{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,20]],"date-time":"2026-03-20T15:43:48Z","timestamp":1774021428080,"version":"3.50.1"},"reference-count":90,"publisher":"Association for Computing Machinery (ACM)","issue":"1","funder":[{"DOI":"10.13039\/501100014188","name":"MSIT","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100014188","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100008122","name":"ITRC","doi-asserted-by":"crossref","award":["IITP-2025-RS-2023-00259099"],"award-info":[{"award-number":["IITP-2025-RS-2023-00259099"]}],"id":[{"id":"10.13039\/501100008122","id-type":"DOI","asserted-by":"crossref"}]},{"name":"IITP"},{"name":"NRF"},{"name":"Korea government","award":["RS-2023-00240211"],"award-info":[{"award-number":["RS-2023-00240211"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2026,2,28]]},"abstract":"<jats:p>Intrusion Detection Systems (IDS) play a vital role in network security, yet signature-based methods are limited by high false positive rates (FPR) and inability to detect novel threats. Recent AI-based approaches offer improved adaptability, but most rely on flow-level or statistical features, constraining their ability to analyze sophisticated payload-based attacks. To address these challenges, we present a dual-path IDS framework: Xavier-CMAE, a lightweight model using Hex2Int tokenization and Xavier initialization, achieves 99.9718% accuracy and a 0.0182% FPR without pre-training; and LLM-CMAE, which leverages pre-trained LLM tokenizers for enhanced detection, achieves 99.9696% accuracy and a 0.0194% FPR at higher computational cost. Experimental results on the CIC-IDS2017 dataset reveal a distinct trade-off between efficiency and Contextually Adept and Scalable (CAS) power, indicating that a modular approach may enable both real-time scalability and in-depth threat analysis. This work advances AI-powered intrusion detection by (1) introducing a modular, payload-centric dual-path architecture that combines lightweight and CAS detection for adaptive, layered security; (2) demonstrating that Xavier-CMAE achieves real-time scalability and state-of-the-art accuracy without embedding pre-training; and (3) exploring the effectiveness and future potential of integrating pre-trained LLM tokenizers for nuanced, selective threat analysis and robust IDS design.<\/jats:p>","DOI":"10.1145\/3769682","type":"journal-article","created":{"date-parts":[[2025,9,27]],"date-time":"2025-09-27T11:14:36Z","timestamp":1758971676000},"page":"1-30","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Payload-Aware Intrusion Detection with CMAE and Large Language Models"],"prefix":"10.1145","volume":"29","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-6687-9845","authenticated-orcid":false,"given":"Yong Cheol","family":"Kim","sequence":"first","affiliation":[{"name":"Neouly","place":["Mapo-gu, Korea (the Republic of)"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8838-6128","authenticated-orcid":false,"given":"ChanJae","family":"Lee","sequence":"additional","affiliation":[{"name":"Artificial Intelligencet\/Big Data, Hongik University","place":["Mapo-gu, Korea (the Republic of)"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5249-2823","authenticated-orcid":false,"given":"Young","family":"Yoon","sequence":"additional","affiliation":[{"name":"Computer Engineering, Hongik University","place":["Mapo-gu, Korea (the Republic of)"]}]}],"member":"320","published-online":{"date-parts":[[2025,11,29]]},"reference":[{"key":"e_1_3_3_2_2","volume-title":"Largest U.S. Pipeline Shuts Down Operations After Ransomware Attack","author":"Abrams Lawrence","year":"2021","unstructured":"Lawrence Abrams. 2021. Largest U.S. Pipeline Shuts Down Operations After Ransomware Attack. BleepingComputer. Retrieved from https:\/\/www.bleepingcomputer.com\/news\/security\/largest-us-pipeline-shuts-down-operations-after-ransomware-attack\/"},{"key":"e_1_3_3_3_2","doi-asserted-by":"crossref","first-page":"102748","DOI":"10.1016\/j.cose.2022.102748","article-title":"A new DDoS attacks intrusion detection model based on deep learning for cybersecurity","volume":"118","author":"Akgun Devrim","year":"2022","unstructured":"Devrim Akgun, Selman Hizal, and Unal Cavusoglu. 2022. A new DDoS attacks intrusion detection model based on deep learning for cybersecurity. Computers & Security 118 (2022), 102748.","journal-title":"Computers & Security"},{"key":"e_1_3_3_4_2","unstructured":"Swathy Akshaya et\u00a0al. 2019. A study on zero-day attacks."},{"issue":"2","key":"e_1_3_3_5_2","doi-asserted-by":"crossref","first-page":"2279","DOI":"10.32604\/iasc.2023.037673","article-title":"Intrusion detection in the Internet of Things using fusion of GRU-LSTM deep learning model","volume":"37","author":"Al-kahtani Mohammad S","year":"2023","unstructured":"Mohammad S Al-kahtani, Zahid Mehmood, Tariq Sadad, Islam Zada, Gauhar Ali, and Mohammed ElAffendi. 2023. Intrusion detection in the Internet of Things using fusion of GRU-LSTM deep learning model. Intelligent Automation & Soft Computing 37, 2 (2023), 2279\u20132290.","journal-title":"Intelligent Automation & Soft Computing"},{"key":"e_1_3_3_6_2","first-page":"1","volume-title":"Proceedings of the 2020 International Congress on Human-Computer Interaction, Optimization and Robotic Applications (HORA)","author":"Alabadi Montdher","year":"2020","unstructured":"Montdher Alabadi and Yuksel Celik. 