pith. sign in

arxiv: 2606.10216 · v1 · pith:IESRBETMnew · submitted 2026-06-08 · 💻 cs.LG · cs.AI

A Source Domain is All You Need: Source-Only Cross-OS Transfer Learning for APT Anomaly Detection via Semantic Alignment and Optimal Transport

Pith reviewed 2026-06-27 17:05 UTC · model grok-4.3

classification 💻 cs.LG cs.AI
keywords APT anomaly detectioncross-OS transferoptimal transportsource-only learningsemantic alignmentprovenance tracesanomaly scoringzero supervision
0
0 comments X

The pith

An optimal transport score on language-model embeddings of provenance traces detects APT anomalies in a target OS using only source data and no target labels.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper establishes that abstracting system provenance into natural-language descriptions, embedding them with pretrained models, and measuring geometric deviation via optimal transport allows ranking of anomalous processes on an unlabeled target platform. It builds a source-normal reference manifold and scores target points by how much they must be transported to match that manifold, combining this geometric signal with semantic and structural deviations. A reader would care because labeled APT traces are scarce and platform differences make direct transfer unreliable. The evaluation covers twelve cross-OS pairs on DARPA Transparent Computing data spanning Linux, Windows, BSD, and Android. The OT-based barycentric score and its entropy-weighted, angle-aware, and density-aware variants are shown to lift ROC-AUC and nDCG over source-only baselines.

Core claim

The central claim is that an OT-based barycentric anomaly score, which projects target embeddings onto the source-normal manifold and quantifies residual transport mismatch, together with entropy-weighted, angle-aware, and density-aware OT variants, improves ROC-AUC and nDCG over source-only anomaly-detection baselines across twelve cross-OS transfer pairs on DARPA Transparent Computing data.

What carries the argument

The OT-based barycentric anomaly score that projects target embeddings onto the source-normal manifold and quantifies residual transport mismatch.

If this is right

  • The framework improves ROC-AUC and nDCG over source-only baselines across twelve cross-OS transfer pairs on DARPA data.
  • It supports detection on Linux, Windows, BSD, and Android in two APT scenarios without target supervision.
  • Combining semantic deviation from source prototypes, graph autoencoding, and geometric OT deviation produces better anomaly rankings than any channel alone.
  • Entropy-weighted, angle-aware, and density-aware OT variants each address distinct aspects of alignment uncertainty and sparse support.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same semantic-abstraction-plus-OT pipeline could be tested on other cross-domain security tasks where process or event logs can be rendered as text.
  • If the cross-OS semantic alignment holds, the approach might reduce reliance on target-domain labels in broader zero-shot anomaly settings beyond APTs.
  • Extending the evaluation to additional real-world datasets with different provenance formats would test whether the reported gains generalize past the DARPA traces.

Load-bearing premise

Abstracting process behavior into structured natural-language descriptions and embedding them with pretrained language models preserves sufficient cross-OS semantic alignment for the subsequent optimal transport projection to separate APT anomalies from normal behavior.

What would settle it

If the barycentric OT score and its variants produce no improvement in ROC-AUC or nDCG relative to simpler source-only baselines across the twelve cross-OS pairs on the DARPA Transparent Computing dataset, the central claim would be falsified.

Figures

Figures reproduced from arXiv: 2606.10216 by James Cheney, Petko Valtchev, Sidahmed Benabderrahmanea, Talal Rahwan.

Figure 1
Figure 1. Figure 1: Conventional OS-specific APT detection pipelines require target [PITH_FULL_IMAGE:figures/full_fig_p002_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Source-only cross-OS transfer pipeline. Source-domain provenance traces are converted into structured behavioral descriptions, optionally translated into [PITH_FULL_IMAGE:figures/full_fig_p006_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Illustration of the proposed OT-based anomaly score. Left: a target [PITH_FULL_IMAGE:figures/full_fig_p008_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Illustration of the four proposed OT-based anomaly scoring variants. [PITH_FULL_IMAGE:figures/full_fig_p009_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Source-target transfer heatmaps for the proposed fused framework. Rows denote the source operating system and columns denote the target operating [PITH_FULL_IMAGE:figures/full_fig_p016_5.png] view at source ↗
read the original abstract

