Integration of AI in Cybersecurity: Current Trends with a Focused Look at Intrusion Detection Applications

A. Mansour; M. Y. Chkouri; S. Tazili

arxiv: 2605.17219 · v1 · pith:D4KI4IMPnew · submitted 2026-05-17 · 💻 cs.CR · cs.AI· cs.LG· cs.NI· eess.SP

Integration of AI in Cybersecurity: Current Trends with a Focused Look at Intrusion Detection Applications

S. Tazili , A. Mansour , M. Y. Chkouri This is my paper

Pith reviewed 2026-05-20 00:05 UTC · model grok-4.3

classification 💻 cs.CR cs.AIcs.LGcs.NIeess.SP

keywords AI in cybersecurityintrusion detectionmachine learningdeep learningreview papercomparative analysiscybersecurity trends

0 comments

The pith

A review of AI techniques for intrusion detection compares performance across methods to extract practical insights for cybersecurity.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper reviews how artificial intelligence is applied to cybersecurity problems, with primary attention on intrusion detection systems. It surveys established approaches such as machine learning and deep learning along with newer directions including generative models, federated learning, and explainable AI. The authors perform a comparative analysis organized by the specific AI techniques used and the performance numbers reported in the literature. The goal is to surface patterns that indicate which methods deliver stronger results under different conditions. Such a synthesis matters because intrusion threats continue to grow in volume and sophistication, and clearer guidance on technique selection can improve defensive capabilities.

Core claim

Through a focused review of AI-based intrusion detection studies, the paper establishes that comparative analysis organized by employed techniques and reported performance metrics yields concrete insights into relative strengths and limitations of current methods.

What carries the argument

Comparative analysis of intrusion detection approaches grouped by AI technique type and the performance figures each study reports.

If this is right

Machine learning and deep learning remain the dominant techniques with the most published performance data.
Federated learning and explainable AI are emerging as practical ways to address privacy and trust requirements.
Generative AI methods are being explored for data augmentation and novel attack simulation in detection pipelines.
Aggregated performance trends can guide practitioners when choosing an initial detection architecture for a given environment.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

The review's insights could be strengthened by including a small number of standardized benchmark evaluations run under identical conditions.
Similar comparative approaches might be applied to other cybersecurity tasks such as malware classification or phishing detection to test consistency of trends.
If performance gaps between techniques prove stable across future studies, the field could move toward more selective deployment rather than continued broad experimentation.

Load-bearing premise

Performance numbers drawn from separate studies can be placed side by side and interpreted as comparable evidence of each technique's effectiveness.

What would settle it

A meta-analysis that shows systematic differences in evaluation datasets, attack types, or metric definitions across the reviewed papers, such that direct performance comparisons no longer support reliable rankings of techniques.

read the original abstract

Artificial Intelligence (AI) is widely adopted today for its ability to detect patterns, automate tasks, and reduce time and cost across various applications. Its integration into Cybersecurity has garnered significant attention, particularly in areas such as intrusion detection, malware analysis, and phishing or spam detection. As AI and cybersecurity evolve, new methods and approaches emerge regularly. Current trends include the use of Generative AI, Natural Language Processing, Federated Learning for privacy-preserving collaborative training, and eXplainable AI to ensure interpretability and trust, which are vital in cybersecurity. This paper presents an interesting review of current AI-based cybersecurity trends, focusing on intrusion detection approaches and aiming to uncover meaningful insights through comparative analysis based on the employed AI techniques and reported performance.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

This is a standard survey on AI for intrusion detection whose performance comparisons don't hold up due to unnormalized differences across studies.

read the letter

The paper is a review of AI trends in cybersecurity, zeroing in on intrusion detection. It highlights things like generative AI, NLP, federated learning, and XAI, and tries to compare techniques based on reported performance numbers from various studies. What stands out is that there's no new result or framework here. It's all pulling from existing literature. It does a decent job laying out the landscape and noting how these methods are being applied to detect intrusions, which could help organize some knowledge for readers. The soft spot is in the comparative part. The stress test points out the problem correctly: studies use different datasets like KDD'99, NSL-KDD, CICIDS2017, and UNSW-NB15, along with varying metrics such as accuracy or F1 score, and different attack types. Without explicit handling of these differences, like through normalization or only comparing within the same dataset, the aggregated insights can't be treated as reliable evidence for superiority of one technique over another. The abstract mentions comparative analysis but lacks details on literature selection criteria or how inconsistencies are managed. No new math or data here, just exposition. The citation pattern seems typical for a survey, drawing on prior works without self-referential issues. This paper is for readers who want a broad overview of current trends rather than cutting-edge research or new derivations. A student or practitioner might get value from the summary of trends and applications. Researchers looking for validated comparisons or solutions to open problems won't find much depth here. I'd recommend sending it to peer review, but only after the authors add a clear methodology for the review process and address the comparability issues in the analysis. It deserves a serious look because surveys can be valuable when done carefully, even if this version has some gaps.