2020. Anomaly detection for cyber-security based on convolution neural network: A survey. In Proceedings of the 2020 International Congress on Human-Computer Interaction, Optimization and Robotic Applications (HORA). IEEE, Ankara, Turkey, 1\u201314."},{"key":"e_1_3_3_7_2","volume-title":"Next-generation Intrusion Detection Systems with LLMs: Real-time Anomaly Detection, Explainable AI, and Adaptive Data Generation","author":"Ali Tarek","year":"2024","unstructured":"Tarek Ali. 2024. Next-generation Intrusion Detection Systems with LLMs: Real-time Anomaly Detection, Explainable AI, and Adaptive Data Generation. Master\u2019s thesis. T. Ali."},{"key":"e_1_3_3_8_2","doi-asserted-by":"crossref","first-page":"277","DOI":"10.1007\/978-3-030-24907-6_21","volume-title":"Proceedings of the Security, Privacy, and Anonymity in Computation, Communication, and Storage: 12th International Conference, SpaCCS 2019, Atlanta, GA, USA, July 14\u201317, 2019, Proceedings 12","author":"Alrowaily Mohammed","year":"2019","unstructured":"Mohammed Alrowaily, Freeh Alenezi, and Zhuo Lu. 2019. Effectiveness of machine learning based intrusion detection systems. In Proceedings of the Security, Privacy, and Anonymity in Computation, Communication, and Storage: 12th International Conference, SpaCCS 2019, Atlanta, GA, USA, July 14\u201317, 2019, Proceedings 12. Springer, Cham, 277\u2013288."},{"issue":"4","key":"e_1_3_3_9_2","first-page":"281","article-title":"A multi-layer machine learning-based intrusion detection system for wireless sensor networks","volume":"12","author":"Alruhaily Nada M","year":"2021","unstructured":"Nada M Alruhaily and Dina M Ibrahim. 2021. A multi-layer machine learning-based intrusion detection system for wireless sensor networks. International Journal of Advanced Computer Science and Applications 12, 4 (2021), 281\u2013288.","journal-title":"International Journal of Advanced Computer Science and Applications"},{"issue":"9","key":"e_1_3_3_10_2","first-page":"81","article-title":"The impact and limitations of artificial intelligence in cybersecurity: A literature review","volume":"11","author":"Ansari Meraj Farheen","year":"2022","unstructured":"Meraj Farheen Ansari, Bibhu Dash, Pawankumar Sharma, and Nikhitha Yathiraju. 2022. The impact and limitations of artificial intelligence in cybersecurity: A literature review. International Journal of Advanced Research in Computer and Communication Engineering 11, 9 (2022), 81\u201390.","journal-title":"International Journal of Advanced Research in Computer and Communication Engineering"},{"key":"e_1_3_3_11_2","doi-asserted-by":"crossref","first-page":"235","DOI":"10.1016\/j.future.2021.09.040","article-title":"GRU-based deep learning approach for network intrusion alert prediction","volume":"128","author":"Ansari Mohammad Samar","year":"2022","unstructured":"Mohammad Samar Ansari, V\u00e1clav Barto\u0161, and Brian Lee. 2022. GRU-based deep learning approach for network intrusion alert prediction. Future Generation Computer Systems 128 (2022), 235\u2013247.","journal-title":"Future Generation Computer Systems"},{"issue":"10","key":"e_1_3_3_12_2","doi-asserted-by":"crossref","first-page":"4170","DOI":"10.3390\/app14104170","article-title":"Xai-ids: Toward proposing an explainable artificial intelligence framework for enhancing network intrusion detection systems","volume":"14","author":"Arreche Osvaldo","year":"2024","unstructured":"Osvaldo Arreche, Tanish Guntur, and Mustafa Abdallah. 2024. Xai-ids: Toward proposing an explainable artificial intelligence framework for enhancing network intrusion detection systems. Applied Sciences 14, 10 (2024), 4170.","journal-title":"Applied Sciences"},{"issue":"7","key":"e_1_3_3_13_2","doi-asserted-by":"crossref","first-page":"9587","DOI":"10.1007\/s10586-024-04355-0","article-title":"Design tactics for tailoring transformer architectures to cybersecurity challenges","volume":"27","author":"Avci Cigdem","year":"2024","unstructured":"Cigdem Avci, Bedir Tekinerdogan, and Cagatay Catal. 2024. Design tactics for tailoring transformer architectures to cybersecurity challenges. Cluster Computing 27, 7 (2024), 9587\u20139613.","journal-title":"Cluster Computing"},{"key":"e_1_3_3_14_2","unstructured":"Jimmy Lei Ba Jamie Ryan Kiros and Geoffrey E Hinton. 2016. Layer normalization. arXiv:1607.06450. Retrieved from https:\/\/arxiv.org\/abs\/1607.06450"},{"issue":"9","key":"e_1_3_3_15_2","doi-asserted-by":"crossref","first-page":"4184","DOI":"10.3390\/app12094184","article-title":"Network intrusion detection model based on CNN and GRU","volume":"12","author":"Cao Bo","year":"2022","unstructured":"Bo Cao, Chenghai Li, Yafei Song, Yueyi Qin, and Chen Chen. 2022. Network intrusion detection model based on CNN and GRU. Applied Sciences 12, 9 (2022), 4184.","journal-title":"Applied Sciences"},{"key":"e_1_3_3_16_2","volume-title":"Snort 2.0 Intrusion Detection","author":"Caswell Brian","year":"2003","unstructured":"Brian Caswell, James C Foster, Ryan Russell, Jay Beale, and Jeffrey Posluns. 2003. Snort 2.0 Intrusion Detection. Syngress Publishing, Burlington, MA, USA."},{"key":"e_1_3_3_17_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.cosrev.2019.01.002","article-title":"A survey on malware analysis and mitigation techniques","volume":"32","author":"Chakkaravarthy S Sibi","year":"2019","unstructured":"S Sibi Chakkaravarthy, D Sangeetha, and V Vaidehi. 