Advanced Persistent Threats (APTs) are stealthy, multi-stage cyberattacks whose detection is difficult due to scarce labeled traces, severe class imbalance, and the challenge of generating realistic malicious behavior. These challenges are amplified in cross-operating-system (cross-OS) settings, where a detector trained on one source platform must be deployed on an unlabeled target platform without access to target-domain labels. We study this source-only cross-OS APT detection problem using system-level provenance traces and propose a transport-based framework for ranking anomalous target processes under zero target supervision. The framework abstracts process behavior into structured natural-language descriptions, embeds them using pretrained language models, and constructs a source-normal reference for target scoring. It combines three evidence channels: semantic deviation from source-normal prototypes, structural deviation captured by graph autoencoding, and geometric deviation measured through Optimal Transport (OT). The main contribution is an OT-based barycentric anomaly score that projects target embeddings onto the source-normal manifold and quantifies residual transport mismatch. We further introduce entropy-weighted, angle-aware, and density-aware OT variants to capture uncertainty, directional drift, and sparse-support behavior. Evaluation on DARPA Transparent Computing data spanning Linux, Windows, BSD, and Android, across two APT scenarios and twelve cross-OS transfer pairs, shows that the proposed framework improves ROC-AUC and nDCG over source-only anomaly-detection baselines. The results demonstrate that source-only provenance modeling, combined with semantic abstraction and OT-based anomaly scoring, can support practical cross-platform APT detection without target-domain supervision.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper claims a source-only cross-OS APT anomaly detection framework that abstracts provenance traces into structured natural-language descriptions, embeds them with pretrained LMs, builds a source-normal reference manifold, and ranks target anomalies via an OT-based barycentric projection score (with entropy-weighted, angle-aware, and density-aware variants) that measures residual transport mismatch. It reports improved ROC-AUC and nDCG over source-only baselines across twelve cross-OS transfer pairs on DARPA Transparent Computing data spanning Linux/Windows/BSD/Android and two APT scenarios, without any target labels or supervision.

Significance. If the claimed separation holds, the work would be significant for practical zero-shot cross-platform detection in label-scarce security settings, as it combines semantic, graph-autoencoder, and geometric (OT) channels in a transport framework. The introduction of multiple OT variants and the barycentric residual score are technically interesting contributions that could generalize beyond APTs if the embedding alignment assumption is validated.

major comments (2)
  1. [abstract / method description] The central claim (abstract and §4) that LM embeddings of provenance traces yield a shared latent space enabling reliable OT barycentric projection without target supervision is load-bearing, yet no quantitative verification of cross-OS alignment is provided (e.g., no MMD, CCA, or nearest-neighbor overlap between source and target normal embeddings). Without this, it is impossible to rule out that performance gains arise from LM-induced artifacts rather than behavioral semantics, especially given OS-specific differences in process naming and syscall granularity.
  2. [evaluation] §4 / evaluation: the reported ROC-AUC and nDCG improvements lack error bars, statistical significance tests, or ablation removing the LM embedding step to test whether raw provenance features would suffice. This makes it difficult to assess whether the OT variants are genuinely contributing or whether the results are sensitive to the specific twelve transfer pairs chosen.
minor comments (2)
  1. [method] Notation for the barycentric projection and the three OT variants is introduced without explicit equations or pseudocode, reducing reproducibility.
  2. [evaluation] Baseline details (which source-only anomaly detectors are compared, how they are adapted to cross-OS) are only summarized at a high level.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive and detailed comments. We address each major comment point-by-point below, indicating the revisions we will incorporate.

read point-by-point responses
  1. Referee: [abstract / method description] The central claim (abstract and §4) that LM embeddings of provenance traces yield a shared latent space enabling reliable OT barycentric projection without target supervision is load-bearing, yet no quantitative verification of cross-OS alignment is provided (e.g., no MMD, CCA, or nearest-neighbor overlap between source and target normal embeddings). Without this, it is impossible to rule out that performance gains arise from LM-induced artifacts rather than behavioral semantics, especially given OS-specific differences in process naming and syscall granularity.

    Authors: We agree that direct quantitative verification of cross-OS embedding alignment would strengthen the central claim. In the revised manuscript we will add MMD distances, CCA correlations, and nearest-neighbor overlap statistics computed on source and target normal embeddings. We will also expand the discussion of the structured natural-language abstraction step to explain how it mitigates OS-specific naming and syscall differences, thereby supporting that observed alignment reflects behavioral semantics. revision: yes

  2. Referee: [evaluation] §4 / evaluation: the reported ROC-AUC and nDCG improvements lack error bars, statistical significance tests, or ablation removing the LM embedding step to test whether raw provenance features would suffice. This makes it difficult to assess whether the OT variants are genuinely contributing or whether the results are sensitive to the specific twelve transfer pairs chosen.

