A Source Domain is All You Need: Source-Only Cross-OS Transfer Learning for APT Anomaly Detection via Semantic Alignment and Optimal Transport
Pith reviewed 2026-06-27 17:05 UTC · model grok-4.3
The pith
An optimal transport score on language-model embeddings of provenance traces detects APT anomalies in a target OS using only source data and no target labels.
A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.
Core claim
The central claim is that an OT-based barycentric anomaly score, which projects target embeddings onto the source-normal manifold and quantifies residual transport mismatch, together with entropy-weighted, angle-aware, and density-aware OT variants, improves ROC-AUC and nDCG over source-only anomaly-detection baselines across twelve cross-OS transfer pairs on DARPA Transparent Computing data.
What carries the argument
The OT-based barycentric anomaly score that projects target embeddings onto the source-normal manifold and quantifies residual transport mismatch.
If this is right
- The framework improves ROC-AUC and nDCG over source-only baselines across twelve cross-OS transfer pairs on DARPA data.
- It supports detection on Linux, Windows, BSD, and Android in two APT scenarios without target supervision.
- Combining semantic deviation from source prototypes, graph autoencoding, and geometric OT deviation produces better anomaly rankings than any channel alone.
- Entropy-weighted, angle-aware, and density-aware OT variants each address distinct aspects of alignment uncertainty and sparse support.
Where Pith is reading between the lines
- The same semantic-abstraction-plus-OT pipeline could be tested on other cross-domain security tasks where process or event logs can be rendered as text.
- If the cross-OS semantic alignment holds, the approach might reduce reliance on target-domain labels in broader zero-shot anomaly settings beyond APTs.
- Extending the evaluation to additional real-world datasets with different provenance formats would test whether the reported gains generalize past the DARPA traces.
Load-bearing premise
Abstracting process behavior into structured natural-language descriptions and embedding them with pretrained language models preserves sufficient cross-OS semantic alignment for the subsequent optimal transport projection to separate APT anomalies from normal behavior.
What would settle it
If the barycentric OT score and its variants produce no improvement in ROC-AUC or nDCG relative to simpler source-only baselines across the twelve cross-OS pairs on the DARPA Transparent Computing dataset, the central claim would be falsified.
Figures
read the original abstract
Advanced Persistent Threats (APTs) are stealthy, multi-stage cyberattacks whose detection is difficult due to scarce labeled traces, severe class imbalance, and the challenge of generating realistic malicious behavior. These challenges are amplified in cross-operating-system (cross-OS) settings, where a detector trained on one source platform must be deployed on an unlabeled target platform without access to target-domain labels. We study this source-only cross-OS APT detection problem using system-level provenance traces and propose a transport-based framework for ranking anomalous target processes under zero target supervision. The framework abstracts process behavior into structured natural-language descriptions, embeds them using pretrained language models, and constructs a source-normal reference for target scoring. It combines three evidence channels: semantic deviation from source-normal prototypes, structural deviation captured by graph autoencoding, and geometric deviation measured through Optimal Transport (OT). The main contribution is an OT-based barycentric anomaly score that projects target embeddings onto the source-normal manifold and quantifies residual transport mismatch. We further introduce entropy-weighted, angle-aware, and density-aware OT variants to capture uncertainty, directional drift, and sparse-support behavior. Evaluation on DARPA Transparent Computing data spanning Linux, Windows, BSD, and Android, across two APT scenarios and twelve cross-OS transfer pairs, shows that the proposed framework improves ROC-AUC and nDCG over source-only anomaly-detection baselines. The results demonstrate that source-only provenance modeling, combined with semantic abstraction and OT-based anomaly scoring, can support practical cross-platform APT detection without target-domain supervision.
Editorial analysis
A structured set of objections, weighed in public.
Referee Report
Summary. The paper claims a source-only cross-OS APT anomaly detection framework that abstracts provenance traces into structured natural-language descriptions, embeds them with pretrained LMs, builds a source-normal reference manifold, and ranks target anomalies via an OT-based barycentric projection score (with entropy-weighted, angle-aware, and density-aware variants) that measures residual transport mismatch. It reports improved ROC-AUC and nDCG over source-only baselines across twelve cross-OS transfer pairs on DARPA Transparent Computing data spanning Linux/Windows/BSD/Android and two APT scenarios, without any target labels or supervision.