2019. A survey on malware analysis and mitigation techniques. Computer Science Review 32 (2019), 1\u201323.","journal-title":"Computer Science Review"},{"key":"e_1_3_3_18_2","doi-asserted-by":"crossref","first-page":"321","DOI":"10.1613\/jair.953","article-title":"SMOTE: synthetic minority over-sampling technique","volume":"16","author":"Chawla Nitesh V","year":"2002","unstructured":"Nitesh V Chawla, Kevin W Bowyer, Lawrence O Hall, and W Philip Kegelmeyer. 2002. SMOTE: synthetic minority over-sampling technique. Journal of Artificial Intelligence Research 16 (2002), 321\u2013357.","journal-title":"Journal of Artificial Intelligence Research"},{"key":"e_1_3_3_19_2","doi-asserted-by":"crossref","first-page":"103186","DOI":"10.1016\/j.jnca.2021.103186","article-title":"Machine learning based malicious payload identification in software-defined networking","volume":"192","author":"Cheng Qiumei","year":"2021","unstructured":"Qiumei Cheng, Chunming Wu, Haifeng Zhou, Dezhang Kong, Dong Zhang, Junchi Xing, and Wei Ruan. 2021. Machine learning based malicious payload identification in software-defined networking. Journal of Network and Computer Applications 192 (2021), 103186.","journal-title":"Journal of Network and Computer Applications"},{"key":"e_1_3_3_20_2","unstructured":"Kyunghyun Cho. 2014. Learning phrase representations using RNN encoder-decoder for statistical machine translation."},{"key":"e_1_3_3_21_2","first-page":"1","volume-title":"Proceedings of the 2022 International Conference on IoT and Blockchain Technology (ICIBT)","author":"Choubisa Manish","year":"2022","unstructured":"Manish Choubisa, Ruchi Doshi, Narendra Khatri, and Kamal Kant Hiran. 2022. A simple and robust approach of random forest for intrusion detection system in cyber security. In Proceedings of the 2022 International Conference on IoT and Blockchain Technology (ICIBT). IEEE, Rajasthan, India, 1\u20135."},{"issue":"2","key":"e_1_3_3_22_2","first-page":"140","article-title":"Feature extraction based on word embedding models for intrusion detection in network traffic","volume":"1","author":"Corizzo Roberto","year":"2020","unstructured":"Roberto Corizzo, Eftim Zdravevski, Myles Russell, Andrew Vagliano, and Nathalie Japkowicz. 2020. Feature extraction based on word embedding models for intrusion detection in network traffic. Journal of Surveillance, Security and Safety 1, 2 (2020), 140\u2013150.","journal-title":"Journal of Surveillance, Security and Safety"},{"key":"e_1_3_3_23_2","unstructured":"Matthieu Courbariaux Itay Hubara Daniel Soudry Ran El-Yaniv and Yoshua Bengio. 2016. Binarized neural networks: Training deep neural networks with weights and activations constrained to+ 1 or-1. arXiv:1602.02830. Retrieved from https:\/\/arxiv.org\/abs\/1602.02830 (2016)."},{"key":"e_1_3_3_24_2","first-page":"042072","volume-title":"Proceedings of the Journal of Physics: Conference Series","volume":"1964","author":"Das Rammanohar","year":"2021","unstructured":"Rammanohar Das and Raghav Sandhane. 2021. Artificial intelligence in cyber security. In Proceedings of the Journal of Physics: Conference Series, Vol. 1964. IOP Publishing, Bristol, UK, 042072."},{"issue":"2","key":"e_1_3_3_25_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3605775","article-title":"Deep learning for zero-day malware detection and classification: A survey","volume":"56","author":"Deldar Fatemeh","year":"2023","unstructured":"Fatemeh Deldar and Mahdi Abadi. 2023. Deep learning for zero-day malware detection and classification: A survey. Comput. Surveys 56, 2 (2023), 1\u201337.","journal-title":"Comput. Surveys"},{"key":"e_1_3_3_26_2","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1145\/3297156.3297230","volume-title":"Proceedings of the 2018 2nd International Conference on Computer Science and Artificial Intelligence","author":"Ding Yalei","year":"2018","unstructured":"Yalei Ding and Yuqing Zhai. 2018. Intrusion detection system for NSL-KDD dataset using convolutional neural networks. In Proceedings of the 2018 2nd International Conference on Computer Science and Artificial Intelligence. ACM, Shenzhen, China, 81\u201385."},{"key":"e_1_3_3_27_2","unstructured":"Abhimanyu Dubey Abhinav Jauhri Abhinav Pandey Abhishek Kadian Ahmad Al-Dahle Aiesha Letman Akhil Mathur Alan Schelten Amy Yang Angela Fan et\u00a0al. 2024. The Llama 3 herd of models."},{"issue":"2","key":"e_1_3_3_28_2","first-page":"23","article-title":"A new algorithm for data compression","volume":"12","author":"Gage Philip","year":"1994","unstructured":"Philip Gage. 1994. A new algorithm for data compression. The C Users Journal 12, 2 (1994), 23\u201338.","journal-title":"The C Users Journal"},{"key":"e_1_3_3_29_2","first-page":"249","volume-title":"Proceedings of the 13th International Conference on Artificial Intelligence and Statistics","author":"Glorot Xavier","year":"2010","unstructured":"Xavier Glorot and Yoshua Bengio. 2010. Understanding the difficulty of training deep feedforward neural networks. In Proceedings of the 13th International Conference on Artificial Intelligence and Statistics. JMLR Workshop and Conference Proceedings, Sardinia, Italy, 249\u2013256."