    Authors: We concur that the evaluation would benefit from error bars, statistical tests, and an explicit ablation of the LM embedding component. In the revision we will report standard deviations over repeated runs, include paired statistical significance tests against baselines, and add an ablation that replaces LM embeddings with raw provenance features. We will also present per-pair results for all twelve transfers together with variance analysis to address sensitivity concerns. revision: yes

Circularity Check

0 steps flagged

No circularity: OT barycentric score presented as derived projection without reduction to fitted inputs or self-citation chains

full rationale

The provided abstract and description present the core OT-based barycentric anomaly score as a derived quantity obtained by projecting target embeddings onto a source-normal manifold and measuring residual transport mismatch, with additional variants (entropy-weighted, angle-aware, density-aware) introduced as extensions. No equations, self-citations, or parameter-fitting steps are quoted that would reduce any prediction or uniqueness claim to the inputs by construction. The framework is described as combining independent channels (semantic deviation, graph autoencoding, geometric OT deviation) without evidence that any load-bearing step collapses to a fit or prior self-citation. This is the common case of a self-contained derivation against external benchmarks (DARPA data, cross-OS pairs), warranting score 0.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Abstract-only review supplies no equations, no modeling choices, and no experimental details, so the ledger cannot be populated beyond noting that the central claim rests on unstated assumptions about embedding quality and transport geometry.

pith-pipeline@v0.9.1-grok · 5829 in / 1275 out tokens · 23631 ms · 2026-06-27T17:05:50.671621+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

42 extracted references · 4 canonical work pages · 2 internal anchors

  1. [1]

    Cybersecurity in the ai era: analyzing the im- pact of machine learning on intrusion detection,

    H. Dong and I. Kotenko, “Cybersecurity in the ai era: analyzing the im- pact of machine learning on intrusion detection,”Knowledge and Infor- mation Systems, vol. 67, no. 5, pp. 3915–3966, 2025

  2. [2]

    Expert insights into advanced persistent threats: Analysis, attribution, and challenges,

    A. Saha, J. Mattei, J. Blasco, L. Cavallaro, D. V otipka, and M. Lindorfer, “Expert insights into advanced persistent threats: Analysis, attribution, and challenges,” inProceedings of the 34th USENIX Security Symposium (USENIX Sec), 2025

  3. [3]

    A dynamic provenance graph-based de- tector for advanced persistent threats,

    L. Wang, L. Fang, and Y . Hu, “A dynamic provenance graph-based de- tector for advanced persistent threats,”Expert Systems with Applications, vol. 265, p. 125877, 2025

  4. [4]

    Advanced persistent threat attack detection systems: A review of approaches, challenges, and trends,

    R. Buchta, G. Gkoktsis, F. Heine, and C. Kleiner, “Advanced persistent threat attack detection systems: A review of approaches, challenges, and trends,”Digital Threats: Research and Practice, vol. 5, no. 4, pp. 1–37, 2024

  5. [5]

    Advanced persis- tent threats (apt): evolution, anatomy, attribution and countermeasures,

    A. Sharma, B. B. Gupta, A. K. Singh, and V . Saraswat, “Advanced persis- tent threats (apt): evolution, anatomy, attribution and countermeasures,” Journal of Ambient Intelligence and Humanized Computing, pp. 1–27, 2023

  6. [6]

    A systematic literature review on advanced persistent threat behaviors and its detection strategy,

    N. I. Che Mat, N. Jamil, Y . Yusoff, and M. L. Mat Kiah, “A systematic literature review on advanced persistent threat behaviors and its detection strategy,”Journal of Cybersecurity, vol. 10, no. 1, p. tyad023, 2024

  7. [7]

    A systematic review for apt detection and effective cyber situational awareness conceptual model,

    D. T. Salimet al., “A systematic review for apt detection and effective cyber situational awareness conceptual model,”Heliyon, vol. 9, no. 7, p. 17156, 2023

  8. [8]

    A review on the static and dynamic risk assessment methods for ot cyberse- curity in industry 4.0,

    N. H. Ghoson, V . Meyrueis, K. Benfriha, T. Guiltat, and S. Loubere, “A review on the static and dynamic risk assessment methods for ot cyberse- curity in industry 4.0,”Computers&Security, vol. 150, p. 104295, 2025

  9. [9]

    A data anonymization methodology for security operations centers: Balancing data protection and security in industrial systems,