Significance. If the claimed separation holds, the work would be significant for practical zero-shot cross-platform detection in label-scarce security settings, as it combines semantic, graph-autoencoder, and geometric (OT) channels in a transport framework. The introduction of multiple OT variants and the barycentric residual score are technically interesting contributions that could generalize beyond APTs if the embedding alignment assumption is validated.
major comments (2)
- [abstract / method description] The central claim (abstract and §4) that LM embeddings of provenance traces yield a shared latent space enabling reliable OT barycentric projection without target supervision is load-bearing, yet no quantitative verification of cross-OS alignment is provided (e.g., no MMD, CCA, or nearest-neighbor overlap between source and target normal embeddings). Without this, it is impossible to rule out that performance gains arise from LM-induced artifacts rather than behavioral semantics, especially given OS-specific differences in process naming and syscall granularity.
- [evaluation] §4 / evaluation: the reported ROC-AUC and nDCG improvements lack error bars, statistical significance tests, or ablation removing the LM embedding step to test whether raw provenance features would suffice. This makes it difficult to assess whether the OT variants are genuinely contributing or whether the results are sensitive to the specific twelve transfer pairs chosen.
minor comments (2)
- [method] Notation for the barycentric projection and the three OT variants is introduced without explicit equations or pseudocode, reducing reproducibility.
- [evaluation] Baseline details (which source-only anomaly detectors are compared, how they are adapted to cross-OS) are only summarized at a high level.
Simulated Author's Rebuttal
We thank the referee for the constructive and detailed comments. We address each major comment point-by-point below, indicating the revisions we will incorporate.
read point-by-point responses
-
Referee: [abstract / method description] The central claim (abstract and §4) that LM embeddings of provenance traces yield a shared latent space enabling reliable OT barycentric projection without target supervision is load-bearing, yet no quantitative verification of cross-OS alignment is provided (e.g., no MMD, CCA, or nearest-neighbor overlap between source and target normal embeddings). Without this, it is impossible to rule out that performance gains arise from LM-induced artifacts rather than behavioral semantics, especially given OS-specific differences in process naming and syscall granularity.
Authors: We agree that direct quantitative verification of cross-OS embedding alignment would strengthen the central claim. In the revised manuscript we will add MMD distances, CCA correlations, and nearest-neighbor overlap statistics computed on source and target normal embeddings. We will also expand the discussion of the structured natural-language abstraction step to explain how it mitigates OS-specific naming and syscall differences, thereby supporting that observed alignment reflects behavioral semantics. revision: yes
-
Referee: [evaluation] §4 / evaluation: the reported ROC-AUC and nDCG improvements lack error bars, statistical significance tests, or ablation removing the LM embedding step to test whether raw provenance features would suffice. This makes it difficult to assess whether the OT variants are genuinely contributing or whether the results are sensitive to the specific twelve transfer pairs chosen.
Authors: We concur that the evaluation would benefit from error bars, statistical tests, and an explicit ablation of the LM embedding component. In the revision we will report standard deviations over repeated runs, include paired statistical significance tests against baselines, and add an ablation that replaces LM embeddings with raw provenance features. We will also present per-pair results for all twelve transfers together with variance analysis to address sensitivity concerns. revision: yes
Circularity Check
No circularity: OT barycentric score presented as derived projection without reduction to fitted inputs or self-citation chains
full rationale
The provided abstract and description present the core OT-based barycentric anomaly score as a derived quantity obtained by projecting target embeddings onto a source-normal manifold and measuring residual transport mismatch, with additional variants (entropy-weighted, angle-aware, density-aware) introduced as extensions. No equations, self-citations, or parameter-fitting steps are quoted that would reduce any prediction or uniqueness claim to the inputs by construction. The framework is described as combining independent channels (semantic deviation, graph autoencoding, geometric OT deviation) without evidence that any load-bearing step collapses to a fit or prior self-citation. This is the common case of a self-contained derivation against external benchmarks (DARPA data, cross-OS pairs), warranting score 0.