},{"key":"e_1_3_3_30_2","first-page":"137","volume-title":"Proceedings of the Recent Advances in Security, Privacy, and Trust for Internet of Things (IoT) and Cyber-Physical Systems (CPS)","author":"Gouveia Arnaldo","year":"2020","unstructured":"Arnaldo Gouveia and Miguel Correia. 2020. Network intrusion detection with XGBoost. In Proceedings of the Recent Advances in Security, Privacy, and Trust for Internet of Things (IoT) and Cyber-Physical Systems (CPS). Chapman and Hall\/CRC, Boca Raton, FL, USA, 137\u2013166."},{"key":"e_1_3_3_31_2","first-page":"770","volume-title":"Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition","author":"He Kaiming","year":"2016","unstructured":"Kaiming He, Xiangyu Zhang, Shaoqing Ren, and Jian Sun. 2016. Deep residual learning for image recognition. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. IEEE, Las Vegas, NV, 770\u2013778."},{"key":"e_1_3_3_32_2","unstructured":"Dan Hendrycks and Kevin Gimpel. 2016. Gaussian error linear units (gelus)."},{"issue":"8","key":"e_1_3_3_33_2","doi-asserted-by":"crossref","first-page":"1735","DOI":"10.1162\/neco.1997.9.8.1735","article-title":"Long short-term memory","volume":"9","author":"Hochreiter S","year":"1997","unstructured":"S Hochreiter. 1997. Long short-term memory. Neural Computation MIT-Press 9, 8 (1997), 1735\u20131780.","journal-title":"Neural Computation MIT-Press"},{"key":"e_1_3_3_34_2","first-page":"1","volume-title":"Proceedings of the 2023 International Conference on Software, Telecommunications and Computer Networks (SoftCOM)","author":"Hojjatinia Sina","year":"2023","unstructured":"Sina Hojjatinia, Mehrnoosh Monshizadeh, and Vikramajeet Khatri. 2023. A deep intrusion detection model for network traffic payload analysis. In Proceedings of the 2023 International Conference on Software, Telecommunications and Computer Networks (SoftCOM). IEEE, Split, Croatia, 1\u20137."},{"key":"e_1_3_3_35_2","doi-asserted-by":"crossref","unstructured":"Paul RB Houssel Priyanka Singh Siamak Layeghy and Marius Portmann. 2024. Towards explainable network intrusion detection using large language models.","DOI":"10.1109\/BDCAT63179.2024.00021"},{"key":"e_1_3_3_36_2","unstructured":"Aaron Hurst Adam Lerer Adam P Goucher Adam Perelman Aditya Ramesh Aidan Clark AJ Ostrow Akila Welihinda Alan Hayes Alec Radford et\u00a0al. 2024. Gpt-4o system card."},{"key":"e_1_3_3_37_2","doi-asserted-by":"publisher","DOI":"10.1007\/s13369-024-09769-x"},{"key":"e_1_3_3_38_2","doi-asserted-by":"crossref","first-page":"1558","DOI":"10.1109\/IWCMC61514.2024.10592352","volume-title":"Proceedings of the 2024 International Wireless Communications and Mobile Computing (IWCMC)","author":"Jouhari Mohammed","year":"2024","unstructured":"Mohammed Jouhari and Mohsen Guizani. 2024. Lightweight cnn-bilstm based intrusion detection systems for resource-constrained iot devices. In Proceedings of the 2024 International Wireless Communications and Mobile Computing (IWCMC). IEEE, Djerba, Tunisia, 1558\u20131563."},{"issue":"1","key":"e_1_3_3_39_2","doi-asserted-by":"crossref","first-page":"71","DOI":"10.14257\/ijsia.2017.11.1.07","article-title":"A defensive mechanism based on PCA to defend denial of-service attack","volume":"11","author":"Kanna P Rajesh","year":"2017","unstructured":"P Rajesh Kanna, K Sindhanaiselvan, and MK Vijaymeena. 2017. A defensive mechanism based on PCA to defend denial of-service attack. International Journal of Security and its Applications 11, 1 (2017), 71\u201382.","journal-title":"International Journal of Security and its Applications"},{"key":"e_1_3_3_40_2","doi-asserted-by":"crossref","unstructured":"Hamza Kheddar. 2024. Transformers and large language models for efficient intrusion detection systems: A comprehensive survey.","DOI":"10.1016\/j.inffus.2025.103347"},{"key":"e_1_3_3_41_2","doi-asserted-by":"crossref","first-page":"100349","DOI":"10.1016\/j.array.2024.100349","article-title":"Network intrusion detection leveraging multimodal features","volume":"22","author":"Kiflay Aklil","year":"2024","unstructured":"Aklil Kiflay, Athanasios Tsokanos, Mahmood Fazlali, and Raimund Kirner. 2024. Network intrusion detection leveraging multimodal features. Array 22 (2024), 100349.","journal-title":"Array"},{"key":"e_1_3_3_42_2","doi-asserted-by":"crossref","first-page":"107840","DOI":"10.1016\/j.comnet.2021.107840","article-title":"Machine learning methods for cyber security intrusion detection: Datasets and comparative study","volume":"188","author":"Kilincer Ilhan Firat","year":"2021","unstructured":"Ilhan Firat Kilincer, Fatih Ertam, and Abdulkadir Sengur. 2021. Machine learning methods for cyber security intrusion detection: Datasets and comparative study. Computer Networks 188 (2021), 107840.","journal-title":"Computer Networks"},{"issue":"20","key":"e_1_3_3_43_2","doi-asserted-by":"crossref","first-page":"4253","DOI":"10.3390\/electronics12204253","article-title":"An ensemble of text convolutional neural networks and multi-head attention layers for classifying threats in network packets","volume":"12","author":"Kim Hyeonmin","year":"2023","unstructured":"Hyeonmin Kim and Young Yoon. 2023. An ensemble of text convolutional neural networks and multi-head attention layers for classifying threats in network packets. Electronics 12, 20 (2023), 4253.","journal-title":"Electronics"},{"issue":"6","key":"e_1_3_3_44_2","doi-asserted-by":"crossref","first-page":"916","DOI":"10.3390\/electronics9060916","article-title":"CNN-based