Referee Report

2 major / 2 minor

Summary. This paper reviews current trends in the integration of AI into cybersecurity, with a focused examination of intrusion detection applications. It covers emerging approaches including Generative AI, Natural Language Processing, Federated Learning for privacy preservation, and eXplainable AI, while presenting a comparative analysis of AI techniques based on their reported performance metrics from selected studies to derive meaningful insights.

Significance. A rigorous review that successfully aggregates and normalizes performance data across studies could provide practitioners and researchers with actionable guidance on selecting AI methods for intrusion detection. The emphasis on trends like federated learning and XAI addresses timely concerns around privacy and interpretability, but the overall significance hinges on whether cross-study comparisons are methodologically sound.

major comments (2)

[Abstract] Abstract and review methodology section: the central claim that the paper uncovers 'meaningful insights' via comparative analysis of AI techniques and reported performance requires explicit literature selection criteria, inclusion/exclusion rules, and handling of inconsistent reporting; none of these are described, making it impossible to assess whether the aggregated results are reliable.
[Comparative Analysis] Comparative analysis section (performance tables or discussion): studies are drawn from heterogeneous sources using KDD'99/NSL-KDD, CICIDS2017, UNSW-NB15 and proprietary datasets with non-standardized metrics (accuracy, detection rate, F1, AUC) and varying attack subsets/train-test splits; without meta-regression, normalization, or restriction to intra-dataset comparisons, the insights on technique superiority cannot be treated as valid evidence.

minor comments (2)

[Tables and Figures] Ensure all figures and tables are clearly labeled with dataset and metric details to allow readers to evaluate comparability.
[Discussion or Conclusion] Add a dedicated subsection on limitations of the review, including potential publication bias and the rapid evolution of the field.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive and detailed comments on our manuscript. We address each major comment below, indicating planned revisions where appropriate.

read point-by-point responses

Referee: [Abstract] Abstract and review methodology section: the central claim that the paper uncovers 'meaningful insights' via comparative analysis of AI techniques and reported performance requires explicit literature selection criteria, inclusion/exclusion rules, and handling of inconsistent reporting; none of these are described, making it impossible to assess whether the aggregated results are reliable.

Authors: We agree that explicit literature selection criteria, inclusion/exclusion rules, and discussion of inconsistent reporting are essential for transparency and to support claims of meaningful insights. The original manuscript described the review approach at a high level without sufficient detail on the process. In the revised version, we will add a dedicated methodology subsection specifying the search strategy, databases consulted, keywords, publication time frame considered, and explicit inclusion/exclusion criteria (e.g., focus on peer-reviewed works addressing AI techniques in intrusion detection with reported performance metrics). We will also include a brief discussion of how variability in reporting was addressed by prioritizing studies with standard metrics and noting limitations. revision: yes
Referee: [Comparative Analysis] Comparative analysis section (performance tables or discussion): studies are drawn from heterogeneous sources using KDD'99/NSL-KDD, CICIDS2017, UNSW-NB15 and proprietary datasets with non-standardized metrics (accuracy, detection rate, F1, AUC) and varying attack subsets/train-test splits; without meta-regression, normalization, or restriction to intra-dataset comparisons, the insights on technique superiority cannot be treated as valid evidence.

Authors: We acknowledge the methodological challenges highlighted. The comparative analysis in the manuscript was conceived as an overview of reported performance trends across selected studies rather than a formal statistical aggregation or claim of general superiority. To address the concern, we will revise the section to restrict direct comparisons primarily to intra-dataset results where feasible, add prominent caveats regarding dataset heterogeneity, differing metrics, attack subsets, and train-test splits, and avoid unqualified statements on technique superiority. While conducting a full meta-regression exceeds the scope of this narrative review, we will incorporate normalization notes by dataset and emphasize interpretive caution. revision: partial

