{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,18]],"date-time":"2026-06-18T21:53:38Z","timestamp":1781819618723,"version":"3.54.5"},"reference-count":36,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T00:00:00Z","timestamp":1782864000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T00:00:00Z","timestamp":1782864000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,4,18]],"date-time":"2026-04-18T00:00:00Z","timestamp":1776470400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by-nc\/4.0\/"}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Array"],"published-print":{"date-parts":[[2026,7]]},"DOI":"10.1016\/j.array.2026.100843","type":"journal-article","created":{"date-parts":[[2026,5,22]],"date-time":"2026-05-22T06:00:10Z","timestamp":1779429610000},"page":"100843","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["Towards adaptive and continuous offensive security: A comprehensive survey of AI driven threat validation techniques"],"prefix":"10.1016","volume":"30","author":[{"given":"Varin","family":"Khera","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Reshma","family":"Sunil","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Parita","family":"Mer","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Nattakorn","family":"Kointarangkul","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2322-7780","authenticated-orcid":false,"given":"Anjali","family":"Diwan","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"78","reference":[{"issue":"12","key":"10.1016\/j.array.2026.100843_b1","doi-asserted-by":"crossref","first-page":"21816","DOI":"10.1109\/JIOT.2024.3376635","article-title":"Advancing malware detection in network traffic with self-paced class incremental learning","volume":"11","author":"Xu","year":"2024","journal-title":"IEEE Internet Things J"},{"key":"10.1016\/j.array.2026.100843_b2","series-title":"Security degradation in iterative AI code generation \u2013 A systematic analysis of the paradox","author":"Shukla","year":"2025"},{"issue":"6","key":"10.1016\/j.array.2026.100843_b3","doi-asserted-by":"crossref","first-page":"4267","DOI":"10.1109\/TSC.2024.3422870","article-title":"Secaas-based partially observable defense model for iIoT against advanced persistent threats","volume":"17","author":"Zhang","year":"2024","journal-title":"IEEE Trans Serv Comput"},{"key":"10.1016\/j.array.2026.100843_b4","doi-asserted-by":"crossref","first-page":"803","DOI":"10.1007\/s12243-024-01018-4","article-title":"Mirage: Cyber deception against autonomous cyber attacks in emulation and simulation","volume":"79","author":"Kouremetis","year":"2024","journal-title":"Ann Telecommun"},{"issue":"16","key":"10.1016\/j.array.2026.100843_b5","doi-asserted-by":"crossref","DOI":"10.1007\/s10489-025-06908-1","article-title":"Collaborative penetration testing suite for emerging generative AI algorithms","volume":"55","author":"Radanliev","year":"2025","journal-title":"Appl Intell"},{"key":"10.1016\/j.array.2026.100843_b6","series-title":"2020 IEEE international symposium on intelligence and security informatics","first-page":"1","article-title":"Automated adversary emulation for cyber-physical systems via reinforcement learning","author":"Bhattacharya","year":"2020"},{"key":"10.1016\/j.array.2026.100843_b7","series-title":"Cryptology and network security","isbn-type":"print","doi-asserted-by":"crossref","first-page":"631","DOI":"10.1007\/978-981-95-4434-9_32","article-title":"Few-shot retrieval-augmented LLMs for anomaly detection in network traffic","author":"Rustam","year":"2026","ISBN":"https:\/\/id.crossref.org\/isbn\/9789819544349"},{"key":"10.1016\/j.array.2026.100843_b8","doi-asserted-by":"crossref","first-page":"173127","DOI":"10.1109\/ACCESS.2024.3493957","article-title":"AI enabled threat detection: Leveraging artificial intelligence for advanced security and cyber threat mitigation","volume":"12","author":"Dhanushkodi","year":"2024","journal-title":"IEEE Access"},{"key":"10.1016\/j.array.2026.100843_b9","doi-asserted-by":"crossref","first-page":"140","DOI":"10.1016\/j.procs.2025.03.315","article-title":"Advanced AI-powered intrusion detection systems in cybersecurity protocols for network protection","volume":"259","author":"Rai","year":"2025","journal-title":"Procedia Comput Sci","ISSN":"https:\/\/id.crossref.org\/issn\/1877-0509","issn-type":"print"},{"key":"10.1016\/j.array.2026.100843_b10","doi-asserted-by":"crossref","first-page":"139","DOI":"10.12688\/openreseurope.20268.2","article-title":"Combating advanced persistent threats through artificial intelligence: An algorithmic approach","volume":"5","author":"Brand\u00e3o","year":"2025","journal-title":"Open