BattleTag/JANUS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5f578575ad12c763d729ee48605ed25371ecbb65
JANUS/paper/references.bib

294 lines
12 KiB
BibTeX
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
% =============================================================================
% JANUS — Verified BibTeX for intro.md
% Cite-key spelling matches the keys used in paper/intro.md.
% Each entry includes a `url` field linking to the canonical source page so the
% reference can be re-checked without re-searching.
%
% IMPORTANT NOTES (please review before submitting):
%
% * Trend2024: The Trend Micro 2024 "World Tour Survey" reports 51% of
% SOC teams feel overwhelmed by alert volume but does NOT
% state ">90% / 99%" false-positive rates. The 99% figure
% traces to Alahmadi et al., USENIX Security 2022, which
% is included below as @Alahmadi2022. Consider citing
% [Alahmadi2022; Trend2024] together, or replacing.
%
% * ACM-CSur-2024: Tariq et al. is published in ACM Computing Surveys
% Vol. 57(9), April 2025 — not 2024. The cite key is
% preserved per intro.md, but @year is 2025.
%
% * Shafir2026: Venue is IEEE/ACM Transactions on Networking (ToN),
% not IEEE TNSM. Verified via DOI 10.1109/TON.2025.3617580.
%
% * NFAD2021: Kirichenko et al. is NeurIPS 2020 (arXiv 2006.08545),
% not 2021. Cite key preserved per intro.md.
%
% * AE-Unreliable-2025: Bouman & Heskes was *withdrawn* from ICLR 2025;
% cited here as an arXiv preprint (2501.13864).
%
% * NeurIPS24-Reconstruction: The closest NeurIPS 2024 paper on the
% reconstruction-AD identity-mapping limitation is Kim
% et al., "Rethinking Reconstruction-based Graph-Level
% Anomaly Detection". It is graph-level, not generic
% image/tabular. Verify the citation matches your intent.
%
% * Tand2025: Best match for a Taylor & Francis 2025 cross-dataset
% NIDS paper is Connection Science 2025 (HDSE-IDS).
% The "0.100.30 AUROC drop" framing in intro.md is
% primarily supported by Cross2402.10974, not by
% Tand2025 directly.
%
% * rFM2025: arXiv 2508.05461's actual title is "Time-reversed Flow
% Matching with Worst Transport in High-dimensional Latent
% Space for Image Anomaly Detection". Earlier survey
% notes called it "How and Why: Taming Flow Matching..."
% — that title is incorrect. Updated below.
% =============================================================================
% --- Operational pain points (FP rates, alert fatigue) -----------------------
@misc{Trend2024,
author = {{Trend Micro}},
title = {{SOC Around the Clock: World Tour Survey Findings}},
year = {2024},
howpublished = {Trend Micro Research Report},
url = {https://www.trendmicro.com/en_us/research/24/k/world-tour-survey-results.html},
note = {Survey of 2,303 IT security/SOC decision makers; 51\% report
feeling overwhelmed by alert volume.}
}
@inproceedings{Alahmadi2022,
author = {Bushra A. Alahmadi and Louise Axon and Ivan Martinovic},
title = {99\% False Positives: A Qualitative Study of {SOC} Analysts'
Perspectives on Security Alarms},
booktitle = {31st USENIX Security Symposium (USENIX Security 22)},
year = {2022},
pages = {2783--2800},
publisher = {USENIX Association},
url = {https://www.usenix.org/conference/usenixsecurity22/presentation/alahmadi}
}
@article{ACM-CSur-2024,
author = {Shahroz Tariq and Mohan Baruwal Chhetri and Surya Nepal and
C{\'e}cile Paris},
title = {Alert Fatigue in Security Operations Centres:
Research Challenges and Opportunities},
journal = {ACM Computing Surveys},
volume = {57},
number = {9},
articleno = {224},
year = {2025},
doi = {10.1145/3723158},
url = {https://dl.acm.org/doi/10.1145/3723158}
}
