MDE computes three entropy features from flow stats to match conventional ML performance (F1 0.708-0.989) on four IDS benchmarks while exposing aggregate-metric failures and providing stable SHAP attributions.
Survey of intrusion detection systems: techniques, datasets and challenges
6 Pith papers cite this work. Polarity classification is still indexing.
citation-role summary
citation-polarity summary
fields
cs.CR 6years
2026 6verdicts
UNVERDICTED 6roles
dataset 1polarities
use dataset 1representative citing papers
A privacy-by-design pipeline using static Drebin features fed to an SVM with dual-reject thresholds defers 6.7% of samples to sandboxed dynamic analysis and reaches F1 0.87 on 2024-2025 data without accessing user information.
PACT reduces benign-normalized false-positive burden by 43% and 21% on AIT-ADS and BOTSv1 benchmarks versus a frozen baseline while issuing 3.8x–5.2x fewer analyst queries than random updating.
Presents a conceptual architecture and research agenda for explainable AI-assisted, bounded mitigation using eBPF/XDP at IoT edge gateways, without experimental results.
A literature survey synthesizes 119 studies on AI-driven alert screening into a four-stage taxonomy of filtering, triage, correlation, and generative augmentation while identifying gaps in deployment realism and robustness.
SecureScan is a triple-layer malware and phishing detector that combines heuristics, logistic regression, and VirusTotal intelligence to reach 93.1 percent accuracy on benchmarks.
citing papers explorer
-
Multi-Level Distributional Entropy for Explainable Network Intrusion Detection
MDE computes three entropy features from flow stats to match conventional ML performance (F1 0.708-0.989) on four IDS benchmarks while exposing aggregate-metric failures and providing stable SHAP attributions.
-
Don't Trust Us: A privacy-by-design android malware detection pipeline
A privacy-by-design pipeline using static Drebin features fed to an SVM with dual-reject thresholds defers 6.7% of samples to sandboxed dynamic analysis and reaches F1 0.87 on 2024-2025 data without accessing user information.
-
PACT: Reducing Alert Fatigue in Low-Prevalence SOC Streams with Triggered Active Learning
PACT reduces benign-normalized false-positive burden by 43% and 21% on AIT-ADS and BOTSv1 benchmarks versus a frozen baseline while issuing 3.8x–5.2x fewer analyst queries than random updating.
-
A Deployment-Oriented Framework for Explainable AI-Assisted eBPF/XDP Mitigation at the IoT Edge
Presents a conceptual architecture and research agenda for explainable AI-assisted, bounded mitigation using eBPF/XDP at IoT edge gateways, without experimental results.
-
AI-Driven Security Alert Screening and Alert Fatigue Mitigation in Security Operations Centers: A Comprehensive Survey
A literature survey synthesizes 119 studies on AI-driven alert screening into a four-stage taxonomy of filtering, triage, correlation, and generative augmentation while identifying gaps in deployment realism and robustness.
-
SecureScan: An AI-Driven Multi-Layer Framework for Malware and Phishing Detection Using Logistic Regression and Threat Intelligence Integration
SecureScan is a triple-layer malware and phishing detector that combines heuristics, logistic regression, and VirusTotal intelligence to reach 93.1 percent accuracy on benchmarks.