Circularity Check

0 steps flagged

Review aggregates external literature with no internal derivation chain

full rationale

This is a survey paper that reviews trends in AI for cybersecurity and intrusion detection by summarizing published studies. It contains no original equations, fitted parameters, predictions, or mathematical derivations that could reduce to self-defined inputs. All performance comparisons draw from independently published external works rather than any self-referential construction or self-citation load-bearing premise. The paper's structure is descriptive and aggregative, with no steps that qualify as self-definitional, fitted-input-called-prediction, or ansatz-smuggled-in-via-citation under the defined criteria.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

The review rests on the assumption that the chosen body of literature is representative and that reported performance numbers can be meaningfully compared across studies without major inconsistencies in evaluation protocols.

axioms (1)

domain assumption The body of literature selected for review accurately represents current trends in AI for cybersecurity and intrusion detection.
The comparative analysis depends on the choice and coverage of papers reviewed.

pith-pipeline@v0.9.0 · 5670 in / 1074 out tokens · 47986 ms · 2026-05-20T00:05:10.040152+00:00 · methodology

discussion (0)

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

IndisputableMonolith/Foundation/RealityFromDistinction.lean reality_from_one_distinction unclear

?

unclear
Relation between the paper passage and the cited Recognition theorem.

This paper presents a review of current AI-based cybersecurity trends, focusing on intrusion detection approaches and aiming to uncover meaningful insights through comparative analysis based on the employed AI techniques and reported performance.

What do these tags mean?

matches: The paper's claim is directly supported by a theorem in the formal canon.
supports: The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends: The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses: The paper appears to rely on the theorem as machinery.
contradicts: The paper's claim conflicts with a theorem or certificate in the canon.
unclear: Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

34 extracted references · 34 canonical work pages

[1]

Explain- able artificial intelligence in cybersecurity: A survey.IEEE Access, 10:93575–93600, 2022

Nicola Capuano, Giuseppe Fenza, Vincenzo Loia, and Claudio Stanzione. Explain- able artificial intelligence in cybersecurity: A survey.IEEE Access, 10:93575–93600, 2022

work page 2022
[2]

Bimal Ghimire and Danda B. Rawat. Recent advances on federated learning for cybersecurity and cybersecurity for federated learning for internet of things.IEEE Internet of Things Journal, 9(11):8229–8249, 2022

work page 2022
[3]

To- ward an exhaustive review on machine learning for cybersecurity.Procedia Computer Science, 203:583–587, 2022

Hanan Bahassi, Nahid Edddermoug, Abdeljebar Mansour, and Azmi Mohamed. To- ward an exhaustive review on machine learning for cybersecurity.Procedia Computer Science, 203:583–587, 2022

work page 2022
[4]

Feature selection in cybersecurity: A comparative study of machine learning models.Procedia Computer Science, 265:140– 148, 2025

Abderrazak Boumahdi, Mohamed Azmi, Mourad Zegrari, Nahid Eddermoug, Saadeddine Tazili, and Abdelfatah Ettalibi. Feature selection in cybersecurity: A comparative study of machine learning models.Procedia Computer Science, 265:140– 148, 2025

work page 2025
[5]

klm-ppsa v

Nahid Eddermoug, Abdeljebar Mansour, Mohamed Sadik, Essaid Sabir, and Mo- hamed Azmi. klm-ppsa v. 1.1: machine learning-augmented profiling and pre- venting security attacks in cloud environments.Annals of Telecommunications, 78(11):729–755, 2023

work page 2023
[6]

Syst‘eme de reconnaissance et de prévention des attaques

Nahid Eddermoug, Abdeljebar Mansour, Mohamed Sadik, Essaid Sabir, and Mo- hamed Azmi. Syst‘eme de reconnaissance et de prévention des attaques. MA Patent 50274, April 2022

work page 2022
[7]

klm-PPSA Dataset V 1.0 [dataset]

Nahid Eddermoug, Abdeljebar Mansour, Mohamed Sadik, Essaid Sabir, and Mo- hamed Azmi. klm-PPSA Dataset V 1.0 [dataset]. IEEE Dataport,https://dx. doi.org/10.21227/1c13-df06, October 2022. 8 S. Tazili et al

work page doi:10.21227/1c13-df06 2022
[8]

Classification and explanation for intrusion detection system based on ensemble trees and shap method.Sensors, 22(3), 2022

Thi-Thu-Huong Le, Haeyoung Kim, Hyoeun Kang, and Howon Kim. Classification and explanation for intrusion detection system based on ensemble trees and shap method.Sensors, 22(3), 2022

work page 2022
[9]

