Meta-Quantum Ensemble Framework for Robust Network Intrusion Detection

Intrusion Detection Systems IDSs must maintain high detection sensitivity while operating under strict false-positive constraints, a challenge intensified by class imbalance and heterogeneous IoT traffic. This work investigates whether heterogeneous quantum learners can provide useful and...

UNAD+: An Explainable Hybrid Framework for Unknown Network Attack Detection

The detection of previously unseen network attacks remains a major challenge for intrusion detection systems. Although supervised learning methods often perform well on known attack classes, they are limited when new attack types are not represented in the training data. Unsupervised methods are...

SAGE: Scalable Automatic Gating Ensemble for Confident Negative Harvesting in Fraud Detection

Music streaming fraud, where bad actors artificially inflate stream counts to manipulate chart rankings and royalty payments, poses a significant threat to streaming services and legitimate content creators. Traditional fraud detection approaches struggle with a critical challenge: many legitimat...

From Detection to Response: A Deep Learning and Retrieval-Augmented Generation Framework for Network Intrusion Mitigation

Machine-learning-based Intrusion Detection Systems IDS have achieved impressive accuracy in classifying network attacks, yet they consistently fall short on the question that matters most to a security analyst: what should I do next? This paper presents a unified, end-to-end framework that closes...

Gray-Box Poisoning of Continuous Malware Ingestion Pipelines

Modern malware detection pipelines rely on continuous data ingestion and machine learning to counter the high volume of novel threats. This work investigates a realistic gray-box poisoning threat model targeting these pipelines. Using the secmlmalware framework, we generate problem-space...

Toward Autonomous SOC Operations: End-To-End LLM Framework for Threat Detection, Query Generation, and Resolution in Security Operations

Security Operations Centers SOCs face mounting operational challenges. These challenges come from increasing threat volumes, heterogeneous SIEM platforms, and time-consuming manual triage workflows. We present an end-to-end threat management framework that integrates ensemble-based detection,...

SDNGuardStack: An Explainable Ensemble Learning Framework for High-Accuracy Intrusion Detection in Software-Defined Networks

Software-Defined Networking SDN is another technology that has been developing in the last few years as a relevant technique to improve network programmability and administration. Nonetheless, its centralized design presents a major security issue, which requires effective intrusion detection...

Robustness Analysis of Machine Learning Models for IoT Intrusion Detection under Data Poisoning Attacks

Ensuring the reliability of machine learning-based intrusion detection systems remains a critical challenge in Internet of Things IoT environments, particularly as data poisoning attacks increasingly threaten the integrity of model training pipelines. This study evaluates the susceptibility of fo...

Optimizing IoT Intrusion Detection with Tabular Foundation Models for Smart City Forensics

Security operations in smart cities demand detection systems that balance accuracy with response time. While ensemble methods like Random Forest achieve high accuracy, their computational overhead impedes real-time forensic triage. We present the first systematic evaluation of TabPFNv2.5, a...

RansomTrack: A Hybrid Behavioral Analysis Framework for Ransomware Detection

Ransomware poses a serious and fast-acting threat to critical systems, often encrypting files within seconds of execution. Research indicates that ransomware is the most reported cybercrime in terms of financial damage, highlighting the urgent need for early-stage detection before encryption is...

SALLIE: Safeguarding against Latent Language and Image Exploits

Large Language Models LLMs and Vision-Language Models VLMs remain highly vulnerable to textual and visual jailbreaks, as well as prompt injections arXiv:2307.15043, Greshake et al., 2023, arXiv:2306.13213. Existing defenses often degrade performance through complex input transformations or treat...

Risk-Adjusted Harm Scoring for Automated Red Teaming for LLMs in Financial Services

The rapid adoption of large language models LLMs in financial services introduces new operational, regulatory, and security risks. Yet most red-teaming benchmarks remain domain-agnostic and fail to capture failure modes specific to regulated BFSI settings, where harmful behavior can be elicited...

AMDS: Attack-Aware Multi-Stage Defense System for Network Intrusion Detection with Two-Stage Adaptive Weight Learning

Machine learning based network intrusion detection systems are vulnerable to adversarial attacks that degrade classification performance under both gradient-based and distribution shift threat models. Existing defenses typically apply uniform detection strategies, which may not account for...

MultiVer: Zero-Shot Multi-Agent Vulnerability Detection

We present MultiVer, a zero-shot multi-agent system for vulnerability detection that achieves state-of-the-art recall without fine-tuning. A four-agent ensemble security, correctness, performance, style with union voting achieves 82.7% recall on PyVul, exceeding fine-tuned GPT-3.5 81.3% by 1.4...

StealthRL: Reinforcement Learning Paraphrase Attacks for Multi-Detector Evasion of AI-Text Detectors

AI-text detectors face a critical robustness challenge: adversarial paraphrasing attacks that preserve semantics while evading detection. We introduce StealthRL, a reinforcement learning framework that stress-tests detector robustness under realistic adversarial conditions. StealthRL trains a...

Memory-Based Malware Detection under Limited Data Conditions: A Comparative Evaluation of TabPFN and Ensemble Models

Artificial intelligence and machine learning have significantly advanced malware research by enabling automated threat detection and behavior analysis. However, the availability of exploitable data is limited, due to the absence of large datasets with real-world data. Despite the progress of AI i...

Elevating Intrusion Detection and Security Fortification in Intelligent Networks through Cutting-Edge Machine Learning Paradigms

The proliferation of IoT devices and their reliance on Wi-Fi networks have introduced significant security vulnerabilities, particularly the KRACK and Kr00k attacks, which exploit weaknesses in WPA2 encryption to intercept and manipulate sensitive data. Traditional IDS using classifiers face...

Enhancing Decision-Making in Windows PE Malware Classification during Dataset Shifts with Uncertainty Estimation

Artificial intelligence techniques have achieved strong performance in classifying Windows Portable Executable PE malware, but their reliability often degrades under dataset shifts, leading to misclassifications with severe security consequences. To address this, we enhance an existing LightGBM...

Phishing Detection System: An Ensemble Approach Using Character-Level CNN and Feature Engineering

In actuality, phishing attacks remain one of the most prevalent cybersecurity risks in existence today, with malevolent actors constantly changing their strategies to successfully trick users. This paper presents an AI model for a phishing detection system that uses an ensemble approach to combin...

Diverse LLMs Vs. Vulnerabilities: Who Detects and Fixes Them Better?

Large Language Models LLMs are increasingly being studied for Software Vulnerability Detection SVD and Repair SVR. Individual LLMs have demonstrated code understanding abilities, but they frequently struggle when identifying complex vulnerabilities and generating fixes. This study presents...