% --- Cross-dataset NIDS robustness -------------------------------------------
@article{Cross2402.10974,
author = {Marco Cantone and Claudio Marrocco and Alessandro Bria},
title = {On the Cross-Dataset Generalization of Machine Learning
for Network Intrusion Detection},
journal = {arXiv preprint arXiv:2402.10974},
year = {2024},
eprint = {2402.10974},
archivePrefix = {arXiv},
primaryClass = {cs.CR},
url = {https://arxiv.org/abs/2402.10974}
}
@article{Tand2025,
title = {Enhancing generalization of cross-domain intrusion detection:
a heterogeneous deep stacked ensemble approach},
journal = {Connection Science},
publisher = {Taylor \& Francis},
year = {2025},
doi = {10.1080/09540091.2025.2599708},
url = {https://www.tandfonline.com/doi/full/10.1080/09540091.2025.2599708},
note = {Author list to be confirmed from publisher page (publisher
returned 403 to automated fetch).}
}
% --- Reconstruction-based detectors ------------------------------------------
@inproceedings{Kitsune,
author = {Yisroel Mirsky and Tomer Doitshman and Yuval Elovici and
Asaf Shabtai},
title = {{Kitsune}: An Ensemble of Autoencoders for Online Network
Intrusion Detection},
booktitle = {Network and Distributed System Security Symposium (NDSS)},
year = {2018},
eprint = {1802.09089},
archivePrefix = {arXiv},
url = {https://arxiv.org/abs/1802.09089}
}
@inproceedings{MemAE,
author = {Dong Gong and Lingqiao Liu and Vuong Le and Budhaditya Saha and
Moussa Reda Mansour and Svetha Venkatesh and
Anton {van den Hengel}},
title = {Memorizing Normality to Detect Anomaly: Memory-Augmented Deep
Autoencoder for Unsupervised Anomaly Detection},
booktitle = {Proceedings of the IEEE/CVF International Conference on
Computer Vision (ICCV)},
year = {2019},
pages = {1705--1714},
eprint = {1904.02639},
archivePrefix = {arXiv},
url = {https://openaccess.thecvf.com/content_ICCV_2019/html/Gong_Memorizing_Normality_to_Detect_Anomaly_Memory-Augmented_Deep_Autoencoder_for_Unsupervised_ICCV_2019_paper.html}
}
@article{AE-Unreliable-2025,
author = {Roel Bouman and Tom Heskes},
title = {Autoencoders for Anomaly Detection are Unreliable},
journal = {arXiv preprint arXiv:2501.13864},
year = {2025},
eprint = {2501.13864},
archivePrefix = {arXiv},
primaryClass = {cs.LG},
url = {https://arxiv.org/abs/2501.13864},
note = {Withdrawn ICLR 2025 submission;
OpenReview: https://openreview.net/forum?id=X8XQOLjLX6}
}
@inproceedings{NeurIPS24-Reconstruction,
author = {Sunwoo Kim and Soo Yong Lee and Fanchen Bu and Shinhwan Kang and
Kyungho Kim and Jaemin Yoo and Kijung Shin},
title = {Rethinking Reconstruction-based Graph-Level Anomaly Detection:
Limitations and a Simple Remedy},
booktitle = {Advances in Neural Information Processing Systems (NeurIPS)},
year = {2024},
url = {https://openreview.net/forum?id=e2INndPINB}
}
% --- Density-based detectors (NF / Diffusion / GAN) --------------------------
@article{Shafir2026,
author = {Lior Shafir and Raja Giryes and Avishai Wool},
title = {Explainable Anomaly Detection in Network Traffic Using
Normalizing Flows},
journal = {IEEE/ACM Transactions on Networking},
volume = {34},
year = {2026},
doi = {10.1109/TON.2025.3617580},
url = {https://doi.org/10.1109/TON.2025.3617580}
}
@inproceedings{NFAD2021,
author = {Polina Kirichenko and Pavel Izmailov and Andrew Gordon Wilson},
title = {Why Normalizing Flows Fail to Detect Out-of-Distribution Data},
booktitle = {Advances in Neural Information Processing Systems (NeurIPS)},
year = {2020},
eprint = {2006.08545},
archivePrefix = {arXiv},
url = {https://arxiv.org/abs/2006.08545},
note = {NeurIPS 2020 (cite key NFAD2021 retained per intro.md).}