network intrusion detection against denial-of-service attacks","volume":"9","author":"Kim Jiyeon","year":"2020","unstructured":"Jiyeon Kim, Jiwon Kim, Hyunjung Kim, Minsun Shim, and Eunjung Choi. 2020. CNN-based network intrusion detection against denial-of-service attacks. Electronics 9, 6 (2020), 916.","journal-title":"Electronics"},{"issue":"4","key":"e_1_3_3_45_2","doi-asserted-by":"crossref","first-page":"165","DOI":"10.33851\/JMIS.2019.6.4.165","article-title":"An intrusion detection model based on a convolutional neural network","volume":"6","author":"Kim Jiyeon","year":"2019","unstructured":"Jiyeon Kim, Yulim Shin, Eunjung Choi, et\u00a0al. 2019. An intrusion detection model based on a convolutional neural network. Journal of Multimedia Information System 6, 4 (2019), 165\u2013172.","journal-title":"Journal of Multimedia Information System"},{"key":"e_1_3_3_46_2","first-page":"79","volume-title":"Proceedings of the 2022 International Conference on Electronic Systems and Intelligent Computing (ICESIC)","author":"Koniki Rachana","year":"2022","unstructured":"Rachana Koniki, Mounika Durga Ampapurapu, and Praveen Kumar Kollu. 2022. An anomaly based network intrusion detection system using LSTM and GRU. In Proceedings of the 2022 International Conference on Electronic Systems and Intelligent Computing (ICESIC). IEEE, Ahmedabad, India, 79\u201384."},{"key":"e_1_3_3_47_2","doi-asserted-by":"crossref","first-page":"779","DOI":"10.1016\/j.future.2019.05.041","article-title":"Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset","volume":"100","author":"Koroniotis Nickolaos","year":"2019","unstructured":"Nickolaos Koroniotis, Nour Moustafa, Elena Sitnikova, and Benjamin Turnbull. 2019. Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset. Future Generation Computer Systems 100 (2019), 779\u2013796.","journal-title":"Future Generation Computer Systems"},{"key":"e_1_3_3_48_2","doi-asserted-by":"crossref","unstructured":"Taku Kudo and John Richardson. 2018. Sentencepiece: A simple and language independent subword tokenizer and detokenizer for neural text processing. arXiv:1808.06226. Retrieved from https:\/\/arxiv.org\/abs\/1808.06226","DOI":"10.18653\/v1\/D18-2012"},{"key":"e_1_3_3_49_2","unstructured":"Teven Le Scao Angela Fan Christopher Akiki Ellie Pavlick Suzana Ili\u0107 Daniel Hesslow Roman Castagn\u00e9 Alexandra Sasha Luccioni Fran\u00e7ois Yvon Matthias Gall\u00e9 et\u00a0al. 2023. Bloom: A 176b-parameter open-access multilingual language model."},{"issue":"4","key":"e_1_3_3_50_2","doi-asserted-by":"crossref","first-page":"541","DOI":"10.1162\/neco.1989.1.4.541","article-title":"Backpropagation applied to handwritten zip code recognition","volume":"1","author":"LeCun Yann","year":"1989","unstructured":"Yann LeCun, Bernhard Boser, John S Denker, Donnie Henderson, Richard E Howard, Wayne Hubbard, and Lawrence D Jackel. 1989. Backpropagation applied to handwritten zip code recognition. Neural Computation 1, 4 (1989), 541\u2013551.","journal-title":"Neural Computation"},{"key":"e_1_3_3_51_2","article-title":"Optimal brain damage","volume":"2","author":"LeCun Yann","year":"1989","unstructured":"Yann LeCun, John Denker, and Sara Solla. 1989. Optimal brain damage. Advances in Neural Information Processing Systems 2 (1989).","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_3_52_2","first-page":"9459","article-title":"Retrieval-augmented generation for knowledge-intensive nlp tasks","volume":"33","author":"Lewis Patrick","year":"2020","unstructured":"Patrick Lewis, Ethan Perez, Aleksandra Piktus, Fabio Petroni, Vladimir Karpukhin, Naman Goyal, Heinrich K\u00fcttler, Mike Lewis, Wen-tau Yih, Tim Rockt\u00e4schel, Sebastian Riedel, and Douwe Kiela. 2020. Retrieval-augmented generation for knowledge-intensive nlp tasks. Advances in Neural Information Processing Systems 33 (2020), 9459\u20139474.","journal-title":"Advances in Neural Information Processing Systems"},{"issue":"12","key":"e_1_3_3_53_2","doi-asserted-by":"crossref","first-page":"1462","DOI":"10.1631\/FITEE.1800573","article-title":"Cyber security meets artificial intelligence: A survey","volume":"19","author":"Li Jian-hua","year":"2018","unstructured":"Jian-hua Li. 2018. Cyber security meets artificial intelligence: A survey. Frontiers of Information Technology & Electronic Engineering 19, 12 (2018), 1462\u20131474.","journal-title":"Frontiers of Information Technology & Electronic Engineering"},{"issue":"1","key":"e_1_3_3_54_2","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/j.jnca.2012.09.004","article-title":"Intrusion detection system: A comprehensive review","volume":"36","author":"Liao Hung-Jen","year":"2013","unstructured":"Hung-Jen Liao, Chun-Hung Richard Lin, Ying-Chih Lin, and Kuang-Yuan Tung. 2013. Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications 36, 1 (2013), 16\u201324.","journal-title":"Journal of Network and Computer Applications"},{"key":"e_1_3_3_55_2","first-page":"471","volume-title":"Proceedings of the 4th International Congress on Information and Communication Technology: ICICT 2019, London, Volume 1","author":"Liu Zhiqiang","year":"2020","unstructured":"Zhiqiang Liu, Mohi-Ud-Din Ghulam, Ye Zhu, Xuanlin Yan, Lifang Wang, Zejun Jiang, and Jianchao Luo. 2020. Deep learning approach for IDS: using DNN for network anomaly detection. In Proceedings of the 4th International Congress on Information and Communication Technology: ICICT 2019, London, Volume 1. Springer, London, UK, 471\u2013479."