Axiom & Free-Parameter Ledger
Reference graph
Works this paper leans on
-
[1]
Cybersecurity in the ai era: analyzing the im- pact of machine learning on intrusion detection,
H. Dong and I. Kotenko, “Cybersecurity in the ai era: analyzing the im- pact of machine learning on intrusion detection,”Knowledge and Infor- mation Systems, vol. 67, no. 5, pp. 3915–3966, 2025
2025
-
[2]
Expert insights into advanced persistent threats: Analysis, attribution, and challenges,
A. Saha, J. Mattei, J. Blasco, L. Cavallaro, D. V otipka, and M. Lindorfer, “Expert insights into advanced persistent threats: Analysis, attribution, and challenges,” inProceedings of the 34th USENIX Security Symposium (USENIX Sec), 2025
2025
-
[3]
A dynamic provenance graph-based de- tector for advanced persistent threats,
L. Wang, L. Fang, and Y . Hu, “A dynamic provenance graph-based de- tector for advanced persistent threats,”Expert Systems with Applications, vol. 265, p. 125877, 2025
2025
-
[4]
Advanced persistent threat attack detection systems: A review of approaches, challenges, and trends,
R. Buchta, G. Gkoktsis, F. Heine, and C. Kleiner, “Advanced persistent threat attack detection systems: A review of approaches, challenges, and trends,”Digital Threats: Research and Practice, vol. 5, no. 4, pp. 1–37, 2024
2024
-
[5]
Advanced persis- tent threats (apt): evolution, anatomy, attribution and countermeasures,
A. Sharma, B. B. Gupta, A. K. Singh, and V . Saraswat, “Advanced persis- tent threats (apt): evolution, anatomy, attribution and countermeasures,” Journal of Ambient Intelligence and Humanized Computing, pp. 1–27, 2023
2023
-
[6]
A systematic literature review on advanced persistent threat behaviors and its detection strategy,
N. I. Che Mat, N. Jamil, Y . Yusoff, and M. L. Mat Kiah, “A systematic literature review on advanced persistent threat behaviors and its detection strategy,”Journal of Cybersecurity, vol. 10, no. 1, p. tyad023, 2024
2024
-
[7]
A systematic review for apt detection and effective cyber situational awareness conceptual model,
D. T. Salimet al., “A systematic review for apt detection and effective cyber situational awareness conceptual model,”Heliyon, vol. 9, no. 7, p. 17156, 2023
2023
-
[8]
A review on the static and dynamic risk assessment methods for ot cyberse- curity in industry 4.0,
N. H. Ghoson, V . Meyrueis, K. Benfriha, T. Guiltat, and S. Loubere, “A review on the static and dynamic risk assessment methods for ot cyberse- curity in industry 4.0,”Computers&Security, vol. 150, p. 104295, 2025
2025
-
[9]
A data anonymization methodology for security operations centers: Balancing data protection and security in industrial systems,
G. Longo, F. Lupia, A. Merlo, F. Pagano, and E. Russo, “A data anonymization methodology for security operations centers: Balancing data protection and security in industrial systems,”Information Sciences, vol. 690, p. 121534, 2025
2025
-
[10]
Flash: A comprehen- sive approach to intrusion detection via provenance graph representa- tion learning,
M. Ur Rehman, H. Ahmadi, and W. Ul Hassan, “Flash: A comprehen- sive approach to intrusion detection via provenance graph representa- tion learning,” in2024 IEEE Symposium on Security and Privacy (SP), pp. 3552–3570, 2024
2024
-
[11]
Ranking-enhanced anomaly detection using active learning-assisted attention adversarial dual autoencoder,
S. Benabderrahmane, J. Cheney, and T. Rahwan, “Ranking-enhanced anomaly detection using active learning-assisted attention adversarial dual autoencoder,”Scientific Reports, vol. 15, 2025
2025
-
[12]
Advanced persistent threats,
A. Singhal and P. Liu, “Advanced persistent threats,” inEncyclopedia of Cryptography, Security and Privacy, pp. 34–36, Springer, 2025
2025
-
[13]
Hack me if you can: Aggregating autoencoders for countering persistent access threats within highly imbalanced data,
S. Benabderrahmane, N. Hoang, P. Valtchev, J. Cheney, and T. Rahwan, “Hack me if you can: Aggregating autoencoders for countering persistent access threats within highly imbalanced data,”Future Gener. Comput. Syst., vol. 160, pp. 926–941, 2024
2024
-
[14]