Imtiaz Ullah and Qusay H. Mahmoud. A scheme for generating a dataset for anoma- lous activity detection in iot networks. In Cyril Goutte and Xiaodan Zhu, editors, Advances in Artificial Intelligence, pages 508–520, Cham, 2020. Springer Interna- tional Publishing

work page 2020
[10]

Sarhan, S

M. Sarhan, S. Layeghy, and M. Portmann. Towards a standard feature set for network intrusion detection system datasets.Mobile Networks and Applications, 27(1):357–370, 2022

work page 2022
[11]

An explainable and resilient intrusion detection system for industry 5.0.IEEE Transactions on Consumer Electronics, 70(1):1342–1350, 2024

Danish Javeed, Tianhan Gao, Prabhat Kumar, and Alireza Jolfaei. An explainable and resilient intrusion detection system for industry 5.0.IEEE Transactions on Consumer Electronics, 70(1):1342–1350, 2024

work page 2024
[12]

Sharafaldin, A

I. Sharafaldin, A. Lashkari, and A. Ghorbani. Toward generating a new intrusion detection dataset and intrusion traffic characterization. InProceedings of the 4th International Conference on Information Systems Security and Privacy - ICISSP, pages 108–116, Lda, 2018. SciTePress

work page 2018
[13]

Explainable artificial intelligence for intrusion detection in iot networks: A deep learning based approach.Expert Systems with Applications, 238:121751, 2024

Bhawana Sharma, Lokesh Sharma, Chhagan Lal, and Satyabrata Roy. Explainable artificial intelligence for intrusion detection in iot networks: A deep learning based approach.Expert Systems with Applications, 238:121751, 2024

work page 2024
[14]

Ghorbani

Mahbod Tavallaee, Ebrahim Bagheri, Wei Lu, and Ali A. Ghorbani. A detailed analysis of the kdd cup 99 data set. In2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pages 1–6, 2009

work page 2009
[15]

Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set)

Nour Moustafa and Jill Slay. Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). In2015 Military Com- munications and Information Systems Conference (MilCIS), pages 1–6, 2015

work page 2015
[16]

Asokan, and Ahmad-Reza Sadeghi

Thien Duc Nguyen, Samuel Marchal, Markus Miettinen, Hossein Fereidooni, N. Asokan, and Ahmad-Reza Sadeghi. Dïot: A federated self-learning anomaly de- tection system for iot. In2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pages 756–767, 2019

work page 2019
[17]

Deepfed: Federated deep learning for intrusion detection in industrial cyber–physical systems

Beibei Li, Yuhao Wu, Jiarui Song, Rongxing Lu, Tao Li, and Liang Zhao. Deepfed: Federated deep learning for intrusion detection in industrial cyber–physical systems. IEEE Transactions on Industrial Informatics, 17(8):5615–5624, 2021

work page 2021
[18]

Industrial control system traffic data sets for in- trusion detection research

Thomas Morris and Wei Gao. Industrial control system traffic data sets for in- trusion detection research. In Jonathan Butts and Sujeet Shenoi, editors,Critical Infrastructure Protection VIII,pages65–78,Berlin,Heidelberg,2014.SpringerBerlin Heidelberg

work page 2014
[19]

Parizi, Seyedamin Pouriyeh, Ali De- hghantanha, and Gautam Srivastava

Viraaji Mothukuri, Prachi Khare, Reza M. Parizi, Seyedamin Pouriyeh, Ali De- hghantanha, and Gautam Srivastava. Federated-learning-based anomaly detection for iot security attacks.IEEE Internet of Things Journal, 9(4):2545–2554, 2022

work page 2022
[20]

Denial of service attacks: Detecting the frailties of machine learning algorithms in the classification process

Ivo Frazão, Pedro Henriques Abreu, Tiago Cruz, Hélder Araújo, and Paulo Simões. Denial of service attacks: Detecting the frailties of machine learning algorithms in the classification process. In Eric Luiijf, Inga Žutautait˙ e, and Bernhard M. Hämmerli, editors,Critical Information Infrastructures Security, pages 230–235, Cham, 2019. Springer Internationa...

work page 2019
[21]

Eefed: Personalized federated learning of execution&evaluation dual network for cps intru- sion detection.IEEE Transactions on Information Forensics and Security, 18:41–56, 2023

Xianting Huang, Jing Liu, Yingxu Lai, Beifeng Mao, and Hongshuo Lyu. Eefed: Personalized federated learning of execution&evaluation dual network for cps intru- sion detection.IEEE Transactions on Information Forensics and Security, 18:41–56, 2023. Integration of AI in Cybersecurity: Current Trends in Intrusion Detection 9

work page 2023
[22]

