<p>Network attacks exploit complex temporal dependencies spanning microseconds to months, requiring unified modelling of continuous system dynamics and discrete event occurrences. This paper introduces a framework integrating Temporal Adaptive Batch Normalization Neural Ordinary Differential Equations (TA-BN-ODE) with Deep Spatio-Temporal Point Processes (DSTPP) for real-time adaptive intrusion detection. We present five fundamental contributions validated on the Integrated Cloud Security 3Datasets comprising 18.9 million security records across container orchestration, IoT/IIoT networks, and enterprise security operations. First, we develop security-specific TA-BN-ODE architectures achieving 97.3% accuracy with 60–90% parameter reduction through continuous-depth adaptation and stability guarantees. Second, we introduce transformer-enhanced marked temporal point processes with log-barrier optimization reducing complexity from cubic to quadratic scaling while capturing multi-scale temporal patterns. Third, we present structured variational Bayesian inference providing calibrated uncertainty quantification with 91.7% coverage probability and PAC-Bayesian generalisation bounds. Fourth, we demonstrate Large Language Model integration achieving 87.6% F1-score on zero-shot detection of novel attacks. Fifth, we provide theoretical convergence guarantees for online learning under concept drift with differential privacy preservation. Our framework processes 12.3 million events per second with sub-100&#xa0;ms latency, achieving 99.4% accuracy on container security, 98.6% on IoT networks, and 92.7% F1-score on enterprise incident triage. Comprehensive evaluation on standard benchmarks (CIC-IDS2018, UNSW-NB15, CIC-IoT-2023) and comparison with continuous-time models demonstrate state-of-the-art performance with 82% parameter reduction. Cross-domain validation on speech processing and healthcare monitoring confirms broad applicability beyond network security.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Temporal adaptive neural ordinary differential equations with deep spatio-temporal point processes for real-time network intrusion detection

  • Roger Nick Anaedevha,
  • Alexander Gennadievich Trofimov,
  • Yuri Vladimirovich Borodachev

摘要

Network attacks exploit complex temporal dependencies spanning microseconds to months, requiring unified modelling of continuous system dynamics and discrete event occurrences. This paper introduces a framework integrating Temporal Adaptive Batch Normalization Neural Ordinary Differential Equations (TA-BN-ODE) with Deep Spatio-Temporal Point Processes (DSTPP) for real-time adaptive intrusion detection. We present five fundamental contributions validated on the Integrated Cloud Security 3Datasets comprising 18.9 million security records across container orchestration, IoT/IIoT networks, and enterprise security operations. First, we develop security-specific TA-BN-ODE architectures achieving 97.3% accuracy with 60–90% parameter reduction through continuous-depth adaptation and stability guarantees. Second, we introduce transformer-enhanced marked temporal point processes with log-barrier optimization reducing complexity from cubic to quadratic scaling while capturing multi-scale temporal patterns. Third, we present structured variational Bayesian inference providing calibrated uncertainty quantification with 91.7% coverage probability and PAC-Bayesian generalisation bounds. Fourth, we demonstrate Large Language Model integration achieving 87.6% F1-score on zero-shot detection of novel attacks. Fifth, we provide theoretical convergence guarantees for online learning under concept drift with differential privacy preservation. Our framework processes 12.3 million events per second with sub-100 ms latency, achieving 99.4% accuracy on container security, 98.6% on IoT networks, and 92.7% F1-score on enterprise incident triage. Comprehensive evaluation on standard benchmarks (CIC-IDS2018, UNSW-NB15, CIC-IoT-2023) and comparison with continuous-time models demonstrate state-of-the-art performance with 82% parameter reduction. Cross-domain validation on speech processing and healthcare monitoring confirms broad applicability beyond network security.