},{"key":"e_1_3_3_56_2","unstructured":"Scott Lundberg. 2017. A unified approach to interpreting model predictions. arXiv:1705.07874. Retrieved from https:\/\/arxiv.org\/abs\/1705.07874 (2017)."},{"key":"e_1_3_3_57_2","doi-asserted-by":"publisher","DOI":"10.2478\/cait-2024-0006"},{"key":"e_1_3_3_58_2","unstructured":"Tomas Mikolov Kai Chen Greg Corrado and Jeffrey Dean. 2013. Efficient estimation of word representations in vector space."},{"key":"e_1_3_3_59_2","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1145\/2046684.2046699","volume-title":"Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence","author":"Morel Benoit","year":"2011","unstructured":"Benoit Morel. 2011. Artificial intelligence and the future of cybersecurity. In Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence. ACM, Chicago, IL, USA, 93\u201398."},{"key":"e_1_3_3_60_2","first-page":"1","volume-title":"Proceedings of the 2015 Military Communications and Information Systems Conference (MilCIS)","author":"Moustafa Nour","year":"2015","unstructured":"Nour Moustafa and Jill Slay. 2015. UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In Proceedings of the 2015 Military Communications and Information Systems Conference (MilCIS). IEEE, 1\u20136."},{"issue":"1","key":"e_1_3_3_61_2","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1007\/s44248-023-00002-y","article-title":"Evaluating word embedding feature extraction techniques for host-based intrusion detection systems","volume":"1","author":"Mvula Paul K","year":"2023","unstructured":"Paul K Mvula, Paula Branco, Guy-Vincent Jourdan, and Herna L Viktor. 2023. Evaluating word embedding feature extraction techniques for host-based intrusion detection systems. Discover Data 1, 1 (2023), 2.","journal-title":"Discover Data"},{"key":"e_1_3_3_62_2","first-page":"1","volume-title":"Proceedings of the 2021 International Conference on Advancements in Electrical, Electronics, Communication, Computing and Automation (ICAECA)","author":"Navya VK","year":"2021","unstructured":"VK Navya, J Adithi, Diksha Rudrawal, Harshita Tailor, and Nileena James. 2021. Intrusion detection system using deep neural networks (DNN). In Proceedings of the 2021 International Conference on Advancements in Electrical, Electronics, Communication, Computing and Automation (ICAECA). IEEE, Bangalore, India, 1\u20136."},{"key":"e_1_3_3_63_2","doi-asserted-by":"crossref","unstructured":"Aleksander Ogonowski Micha\u0142 \u017bebrowski Arkadiusz \u0106wiek Tobiasz Jarosiewicz Konrad Klimaszewski Adam Padee Piotr Wasiuk and Micha\u0142 W\u00f3jcik. 2024. Preliminary study on artificial intelligence methods for cybersecurity threat detection in computer networks based on raw data packets.","DOI":"10.7494\/csci.2025.26.SI.7079"},{"key":"e_1_3_3_64_2","unstructured":"openai. 2024. tiktoken. Retrieved from https:\/\/github.com\/openai\/tiktoken"},{"key":"e_1_3_3_65_2","unstructured":"Prajoy Podder Subrato Bharati M Mondal Pinto Kumar Paul and Utku Kose. 2021. Artificial neural network for cybersecurity: A comprehensive review."},{"key":"e_1_3_3_66_2","unstructured":"Alec Radford Karthik Narasimhan Tim Salimans Ilya Sutskever et\u00a0al. 2018. Improving language understanding by generative pre-training."},{"key":"e_1_3_3_67_2","volume-title":"Cybersecurity Threats, Malware Trends, and Strategies: Learn to Mitigate Exploits, Malware, Phishing, and other Social Engineering Attacks","author":"Rains Tim","year":"2020","unstructured":"Tim Rains. 2020. Cybersecurity Threats, Malware Trends, and Strategies: Learn to Mitigate Exploits, Malware, Phishing, and other Social Engineering Attacks. Packt Publishing Ltd, Birmingham, UK."},{"key":"e_1_3_3_68_2","doi-asserted-by":"crossref","first-page":"1135","DOI":"10.1145\/2939672.2939778","volume-title":"Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining","author":"Ribeiro Marco Tulio","year":"2016","unstructured":"Marco Tulio Ribeiro, Sameer Singh, and Carlos Guestrin. 2016. \u201d Why should i trust you?\u201d Explaining the predictions of any classifier. In Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 1135\u20131144."},{"issue":"6088","key":"e_1_3_3_69_2","doi-asserted-by":"crossref","first-page":"533","DOI":"10.1038\/323533a0","article-title":"Learning representations by back-propagating errors","volume":"323","author":"Rumelhart David E","year":"1986","unstructured":"David E Rumelhart, Geoffrey E Hinton, and Ronald J Williams. 1986. Learning representations by back-propagating errors. Nature 323, 6088 (1986), 533\u2013536.","journal-title":"Nature"},{"issue":"3","key":"e_1_3_3_70_2","doi-asserted-by":"crossref","first-page":"173","DOI":"10.1007\/s42979-021-00557-0","article-title":"Ai-driven cybersecurity: An overview, security intelligence modeling and research directions","volume":"2","author":"Sarker Iqbal H","year":"2021","unstructured":"Iqbal H Sarker, Md Hasan Furhad, and Raza Nowrozy. 2021. Ai-driven cybersecurity: An overview, security intelligence modeling and research directions. SN Computer Science 2, 3 (2021), 173.","journal-title":"SN Computer Science"},{"key":"e_1_3_3_71_2","first-page":"618","volume-title":"Proceedings of the IEEE International Conference on Computer Vision","author":"Selvaraju Ramprasaath R","year":"2017","unstructured":"Ramprasaath R Selvaraju, Michael Cogswell, Abhishek Das, Ramakrishna Vedantam, Devi Parikh, and Dhruv Batra. 