Optimization of intrusion detection with deep learning: A study based on the kdd cup 99 database.,
A. M. Amine, “Optimization of intrusion detection with deep learning: A study based on the kdd cup 99 database.,”International Journal of Safety &Security Engineering, vol. 14, no. 4, 2024
2024
-
[15]
Apt-attack detection based on multi-stage autoencoders,
H. Neuschmied, M. Winter, B. Stojanovi ´c, K. Hofer-Schmitz, J. Bo ˇzi´c, and U. Kleb, “Apt-attack detection based on multi-stage autoencoders,” Applied Sciences, vol. 12, no. 13, 2022
2022
-
[16]
A novel ai-based methodology for identifying cyber attacks in honey pots,
M. AbuOdeh, C. Adkins, O. Setayeshfar, P. Doshi, and K. H. Lee, “A novel ai-based methodology for identifying cyber attacks in honey pots,” inProceedings of the AAAI Conference on Artificial Intelligence, vol. 35, pp. 15224–15231, 2021
2021
-
[17]
Network anomaly detec- tion using memory-augmented deep autoencoder,
B. Min, J. Yoo, S. Kim, D. Shin, and D. Shin, “Network anomaly detec- tion using memory-augmented deep autoencoder,”IEEE Access, vol. 9, pp. 104695–104706, 2021
2021
-
[18]
Casie: Extracting cybersecurity event information from text,
T. Satyapanich, F. Ferraro, and T. Finin, “Casie: Extracting cybersecurity event information from text,” inProceedings of the AAAI conference on artificial intelligence, vol. 34, pp. 8749–8757, 2020
2020
-
[19]
A rule mining-based advanced persistent threats detection system,
S. Benabderrahmane, G. Berrada, J. Cheney, and P. Valtchev, “A rule mining-based advanced persistent threats detection system,” inProceed- ings of the Thirtieth International Joint Conference on Artificial Intelli- gence, IJCAI 2021, Montreal, Canada, 19-27 August 2021(Z. Zhou, ed.), pp. 3589–3596, ijcai.org, 2021
2021
-
[20]
Unsupervised anomaly detection approach for cyberattack identifica- tion,
L. Segurola, M. Moreno-Moreno, I. Irigoien, and A. M. Florez-Tapia, “Unsupervised anomaly detection approach for cyberattack identifica- tion,”International Journal of Machine Learning and Cybernetics, vol. 15, no. 11, pp. 5291–5302, 2024
2024
-
[21]
A baseline for unsupervised advanced persistent threat detection in system-level provenance,
G. Berradaet al., “A baseline for unsupervised advanced persistent threat detection in system-level provenance,”Future Gener. Comput. Syst., vol. 108, pp. 401–413, 2020
2020
-
[22]
From one attack domain to an- other: Contrastive transfer learning with siamese networks for APT de- tection,
S. Benabderrahmane and T. Rahwan, “From one attack domain to an- other: Contrastive transfer learning with siamese networks for APT de- tection,”Knowl. Based Syst., vol. 332, p. 114877, 2025
2025
-
[23]
Transfer learn- ing for security: Challenges and future directions,
A. S. Li, A. Iyengar, A. Kundu, and E. Bertino, “Transfer learn- ing for security: Challenges and future directions,”arXiv preprint arXiv:2403.00935, 2024
-
[24]
Cross-domain fault diagnosis of rotating machinery under time-varying rotational speed and asymmet- ric domain label condition,
S. Liu, J. Huang, P. Han, Z. Fan, and J. Ma, “Cross-domain fault diagnosis of rotating machinery under time-varying rotational speed and asymmet- ric domain label condition,” vol. 25, p. 2818, MDPI, 2025
2025
-
[25]
Imagenet classification with deep convolutional neural networks,
A. Krizhevsky, I. Sutskever, and G. E. Hinton, “Imagenet classification with deep convolutional neural networks,” inAdvances in Neural Infor- mation Processing Systems, vol. 25, pp. 1097–1105, 2012
2012
-
[26]
Xda: Cross domain learning for at- tack attribution,
K. Pei, Y . Li, Y . Yao, and B. Li, “Xda: Cross domain learning for at- tack attribution,” inProceedings of the 29th USENIX Security Symposium (USENIX Security), pp. 1061–1078, USENIX Association, 2020
2020
-
[27]
Back- door attacks against transfer learning with pre-trained deep learning mod- els,
S. Wang, S. Nepal, C. Rudolph, M. Grobler, S. Chen, and T. Chen, “Back- door attacks against transfer learning with pre-trained deep learning mod- els,” vol. 15, pp. 1526–1539, IEEE, 2020
2020
-
[28]
