaneously minimizing the detectable 'drift' signals, showing that similarity con…

The paper proposes PROVFUSION, a multi-view fusion framework that integrates anomaly signals from attribute, structure, and causality views to overcome the limitations of single node- or edge-centric…