Mathur and Nils Ole Tippenhauer

Aditya P. Mathur and Nils Ole Tippenhauer. Swat: a water treatment testbed for research and training on ics security. In2016 International Workshop on Cyber- physical Systems for Smart Water Networks (CySWater), pages 31–36, 2016

work page 2016
[23]

Chuadhry Mujeeb Ahmed, Venkata Reddy Palleti, and Aditya P. Mathur. Wadi: a water distribution testbed for research in the design of secure cyber physical systems. InProceedings of the 3rd International Workshop on Cyber-Physical Systems for Smart Water Networks, CySWATER ’17, page 25–28, New York, NY, USA, 2017. Association for Computing Machinery

work page 2017
[24]

Mad- gan: Multivariate anomaly detection for time series data with generative adversarial networks

DanLi,DachengChen,BaihongJin,LeiShi,JonathanGoh,andSee-KiongNg. Mad- gan: Multivariate anomaly detection for time series data with generative adversarial networks. In Igor V. Tetko, Věra Kůrková, Pavel Karpov, and Fabian Theis, editors, Artificial Neural Networks and Machine Learning – ICANN 2019: Text and Time Series, pages 703–716, Cham, 2019. Springer ...

work page 2019
[25]

Laisen Nie, Yixuan Wu, Xiaojie Wang, Lei Guo, Guoyin Wang, Xinbo Gao, and Shengtao Li. Intrusion detection for secure social internet of things based on col- laborative edge computing: A generative adversarial network-based approach.IEEE Transactions on Computational Social Systems, 9(1):134–145, 2022

work page 2022
[26]

Ghorbani

Iman Sharafaldin, Arash Habibi Lashkari, Saqib Hakak, and Ali A. Ghorbani. De- veloping realistic distributed denial of service (ddos) attack dataset and taxonomy. In2019 International Carnahan Conference on Security Technology (ICCST), pages 1–8, 2019

work page 2019
[27]

An enhanced ai-based network intrusion detection system using gen- erative adversarial networks.IEEE Internet of Things Journal, 10(3):2330–2345, 2023

Cheolhee Park, Jonghoon Lee, Youngsoo Kim, Jong-Geun Park, Hyunjin Kim, and Dowon Hong. An enhanced ai-based network intrusion detection system using gen- erative adversarial networks.IEEE Internet of Things Journal, 10(3):2330–2345, 2023

work page 2023
[28]

IoT-23: A labeled dataset with malicious and benign IoT network traffic (1.0.0) [Dataset]

Sebastian Garcia, Agustin Parmisano, and Maria Jose Erquiaga. IoT-23: A labeled dataset with malicious and benign IoT network traffic (1.0.0) [Dataset]. Zenodo, https://doi.org/10.5281/zenodo.4743746, January 2020

work page doi:10.5281/zenodo.4743746 2020
[29]

Graph neural network-based anomaly detection in mul- tivariate time series.Proceedings of the AAAI Conference on Artificial Intelligence, 35(5):4027–4035, May 2021

Ailin Deng and Bryan Hooi. Graph neural network-based anomaly detection in mul- tivariate time series.Proceedings of the AAAI Conference on Artificial Intelligence, 35(5):4027–4035, May 2021

work page 2021
[30]

Rtids: A robust transformer- based approach for intrusion detection system.IEEE Access, 10:64375–64387, 2022

Zihan Wu, Hong Zhang, Penghai Wang, and Zhibo Sun. Rtids: A robust transformer- based approach for intrusion detection system.IEEE Access, 10:64375–64387, 2022

work page 2022
[31]

Hidim: A novel framework of network intrusion detection for hierarchical dependency and class imbalance.Computers & Security, 148:104155, 2025

Weidong Zhou, Chunhe Xia, Tianbo Wang, Xiaopeng Liang, Wanshuang Lin, Xiao- jian Li, and Song Zhang. Hidim: A novel framework of network intrusion detection for hierarchical dependency and class imbalance.Computers & Security, 148:104155, 2025

work page 2025
[32]

Intrusion detection in 802.11 networks: Empirical evaluation of threats and a public dataset.IEEE Communications Surveys & Tutorials, 18(1):184–208, 2016

Constantinos Kolias, Georgios Kambourakis, Angelos Stavrou, and Stefanos Gritza- lis. Intrusion detection in 802.11 networks: Empirical evaluation of threats and a public dataset.IEEE Communications Surveys & Tutorials, 18(1):184–208, 2016

work page 2016
[33]