2017. Grad-cam: Visual explanations from deep networks via gradient-based localization. In Proceedings of the IEEE International Conference on Computer Vision. 618\u2013626."},{"key":"e_1_3_3_72_2","first-page":"39","volume-title":"Proceedings of the International Conference on Artificial Intelligence and Applied Mathematics in Engineering","author":"Sevri Mehmet","year":"2022","unstructured":"Mehmet Sevri and Hacer Karacan. 2022. Explainable artificial intelligence (XAI) for deep learning based intrusion detection systems. In Proceedings of the International Conference on Artificial Intelligence and Applied Mathematics in Engineering. Springer, 39\u201355."},{"key":"e_1_3_3_73_2","first-page":"108","article-title":"Toward generating a new intrusion detection dataset and intrusion traffic characterization.","volume":"1","author":"Sharafaldin Iman","year":"2018","unstructured":"Iman Sharafaldin, Arash Habibi Lashkari, Ali A Ghorbani, et\u00a0al. 2018. Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1 (2018), 108\u2013116.","journal-title":"ICISSp"},{"key":"e_1_3_3_74_2","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1109\/AIIoT61789.2024.10579000","volume-title":"Proceedings of the 2024 IEEE World AI IoT Congress (AIIoT)","author":"Stein Kyle","year":"2024","unstructured":"Kyle Stein, Arash Mahyari, Guillermo Francia, and Eman El-Sheikh. 2024. A transformer-based framework for payload malware detection and classification. In Proceedings of the 2024 IEEE World AI IoT Congress (AIIoT). IEEE, Seattle, WA, USA, 105\u2013111."},{"key":"e_1_3_3_75_2","first-page":"1","volume-title":"Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition","author":"Szegedy Christian","year":"2015","unstructured":"Christian Szegedy, Wei Liu, Yangqing Jia, Pierre Sermanet, Scott Reed, Dragomir Anguelov, Dumitru Erhan, Vincent Vanhoucke, and Andrew Rabinovich. 2015. Going deeper with convolutions. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. IEEE, Boston, MA, 1\u20139."},{"key":"e_1_3_3_76_2","first-page":"1","article-title":"A lightweight optimized intrusion detection system using machine learning for edge-based IIoT security","volume":"87","author":"Tiwari Ravi Shekhar","year":"2024","unstructured":"Ravi Shekhar Tiwari, D Lakshmi, Tapan Kumar Das, Asis Kumar Tripathy, and Kuan-Ching Li. 2024. A lightweight optimized intrusion detection system using machine learning for edge-based IIoT security. Telecommunication Systems 87 (2024), 1\u201320.","journal-title":"Telecommunication Systems"},{"key":"e_1_3_3_77_2","unstructured":"Hugo Touvron Louis Martin Kevin Stone Peter Albert Amjad Almahairi Yasmine Babaei Nikolay Bashlykov Soumya Batra Prajjwal Bhargava Shruti Bhosale et\u00a0al. 2023. Llama 2: Open foundation and fine-tuned chat models."},{"issue":"1","key":"e_1_3_3_78_2","doi-asserted-by":"crossref","first-page":"190","DOI":"10.1016\/j.dcan.2023.03.008","article-title":"IDS-INT: Intrusion detection system using transformer-based transfer learning for imbalanced network traffic","volume":"10","author":"Ullah Farhan","year":"2024","unstructured":"Farhan Ullah, Shamsher Ullah, Gautam Srivastava, and Jerry Chun-Wei Lin. 2024. IDS-INT: Intrusion detection system using transformer-based transfer learning for imbalanced network traffic. Digital Communications and Networks 10, 1 (2024), 190\u2013204.","journal-title":"Digital Communications and Networks"},{"key":"e_1_3_3_79_2","first-page":"11","article-title":"Attention is all you need","volume":"30","author":"Vaswani Ashish","year":"2017","unstructured":"Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion Jones, Aidan N Gomez, \u0141ukasz Kaiser, and Illia Polosukhin. 2017. Attention is all you need. Advances in Neural Information Processing Systems 30 (2017), 11 pages.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_3_80_2","doi-asserted-by":"crossref","first-page":"159","DOI":"10.1016\/j.future.2019.10.022","article-title":"Espada: Enhanced payload analyzer for malware detection robust against adversarial threats","volume":"104","author":"Vidal Jorge Maestre","year":"2020","unstructured":"Jorge Maestre Vidal, Marco Antonio Sotelo Monge, and Sergio Mauricio Mart\u00ednez Monterrubio. 2020. Espada: Enhanced payload analyzer for malware detection robust against adversarial threats. Future Generation Computer Systems 104 (2020), 159\u2013173.","journal-title":"Future Generation Computer Systems"},{"key":"e_1_3_3_81_2","first-page":"1","volume-title":"Proceedings of the 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT)","author":"Vigneswaran Rahul K","year":"2018","unstructured":"Rahul K Vigneswaran, R Vinayakumar, KP Soman, and Prabaharan Poornachandran. 2018. Evaluating shallow and deep neural networks for network intrusion detection systems in cyber security. In Proceedings of the 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT). IEEE, Piscataway, NJ, USA, 1\u20136."