A diffusion model based on network intrusion detection method for industrial cyber-physical sys- tems,
B. Tang, Y . Lu, Q. Li, Y . Bai, J. Yu, and X. Yu, “A diffusion model based on network intrusion detection method for industrial cyber-physical sys- tems,” vol. 23, p. 1141, MDPI, 2023
2023
-
[29]
Bert: Pre-training of deep bidirectional transformers for language understanding,
J. Devlin, M.-W. Chang, K. Lee, and K. Toutanova, “Bert: Pre-training of deep bidirectional transformers for language understanding,” pp. 4171– 4186, 2019
2019
-
[30]
RoBERTa: A Robustly Optimized BERT Pretraining Approach
Y . Liu, M. Ott, N. Goyal, J. Du, M. Joshi, D. Chen, O. Levy, M. Lewis, L. Zettlemoyer, and V . Stoyanov, “Roberta: A robustly optimized bert pretraining approach,”arXiv preprint arXiv:1907.11692, 2019
work page internal anchor Pith review Pith/arXiv arXiv 1907
-
[31]
DistilBERT, a distilled version of BERT: smaller, faster, cheaper and lighter
V . Sanh, L. Debut, J. Chaumond, and T. Wolf, “Distilbert, a distilled version of bert: smaller, faster, cheaper and lighter,”arXiv preprint arXiv:1910.01108, 2019
work page internal anchor Pith review Pith/arXiv arXiv 1910
-
[32]
Minilm: Deep self-attention distillation for task-agnostic compression of pre- trained transformers,
W. Wang, F. Wei, L. Dong, H. Bao, N. Yang, and M. Zhou, “Minilm: Deep self-attention distillation for task-agnostic compression of pre- trained transformers,” inNeurIPS, 2020
2020
-
[33]
Semi-supervised classification with graph convolutional networks,
T. N. Kipf and M. Welling, “Semi-supervised classification with graph convolutional networks,” inProceedings of the International Conference on Learning Representations (ICLR), 2016
2016
-
[34]
Variational graph auto-encoders,
T. N. Kipf and M. Welling, “Variational graph auto-encoders,” 2016
2016
-
[35]
Sinkhorn distances: Lightspeed computation of optimal transport,
M. Cuturi, “Sinkhorn distances: Lightspeed computation of optimal transport,”Advances in neural information processing systems, vol. 26, 2013
2013
-
[36]
Computational optimal transport: With appli- cations to data science,
G. Peyr ´e, M. Cuturi,et al., “Computational optimal transport: With appli- cations to data science,”Foundations and Trends®in Machine Learning, vol. 11, no. 5-6, pp. 355–607, 2019
2019
-
[37]
A joint reconstruction-triplet loss autoencoder approach to- wards unseen attack detection in iov networks,
J. Boone, “A joint reconstruction-triplet loss autoencoder approach to- wards unseen attack detection in iov networks,”IEEE Internet of Things Journal, 2025
2025
-
[38]
A novel semi-supervised deep transfer learning method with improved extended isolation forest for bearing fault diagnosis,
S. Xue, B. Li, Y . Yang, S. Zhu, and Y . Yao, “A novel semi-supervised deep transfer learning method with improved extended isolation forest for bearing fault diagnosis,”IEEE Transactions on Instrumentation and Measurement, 2025
2025
-
[39]
k- nn as a simple and effective estimator of transferability,
M. Sorkhei, C. Matsoukas, J. F. Haslum, E. Konuk, and K. Smith, “k- nn as a simple and effective estimator of transferability,”arXiv preprint arXiv:2503.18528, 2025
-
[40]
Transfer learning for anomaly detection through localized and unsupervised instance selection,
V . Vincent, “Transfer learning for anomaly detection through localized and unsupervised instance selection,” inProceedings of the AAAI Confer- ence on Artificial Intelligence, vol. 34, pp. 6054–6061, 2020
2020
-
[41]
Cumulated gain-based evaluation of ir techniques,
K. J ¨arvelin and J. Kek ¨al¨ainen, “Cumulated gain-based evaluation of ir techniques,”ACM Transactions on Information Systems (TOIS), vol. 20, no. 4, pp. 422–446, 2002
2002
-
[42]
Breaking the top-k barrier: Advancing top-k ranking metrics optimization in recommender systems,
W. Yang, J. Chen, S. Zhang, P. Wu, Y . Sun, Y . Feng, C. Chen, and C. Wang, “Breaking the top-k barrier: Advancing top-k ranking metrics optimization in recommender systems,” inProceedings of the 31st ACM SIGKDD Conference, pp. 3542–3552, 2025. 18
2025
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.