NF-BoT-IoT-v2 [Dataset]

Mohanad Sarhan, Siamak Layeghy, and Marius Portmann. NF-BoT-IoT-v2 [Dataset]. The University of Queensland,https://doi.org/10.48610/ec73920, 2023

work page doi:10.48610/ec73920 2023
[34]

Yakub Kayode Saheed, Adekunle Isaac Omole, and Musa Odunayo Sabit. Ga- madam-iiot: A new lightweight threats detection in the industrial iot via genetic algorithm with attention mechanism and lstm on multivariate time series sensor data.Sensors International, 6:100297, 2025

work page 2025

[1] [1]

Explain- able artificial intelligence in cybersecurity: A survey.IEEE Access, 10:93575–93600, 2022

Nicola Capuano, Giuseppe Fenza, Vincenzo Loia, and Claudio Stanzione. Explain- able artificial intelligence in cybersecurity: A survey.IEEE Access, 10:93575–93600, 2022

work page 2022

[2] [2]

Bimal Ghimire and Danda B. Rawat. Recent advances on federated learning for cybersecurity and cybersecurity for federated learning for internet of things.IEEE Internet of Things Journal, 9(11):8229–8249, 2022

work page 2022

[3] [3]

To- ward an exhaustive review on machine learning for cybersecurity.Procedia Computer Science, 203:583–587, 2022

Hanan Bahassi, Nahid Edddermoug, Abdeljebar Mansour, and Azmi Mohamed. To- ward an exhaustive review on machine learning for cybersecurity.Procedia Computer Science, 203:583–587, 2022

work page 2022

[4] [4]

Feature selection in cybersecurity: A comparative study of machine learning models.Procedia Computer Science, 265:140– 148, 2025

Abderrazak Boumahdi, Mohamed Azmi, Mourad Zegrari, Nahid Eddermoug, Saadeddine Tazili, and Abdelfatah Ettalibi. Feature selection in cybersecurity: A comparative study of machine learning models.Procedia Computer Science, 265:140– 148, 2025

work page 2025

[5] [5]

klm-ppsa v

Nahid Eddermoug, Abdeljebar Mansour, Mohamed Sadik, Essaid Sabir, and Mo- hamed Azmi. klm-ppsa v. 1.1: machine learning-augmented profiling and pre- venting security attacks in cloud environments.Annals of Telecommunications, 78(11):729–755, 2023

work page 2023

[6] [6]

Syst‘eme de reconnaissance et de prévention des attaques

Nahid Eddermoug, Abdeljebar Mansour, Mohamed Sadik, Essaid Sabir, and Mo- hamed Azmi. Syst‘eme de reconnaissance et de prévention des attaques. MA Patent 50274, April 2022

work page 2022

[7] [7]

klm-PPSA Dataset V 1.0 [dataset]

Nahid Eddermoug, Abdeljebar Mansour, Mohamed Sadik, Essaid Sabir, and Mo- hamed Azmi. klm-PPSA Dataset V 1.0 [dataset]. IEEE Dataport,https://dx. doi.org/10.21227/1c13-df06, October 2022. 8 S. Tazili et al

work page doi:10.21227/1c13-df06 2022

[8] [8]

Classification and explanation for intrusion detection system based on ensemble trees and shap method.Sensors, 22(3), 2022

Thi-Thu-Huong Le, Haeyoung Kim, Hyoeun Kang, and Howon Kim. Classification and explanation for intrusion detection system based on ensemble trees and shap method.Sensors, 22(3), 2022

work page 2022

[9] [9]

Imtiaz Ullah and Qusay H. Mahmoud. A scheme for generating a dataset for anoma- lous activity detection in iot networks. In Cyril Goutte and Xiaodan Zhu, editors, Advances in Artificial Intelligence, pages 508–520, Cham, 2020. Springer Interna- tional Publishing

work page 2020

[10] [10]

Sarhan, S

M. Sarhan, S. Layeghy, and M. Portmann. Towards a standard feature set for network intrusion detection system datasets.Mobile Networks and Applications, 27(1):357–370, 2022

work page 2022

[11] [11]

An explainable and resilient intrusion detection system for industry 5.0.IEEE Transactions on Consumer Electronics, 70(1):1342–1350, 2024

Danish Javeed, Tianhan Gao, Prabhat Kumar, and Alireza Jolfaei. An explainable and resilient intrusion detection system for industry 5.0.IEEE Transactions on Consumer Electronics, 70(1):1342–1350, 2024

work page 2024

[12] [12]