}
@article{ConMD2026,
author = {Xinglin Lian and Yu Zheng and Yan Liu and Fan Zhou and
Chunlei Peng and Xinbo Gao},
title = {Contextual Masking Distillation for Network Traffic Anomaly
Detection},
journal = {IEEE Transactions on Information Forensics and Security},
volume = {21},
pages = {1273--1286},
year = {2026},
doi = {10.1109/TIFS.2026.3655514},
url = {https://ieeexplore.ieee.org/document/11358423/}
}
@article{DMAD2025,
author = {Hui Liu and others},
title = {A Survey on Diffusion Models for Anomaly Detection},
journal = {arXiv preprint arXiv:2501.11430},
year = {2025},
eprint = {2501.11430},
archivePrefix = {arXiv},
primaryClass = {cs.LG},
url = {https://arxiv.org/abs/2501.11430},
note = {Submitted to IJCAI 2025 (per associated GitHub repository);
verify final IJCAI proceedings entry before publication.}
}
@inproceedings{TIPSO-GAN-NDSS2026,
author = {Ernest Akpaku and Jinfu Chen and Joshua Ofoeda},
title = {{TIPSO-GAN}: Malicious Network Traffic Detection Using a Novel
Optimized Generative Adversarial Network},
booktitle = {Network and Distributed System Security Symposium (NDSS)},
year = {2026},
url = {https://www.ndss-symposium.org/ndss-paper/tipso-gan-malicious-network-traffic-detection-using-a-novel-optimized-generative-adversarial-network/}
}
% --- Flow Matching foundations -----------------------------------------------
@inproceedings{Lipman2023,
author = {Yaron Lipman and Ricky T. Q. Chen and Heli Ben-Hamu and
Maximilian Nickel and Matt Le},
title = {Flow Matching for Generative Modeling},
booktitle = {International Conference on Learning Representations (ICLR)},
year = {2023},
eprint = {2210.02747},
archivePrefix = {arXiv},
url = {https://arxiv.org/abs/2210.02747}
}
@article{OT-CFM-Tong2024,
author = {Alexander Tong and Kilian Fatras and Nikolay Malkin and
Guillaume Huguet and Yanlei Zhang and Jarrid Rector-Brooks and
Guy Wolf and Yoshua Bengio},
title = {Improving and Generalizing Flow-Based Generative Models with
Minibatch Optimal Transport},
journal = {Transactions on Machine Learning Research (TMLR)},
year = {2024},
eprint = {2302.00482},
archivePrefix = {arXiv},
url = {https://openreview.net/forum?id=CD9Snc73AW}
}
@inproceedings{Gat-NeurIPS2024,
author = {Itai Gat and Tal Remez and Neta Shaul and Felix Kreuk and
Ricky T. Q. Chen and Gabriel Synnaeve and Yossi Adi and
Yaron Lipman},
title = {Discrete Flow Matching},
booktitle = {Advances in Neural Information Processing Systems (NeurIPS)},
year = {2024},
eprint = {2407.15595},
archivePrefix = {arXiv},
url = {https://openreview.net/forum?id=GTDKo3Sv9p}
}
% --- Flow-Matching anomaly detection (image / tabular) -----------------------
@article{rFM2025,
author = {Liangwei Li and Lin Liu and Hanzhe Liang and Juanxiu Liu and
Jing Zhang and Ruqian Hao and Xiaohui Du and Yong Liu and
Pan Li},
title = {Time-reversed Flow Matching with Worst Transport in
High-dimensional Latent Space for Image Anomaly Detection},
journal = {arXiv preprint arXiv:2508.05461},
year = {2025},
eprint = {2508.05461},
archivePrefix = {arXiv},
primaryClass = {cs.CV},
url = {https://arxiv.org/abs/2508.05461}
}
@inproceedings{TCCM-NeurIPS2025,
author = {Zhong Li and Qi Huang and Yuxuan Zhu and Lincen Yang and
Mohammad Mohammadi Amiri and Niki van Stein and
Matthijs van Leeuwen},
title = {Scalable, Explainable and Provably Robust Anomaly Detection
with One-Step Flow Matching},
booktitle = {Advances in Neural Information Processing Systems (NeurIPS)},
year = {2025},
eprint = {2510.18328},
archivePrefix = {arXiv},
url = {https://arxiv.org/abs/2510.18328}
}
Reference in New Issue View Git Blame Copy Permalink