Res Eur"},{"key":"10.1016\/j.array.2026.100843_b11","doi-asserted-by":"crossref","first-page":"4055","DOI":"10.1109\/TIFS.2025.3558600","article-title":"Adaptive security response strategies through conjectural online learning","volume":"20","author":"Hammar","year":"2025","journal-title":"IEEE Trans Inf Forensics Secur"},{"issue":"6","key":"10.1016\/j.array.2026.100843_b12","first-page":"1","article-title":"AI-powered suspicious activity monitoring and detection system using CNN architecture","volume":"5","author":"Adusumalli","year":"2025","journal-title":"South East Eur J Public Health"},{"key":"10.1016\/j.array.2026.100843_b13","article-title":"Generative AI for pentesting: the good, the bad, the ugly","volume":"129","author":"Hilario","year":"2024","journal-title":"Comput Secur"},{"issue":"2","key":"10.1016\/j.array.2026.100843_b14","first-page":"757","article-title":"Explainable intelligence-driven defense mechanism against advanced persistent threats: A joint edge game and AI approach","volume":"19","author":"Li","year":"2022","journal-title":"IEEE Trans Dependable Secur Comput"},{"key":"10.1016\/j.array.2026.100843_b15","doi-asserted-by":"crossref","first-page":"154383","DOI":"10.1109\/ACCESS.2025.3603975","article-title":"Design and computational modeling of an AI-based automated cybersecurity incident response system","volume":"13","author":"Zhang","year":"2025","journal-title":"IEEE Access"},{"key":"10.1016\/j.array.2026.100843_b16","doi-asserted-by":"crossref","first-page":"623","DOI":"10.1109\/TMLCN.2025.3564912","article-title":"AI-powered system for an efficient and effective cyber incidents detection and response in cloud environments","volume":"3","author":"Farzaan","year":"2025","journal-title":"IEEE Trans Mach Learn Commun Netw"},{"key":"10.1016\/j.array.2026.100843_b17","doi-asserted-by":"crossref","DOI":"10.1007\/s10207-024-00860-w","article-title":"Integrating AI-driven threat intelligence and forecasting in the cyber security exercise content generation lifecycle","author":"Zacharis","year":"2024","journal-title":"Int J Inf Secur"},{"key":"10.1016\/j.array.2026.100843_b18","doi-asserted-by":"crossref","first-page":"126023","DOI":"10.1109\/ACCESS.2021.3104260","article-title":"Offensive security: Towards proactive threat hunting via adversary emulation","volume":"9","author":"Ajmal","year":"2021","journal-title":"IEEE Access"},{"key":"10.1016\/j.array.2026.100843_b19","doi-asserted-by":"crossref","first-page":"157924","DOI":"10.1109\/ACCESS.2024.3486983","article-title":"Adaptive security framework for the internet of things: Improving threat detection and energy optimization in distributed environments","volume":"12","author":"Villegas-Ch","year":"2024","journal-title":"IEEE Access"},{"issue":"8","key":"10.1016\/j.array.2026.100843_b20","doi-asserted-by":"crossref","first-page":"9653","DOI":"10.1109\/JIOT.2024.3503057","article-title":"IDU-detector: A synergistic framework for robust masquerader attack detection","volume":"12","author":"Huang","year":"2025","journal-title":"IEEE Internet Things J"},{"key":"10.1016\/j.array.2026.100843_b21","doi-asserted-by":"crossref","first-page":"80930","DOI":"10.1109\/ACCESS.2024.3410111","article-title":"SUTMS: Designing a unified threat management system for home networks","volume":"12","author":"Siddiqui","year":"2024","journal-title":"IEEE Access"},{"key":"10.1016\/j.array.2026.100843_b22","doi-asserted-by":"crossref","first-page":"12502","DOI":"10.1109\/ACCESS.2025.3530902","article-title":"Machine learning-based detection of anomalies, intrusions, and threats in industrial control systems","volume":"13","author":"Benka","year":"2025","journal-title":"IEEE Access"},{"key":"10.1016\/j.array.2026.100843_b23","doi-asserted-by":"crossref","first-page":"20259","DOI":"10.1109\/ACCESS.2022.3152574","article-title":"Performance evaluation of open-source endpoint detection and response combining google rapid response and osquery for threat detection","volume":"10","author":"Park","year":"2022","journal-title":"IEEE Access"},{"issue":"2","key":"10.1016\/j.array.2026.100843_b24","doi-asserted-by":"crossref","first-page":"66","DOI":"10.1109\/LOCS.2020.2998185","article-title":"Web-APT-detect: A framework for web-based advanced persistent threat detection using self-translation machine with attention","volume":"3","author":"Yan","year":"2020","journal-title":"IEEE Lett Comput Soc"},{"key":"10.1016\/j.array.2026.100843_b25","doi-asserted-by":"crossref","first-page":"150199","DOI":"10.1109\/ACCESS.2025.3602681","article-title":"A multi-agent system for cybersecurity threat detection and correlation using Large Language