Cognitive Threat Intelligence and Explainable Federated Security Analytics for Distributed Infrastructure Systems

The increasing adoption of distributed infrastructure systems, cloud computing, Internet of Things IoT technologies, and edge-based architectures has significantly expanded the cybersecurity attack surface and introduced increasingly sophisticated cyber threats. Conventional centralized intrusion...

Explainable AI-Driven Cyber Risk Analytics and Model Reliability Assessment for Intelligent Governance of U.S. Critical Infrastructure: An XGBoost and SHAP-Based Intrusion Detection Framework

The increasing penetrations of the critical infrastructure sector in the United States with intelligent digital technologies have greatly increased exposure to advanced cyber adversaries and operational vulnerabilities. AI-powered governance and automated decision-making systems are becoming a ke...

Explainable Attention-Based LSTM Framework for Early Detection of AI-Assisted Ransomware Via File System Behavioral Analysis

Ransomware continues to evolve as one of the most disruptive cyber threats, with recent variants increasingly leveraging automated and AI-assisted techniques to evade traditional signature-based defenses. Early detection of such attacks remains a significant challenge, particularly when malicious...

Detecting Cybersecurity Threats by Integrating Explainable AI with SHAP Interpretability and Strategic Data Sampling

The critical need for transparent and trustworthy machine learning in cybersecurity operations drives the development of this integrated Explainable AI XAI framework. Our methodology addresses three fundamental challenges in deploying AI for threat detection: handling massive datasets through...

From One Attack Domain to Another: Contrastive Transfer Learning with Siamese Networks for APT Detection

Advanced Persistent Threats APT pose a major cybersecurity challenge due to their stealth, persistence, and adaptability. Traditional machine learning detectors struggle with class imbalance, high dimensional features, and scarce real world traces. They often lack transferability-performing well ...

Automated and Explainable Denial of Service Analysis for AI-Driven Intrusion Detection Systems

With the increasing frequency and sophistication of Distributed Denial of Service DDoS attacks, it has become critical to develop more efficient and interpretable detection methods. Traditional detection systems often struggle with scalability and transparency, hindering real-time response and...

Explainable but Vulnerable: Adversarial Attacks on XAI Explanation in Cybersecurity Applications

Explainable Artificial Intelligence XAI has aided machine learning ML researchers with the power of scrutinizing the decisions of the black-box models. XAI methods enable looking deep inside the models' behavior, eventually generating explanations along with a perceived trust and transparency...

How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

AI is changing automation—but not always for the better. That's why we're hosting a new webinar, "Workflow Clarity: Where AI Fits in Modern Automation," with Thomas Kinsella, Co-founder & Chief Customer Officer at Tines, to explore how leading teams are cutting through the hype and building...

SoK: Systematic Analysis of Adversarial Threats against Deep Learning Approaches for Autonomous Anomaly Detection Systems in SDN-IoT Networks

Integrating SDN and the IoT enhances network control and flexibility. DL-based AAD systems improve security by enabling real-time threat detection in SDN-IoT networks. However, these systems remain vulnerable to adversarial attacks that manipulate input data or exploit model weaknesses,...

Large Language Model-Based Framework for Explainable Cyberattack Detection in Automatic Generation Control Systems

The increasing digitization of smart grids has improved operational efficiency but also introduced new cybersecurity vulnerabilities, such as False Data Injection Attacks FDIAs targeting Automatic Generation Control AGC systems. While machine learning ML and deep learning DL models have shown...

POLARIS: Explainable Artificial Intelligence for Mitigating Power Side-Channel Leakage

Microelectronic systems are widely used in many sensitive applications e.g., manufacturing, energy, defense. These systems increasingly handle sensitive data e.g., encryption key and are vulnerable to diverse threats, such as, power side-channel attacks, which infer sensitive data through dynamic...

There'S Waldo: PCB Tamper Forensic Analysis Using Explainable AI on Impedance Signatures

The security of printed circuit boards PCBs has become increasingly vital as supply chain vulnerabilities, including tampering, present significant risks to electronic systems. While detecting tampering on a PCB is the first step for verification, forensics is also needed to identify the modified...

AI-Driven IRM: Transforming Insider Risk Management with Adaptive Scoring and LLM-Based Threat Detection

Insider threats pose a significant challenge to organizational security, often evading traditional rule-based detection systems due to their subtlety and contextual nature. This paper presents an AI-powered Insider Risk Management IRM system that integrates behavioral analytics, dynamic risk...

Towards Explainable and Lightweight AI for Real-Time Cyber Threat Hunting in Edge Networks

As cyber threats continue to evolve, securing edge networks has become increasingly challenging due to their distributed nature and resource limitations. Many AI-driven threat detection systems rely on complex deep learning models, which, despite their high accuracy, suffer from two major...