Sharafaldin, A

I. Sharafaldin, A. Lashkari, and A. Ghorbani. Toward generating a new intrusion detection dataset and intrusion traffic characterization. InProceedings of the 4th International Conference on Information Systems Security and Privacy - ICISSP, pages 108–116, Lda, 2018. SciTePress

work page 2018

[13] [13]

Explainable artificial intelligence for intrusion detection in iot networks: A deep learning based approach.Expert Systems with Applications, 238:121751, 2024

Bhawana Sharma, Lokesh Sharma, Chhagan Lal, and Satyabrata Roy. Explainable artificial intelligence for intrusion detection in iot networks: A deep learning based approach.Expert Systems with Applications, 238:121751, 2024

work page 2024

[14] [14]

Ghorbani

Mahbod Tavallaee, Ebrahim Bagheri, Wei Lu, and Ali A. Ghorbani. A detailed analysis of the kdd cup 99 data set. In2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pages 1–6, 2009

work page 2009

[15] [15]

Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set)

Nour Moustafa and Jill Slay. Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). In2015 Military Com- munications and Information Systems Conference (MilCIS), pages 1–6, 2015

work page 2015

[16] [16]

Asokan, and Ahmad-Reza Sadeghi

Thien Duc Nguyen, Samuel Marchal, Markus Miettinen, Hossein Fereidooni, N. Asokan, and Ahmad-Reza Sadeghi. Dïot: A federated self-learning anomaly de- tection system for iot. In2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pages 756–767, 2019

work page 2019

[17] [17]

Deepfed: Federated deep learning for intrusion detection in industrial cyber–physical systems

Beibei Li, Yuhao Wu, Jiarui Song, Rongxing Lu, Tao Li, and Liang Zhao. Deepfed: Federated deep learning for intrusion detection in industrial cyber–physical systems. IEEE Transactions on Industrial Informatics, 17(8):5615–5624, 2021

work page 2021

[18] [18]

Industrial control system traffic data sets for in- trusion detection research

Thomas Morris and Wei Gao. Industrial control system traffic data sets for in- trusion detection research. In Jonathan Butts and Sujeet Shenoi, editors,Critical Infrastructure Protection VIII,pages65–78,Berlin,Heidelberg,2014.SpringerBerlin Heidelberg

work page 2014

[19] [19]

Parizi, Seyedamin Pouriyeh, Ali De- hghantanha, and Gautam Srivastava

Viraaji Mothukuri, Prachi Khare, Reza M. Parizi, Seyedamin Pouriyeh, Ali De- hghantanha, and Gautam Srivastava. Federated-learning-based anomaly detection for iot security attacks.IEEE Internet of Things Journal, 9(4):2545–2554, 2022

work page 2022

[20] [20]

Denial of service attacks: Detecting the frailties of machine learning algorithms in the classification process

Ivo Frazão, Pedro Henriques Abreu, Tiago Cruz, Hélder Araújo, and Paulo Simões. Denial of service attacks: Detecting the frailties of machine learning algorithms in the classification process. In Eric Luiijf, Inga Žutautait˙ e, and Bernhard M. Hämmerli, editors,Critical Information Infrastructures Security, pages 230–235, Cham, 2019. Springer Internationa...

work page 2019

[21] [21]

Eefed: Personalized federated learning of execution&evaluation dual network for cps intru- sion detection.IEEE Transactions on Information Forensics and Security, 18:41–56, 2023

Xianting Huang, Jing Liu, Yingxu Lai, Beifeng Mao, and Hongshuo Lyu. Eefed: Personalized federated learning of execution&evaluation dual network for cps intru- sion detection.IEEE Transactions on Information Forensics and Security, 18:41–56, 2023. Integration of AI in Cybersecurity: Current Trends in Intrusion Detection 9

work page 2023

[22] [22]

Mathur and Nils Ole Tippenhauer

Aditya P. Mathur and Nils Ole Tippenhauer. Swat: a water treatment testbed for research and training on ics security. In2016 International Workshop on Cyber- physical Systems for Smart Water Networks (CySWater), pages 31–36, 2016

work page 2016

[23] [23]

Chuadhry Mujeeb Ahmed, Venkata Reddy Palleti, and Aditya P. Mathur. Wadi: a water distribution testbed for research in the design of secure cyber physical systems. InProceedings of the 3rd International Workshop on Cyber-Physical Systems for Smart Water Networks, CySWATER ’17, page 25–28, New York, NY, USA, 2017. Association for Computing Machinery

work page 2017

[24] [24]