Models","volume":"13","author":"Hmimou","year":"2025","journal-title":"IEEE Access"},{"issue":"2","key":"10.1016\/j.array.2026.100843_b26","doi-asserted-by":"crossref","first-page":"1654","DOI":"10.1109\/TSG.2024.3474039","article-title":"Spatio-temporal advanced persistent threat detection and correlation for cyber-physical power systems using enhanced GC-LSTM","volume":"16","author":"Presekal","year":"2025","journal-title":"IEEE Trans Smart Grid"},{"key":"10.1016\/j.array.2026.100843_b27","doi-asserted-by":"crossref","first-page":"34820","DOI":"10.1109\/ACCESS.2024.3373694","article-title":"Enhancing insider threat detection in imbalanced cybersecurity settings using the density-based local outlier factor algorithm","volume":"12","author":"Al-Shehari","year":"2024","journal-title":"IEEE Access"},{"issue":"2","key":"10.1016\/j.array.2026.100843_b28","doi-asserted-by":"crossref","first-page":"774","DOI":"10.1109\/TNSE.2024.3519155","article-title":"SENTINEL: Insider threat detection based on multi-timescale user behavior interaction graph learning","volume":"12","author":"Xiao","year":"2025","journal-title":"IEEE Trans Netw Sci Eng"},{"issue":"11","key":"10.1016\/j.array.2026.100843_b29","doi-asserted-by":"crossref","first-page":"8351","DOI":"10.1109\/TII.2025.3574417","article-title":"DDCC: Synergizing denoising diffusion probabilistic models and curriculum-based complexity control for insider threat detection","volume":"21","author":"Dong","year":"2025","journal-title":"IEEE Trans Ind Inform"},{"key":"10.1016\/j.array.2026.100843_b30","doi-asserted-by":"crossref","first-page":"605","DOI":"10.1109\/TMLCN.2025.3564587","article-title":"Evolving ML-based intrusion detection: Cyber threat intelligence for dynamic model updates","volume":"3","author":"Lin","year":"2025","journal-title":"IEEE Trans Mach Learn Commun Netw"},{"issue":"6","key":"10.1016\/j.array.2026.100843_b31","first-page":"973","article-title":"A multimodal threat detection algorithm for wide area network security based on support vector machines","volume":"24","author":"Yuan","year":"2025","journal-title":"J Web Eng"},{"issue":"2","key":"10.1016\/j.array.2026.100843_b32","doi-asserted-by":"crossref","first-page":"4744","DOI":"10.1109\/TCE.2025.3565011","article-title":"Real-time cyber threat detection in smart cities using artificial intelligence","volume":"71","author":"Wang","year":"2025","journal-title":"IEEE Trans Consum Electron"},{"key":"10.1016\/j.array.2026.100843_b33","doi-asserted-by":"crossref","first-page":"21665","DOI":"10.1109\/ACCESS.2025.3536011","article-title":"Cyber threat inference focused on threat class sequence with threat class sequence system","volume":"13","author":"Kim","year":"2025","journal-title":"IEEE Access"},{"issue":"7","key":"10.1016\/j.array.2026.100843_b34","doi-asserted-by":"crossref","first-page":"12565","DOI":"10.1109\/TNNLS.2024.3449573","article-title":"Anomaly detection in hyperspectral images using adaptive graph frequency location","volume":"36","author":"Tu","year":"2025","journal-title":"IEEE Trans Neural Networks Learn Syst"},{"key":"10.1016\/j.array.2026.100843_b35","series-title":"Artificial intelligence risk management framework (AI RMF 1.0)","author":"Tabassi","year":"2023"},{"key":"10.1016\/j.array.2026.100843_b36","series-title":"Assurance and security for AI-enabled systems 2025","first-page":"134760B","article-title":"Offensive security for AI systems: concepts, practices, and applications","volume":"vol. 13476","author":"Harguess","year":"2025"}],"container-title":["Array"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S2590005626001669?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S2590005626001669?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,6,18]],"date-time":"2026-06-18T21:05:28Z","timestamp":1781816728000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S2590005626001669"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,7]]},"references-count":36,"alternative-id":["S2590005626001669"],"URL":"https:\/\/doi.org\/10.1016\/j.array.2026.100843","relation":{},"ISSN":["2590-0056"],"issn-type":[{"value":"2590-0056","type":"print"}],"subject":[],"published":{"date-parts":[[2026,7]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Towards adaptive and continuous offensive security: A comprehensive survey of AI driven threat validation techniques","name":"articletitle","label":"Article Title"},{"value":"Array","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.array.2026.100843","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 The Author(s). Published by Elsevier Inc.","name":"copyright","label":"Copyright"}],"article-number":"100843"}}