},{"key":"e_1_3_3_82_2","doi-asserted-by":"crossref","unstructured":"Jonas Wagner Simon M\u00fcller Christian N\u00e4ther Jan-Philipp Stegh\u00f6fer and Andreas Both. 2025. Towards effective complementary security analysis using large language models. arXiv:2506.16899. Retrieved from https:\/\/arxiv.org\/abs\/2506.16899 (2025).","DOI":"10.1109\/ISI65680.2025.11201186"},{"key":"e_1_3_3_83_2","first-page":"1","volume-title":"Proceedings of the 2024 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM)","author":"Wang Tianming","year":"2024","unstructured":"Tianming Wang, Zhengan Zhao, and Kui Wu. 2024. Exploiting LLM embeddings for content-based IoT anomaly detection. In Proceedings of the 2024 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM). IEEE, Vancouver, BC, Canada, 1\u20136."},{"key":"e_1_3_3_84_2","first-page":"147","volume-title":"Proceedings of the International Conference on Computational Science","author":"Wang Xingyu","year":"2024","unstructured":"Xingyu Wang, Huaifeng Bao, Wenhao Li, Haoning Chen, Wen Wang, and Feng Liu. 2024. A framework for intelligent generation of intrusion detection rules based on grad-CAM. In Proceedings of the International Conference on Computational Science. Springer, Germany, 147\u2013161."},{"key":"e_1_3_3_85_2","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1007\/978-3-319-45871-7_12","volume-title":"Proceedings of the Information Security: 19th International Conference, ISC 2016, Honolulu, HI, USA, September 3-6, 2016. Proceedings 19","author":"Wangen Gaute","year":"2016","unstructured":"Gaute Wangen, Andrii Shalaginov, and Christoffer Hallstensen. 2016. Cyber security risk assessment of a ddos attack. In Proceedings of the Information Security: 19th International Conference, ISC 2016, Honolulu, HI, USA, September 3-6, 2016. Proceedings 19. Springer, Honolulu, HI, USA, 183\u2013202."},{"issue":"1","key":"e_1_3_3_86_2","first-page":"103","article-title":"Artificial intelligence in cybersecurity","volume":"1","author":"Wirkuttis Nadine","year":"2017","unstructured":"Nadine Wirkuttis and Hadas Klein. 2017. Artificial intelligence in cybersecurity. Cyber, Intelligence, and Security 1, 1 (2017), 103\u2013119.","journal-title":"Cyber, Intelligence, and Security"},{"key":"e_1_3_3_87_2","doi-asserted-by":"crossref","first-page":"64375","DOI":"10.1109\/ACCESS.2022.3182333","article-title":"RTIDS: A robust transformer-based approach for intrusion detection system","volume":"10","author":"Wu Zihan","year":"2022","unstructured":"Zihan Wu, Hong Zhang, Penghai Wang, and Zhibo Sun. 2022. RTIDS: A robust transformer-based approach for intrusion detection system. IEEE Access 10 (2022), 64375\u201364387.","journal-title":"IEEE Access"},{"issue":"2","key":"e_1_3_3_88_2","doi-asserted-by":"crossref","first-page":"100211","DOI":"10.1016\/j.hcc.2024.100211","article-title":"A survey on large language model (llm) security and privacy: The good, the bad, and the ugly","volume":"4","author":"Yao Yifan","year":"2024","unstructured":"Yifan Yao, Jinhao Duan, Kaidi Xu, Yuanfang Cai, Zhibo Sun, and Yue Zhang. 2024. A survey on large language model (llm) security and privacy: The good, the bad, and the ugly. High-Confidence Computing 4, 2 (2024), 100211.","journal-title":"High-Confidence Computing"},{"issue":"1","key":"e_1_3_3_89_2","doi-asserted-by":"crossref","first-page":"e0191083","DOI":"10.1371\/journal.pone.0191083","article-title":"Abnormal network flow detection based on application execution patterns from Web of Things (WoT) platforms","volume":"13","author":"Yoon Young","year":"2018","unstructured":"Young Yoon, Hyunwoo Jung, and Hana Lee. 2018. Abnormal network flow detection based on application execution patterns from Web of Things (WoT) platforms. PloS One 13, 1 (2018), e0191083.","journal-title":"PloS One"},{"key":"e_1_3_3_90_2","doi-asserted-by":"crossref","first-page":"10852","DOI":"10.1109\/ACCESS.2022.3145007","article-title":"A hybrid approach toward efficient and accurate intrusion detection for in-vehicle networks","volume":"10","author":"Zhang Linxi","year":"2022","unstructured":"Linxi Zhang and Di Ma. 2022. A hybrid approach toward efficient and accurate intrusion detection for in-vehicle networks. IEEE Access 10 (2022), 10852\u201310866.","journal-title":"IEEE Access"},{"key":"e_1_3_3_91_2","first-page":"18795","article-title":"Adabelief optimizer: Adapting stepsizes by the belief in observed gradients","volume":"33","author":"Zhuang Juntang","year":"2020","unstructured":"Juntang Zhuang, Tommy Tang, Yifan Ding, Sekhar C Tatikonda, Nicha Dvornek, Xenophon Papademetris, and James Duncan. 2020. Adabelief optimizer: Adapting stepsizes by the belief in observed gradients. Advances in Neural Information Processing Systems 33 (2020), 18795\u201318806.","journal-title":"Advances in Neural Information Processing Systems"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3769682","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,29]],"date-time":"2025-11-29T11:13:03Z","timestamp":1764414783000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3769682"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,29]]},"references-count":90,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2026,2,28]]}},"alternative-id":["10.1145\/3769682"],"URL":"https:\/\/doi.org\/10.1145\/3769682","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,11,29]]},"assertion":[{"value":"2025-03-20","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-09-18","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-11-29","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}