Mad- gan: Multivariate anomaly detection for time series data with generative adversarial networks

DanLi,DachengChen,BaihongJin,LeiShi,JonathanGoh,andSee-KiongNg. Mad- gan: Multivariate anomaly detection for time series data with generative adversarial networks. In Igor V. Tetko, Věra Kůrková, Pavel Karpov, and Fabian Theis, editors, Artificial Neural Networks and Machine Learning – ICANN 2019: Text and Time Series, pages 703–716, Cham, 2019. Springer ...

work page 2019

[25] [25]

Laisen Nie, Yixuan Wu, Xiaojie Wang, Lei Guo, Guoyin Wang, Xinbo Gao, and Shengtao Li. Intrusion detection for secure social internet of things based on col- laborative edge computing: A generative adversarial network-based approach.IEEE Transactions on Computational Social Systems, 9(1):134–145, 2022

work page 2022

[26] [26]

Ghorbani

Iman Sharafaldin, Arash Habibi Lashkari, Saqib Hakak, and Ali A. Ghorbani. De- veloping realistic distributed denial of service (ddos) attack dataset and taxonomy. In2019 International Carnahan Conference on Security Technology (ICCST), pages 1–8, 2019

work page 2019

[27] [27]

An enhanced ai-based network intrusion detection system using gen- erative adversarial networks.IEEE Internet of Things Journal, 10(3):2330–2345, 2023

Cheolhee Park, Jonghoon Lee, Youngsoo Kim, Jong-Geun Park, Hyunjin Kim, and Dowon Hong. An enhanced ai-based network intrusion detection system using gen- erative adversarial networks.IEEE Internet of Things Journal, 10(3):2330–2345, 2023

work page 2023

[28] [28]

IoT-23: A labeled dataset with malicious and benign IoT network traffic (1.0.0) [Dataset]

Sebastian Garcia, Agustin Parmisano, and Maria Jose Erquiaga. IoT-23: A labeled dataset with malicious and benign IoT network traffic (1.0.0) [Dataset]. Zenodo, https://doi.org/10.5281/zenodo.4743746, January 2020

work page doi:10.5281/zenodo.4743746 2020

[29] [29]

Graph neural network-based anomaly detection in mul- tivariate time series.Proceedings of the AAAI Conference on Artificial Intelligence, 35(5):4027–4035, May 2021

Ailin Deng and Bryan Hooi. Graph neural network-based anomaly detection in mul- tivariate time series.Proceedings of the AAAI Conference on Artificial Intelligence, 35(5):4027–4035, May 2021

work page 2021

[30] [30]

Rtids: A robust transformer- based approach for intrusion detection system.IEEE Access, 10:64375–64387, 2022

Zihan Wu, Hong Zhang, Penghai Wang, and Zhibo Sun. Rtids: A robust transformer- based approach for intrusion detection system.IEEE Access, 10:64375–64387, 2022

work page 2022

[31] [31]

Hidim: A novel framework of network intrusion detection for hierarchical dependency and class imbalance.Computers & Security, 148:104155, 2025

Weidong Zhou, Chunhe Xia, Tianbo Wang, Xiaopeng Liang, Wanshuang Lin, Xiao- jian Li, and Song Zhang. Hidim: A novel framework of network intrusion detection for hierarchical dependency and class imbalance.Computers & Security, 148:104155, 2025

work page 2025

[32] [32]

Intrusion detection in 802.11 networks: Empirical evaluation of threats and a public dataset.IEEE Communications Surveys & Tutorials, 18(1):184–208, 2016

Constantinos Kolias, Georgios Kambourakis, Angelos Stavrou, and Stefanos Gritza- lis. Intrusion detection in 802.11 networks: Empirical evaluation of threats and a public dataset.IEEE Communications Surveys & Tutorials, 18(1):184–208, 2016

work page 2016

[33] [33]

NF-BoT-IoT-v2 [Dataset]

Mohanad Sarhan, Siamak Layeghy, and Marius Portmann. NF-BoT-IoT-v2 [Dataset]. The University of Queensland,https://doi.org/10.48610/ec73920, 2023

work page doi:10.48610/ec73920 2023

[34] [34]

Yakub Kayode Saheed, Adekunle Isaac Omole, and Musa Odunayo Sabit. Ga- madam-iiot: A new lightweight threats detection in the industrial iot via genetic algorithm with attention mechanism and lstm on multivariate time series sensor data.Sensors International, 6:100297, 2025

work page 2025