    G. Longo, F. Lupia, A. Merlo, F. Pagano, and E. Russo, “A data anonymization methodology for security operations centers: Balancing data protection and security in industrial systems,”Information Sciences, vol. 690, p. 121534, 2025

  10. [10]

    Flash: A comprehen- sive approach to intrusion detection via provenance graph representa- tion learning,

    M. Ur Rehman, H. Ahmadi, and W. Ul Hassan, “Flash: A comprehen- sive approach to intrusion detection via provenance graph representa- tion learning,” in2024 IEEE Symposium on Security and Privacy (SP), pp. 3552–3570, 2024

  11. [11]

    Ranking-enhanced anomaly detection using active learning-assisted attention adversarial dual autoencoder,

    S. Benabderrahmane, J. Cheney, and T. Rahwan, “Ranking-enhanced anomaly detection using active learning-assisted attention adversarial dual autoencoder,”Scientific Reports, vol. 15, 2025

  12. [12]

    Advanced persistent threats,

    A. Singhal and P. Liu, “Advanced persistent threats,” inEncyclopedia of Cryptography, Security and Privacy, pp. 34–36, Springer, 2025

  13. [13]

    Hack me if you can: Aggregating autoencoders for countering persistent access threats within highly imbalanced data,

    S. Benabderrahmane, N. Hoang, P. Valtchev, J. Cheney, and T. Rahwan, “Hack me if you can: Aggregating autoencoders for countering persistent access threats within highly imbalanced data,”Future Gener. Comput. Syst., vol. 160, pp. 926–941, 2024

  14. [14]

    Optimization of intrusion detection with deep learning: A study based on the kdd cup 99 database.,

    A. M. Amine, “Optimization of intrusion detection with deep learning: A study based on the kdd cup 99 database.,”International Journal of Safety &Security Engineering, vol. 14, no. 4, 2024

  15. [15]

    Apt-attack detection based on multi-stage autoencoders,

    H. Neuschmied, M. Winter, B. Stojanovi ´c, K. Hofer-Schmitz, J. Bo ˇzi´c, and U. Kleb, “Apt-attack detection based on multi-stage autoencoders,” Applied Sciences, vol. 12, no. 13, 2022

  16. [16]

    A novel ai-based methodology for identifying cyber attacks in honey pots,

    M. AbuOdeh, C. Adkins, O. Setayeshfar, P. Doshi, and K. H. Lee, “A novel ai-based methodology for identifying cyber attacks in honey pots,” inProceedings of the AAAI Conference on Artificial Intelligence, vol. 35, pp. 15224–15231, 2021

  17. [17]

    Network anomaly detec- tion using memory-augmented deep autoencoder,

    B. Min, J. Yoo, S. Kim, D. Shin, and D. Shin, “Network anomaly detec- tion using memory-augmented deep autoencoder,”IEEE Access, vol. 9, pp. 104695–104706, 2021

  18. [18]

    Casie: Extracting cybersecurity event information from text,

    T. Satyapanich, F. Ferraro, and T. Finin, “Casie: Extracting cybersecurity event information from text,” inProceedings of the AAAI conference on artificial intelligence, vol. 34, pp. 8749–8757, 2020

  19. [19]

    A rule mining-based advanced persistent threats detection system,

    S. Benabderrahmane, G. Berrada, J. Cheney, and P. Valtchev, “A rule mining-based advanced persistent threats detection system,” inProceed- ings of the Thirtieth International Joint Conference on Artificial Intelli- gence, IJCAI 2021, Montreal, Canada, 19-27 August 2021(Z. Zhou, ed.), pp. 3589–3596, ijcai.org, 2021

  20. [20]

    Unsupervised anomaly detection approach for cyberattack identifica- tion,

    L. Segurola, M. Moreno-Moreno, I. Irigoien, and A. M. Florez-Tapia, “Unsupervised anomaly detection approach for cyberattack identifica- tion,”International Journal of Machine Learning and Cybernetics, vol. 15, no. 11, pp. 5291–5302, 2024

  21. [21]

    A baseline for unsupervised advanced persistent threat detection in system-level provenance,

    G. Berradaet al., “A baseline for unsupervised advanced persistent threat detection in system-level provenance,”Future Gener. Comput. Syst., vol. 108, pp. 401–413, 2020

  22. [22]

    From one attack domain to an- other: Contrastive transfer learning with siamese networks for APT de- tection,

    S. Benabderrahmane and T. Rahwan, “From one attack domain to an- other: Contrastive transfer learning with siamese networks for APT de- tection,”Knowl. Based Syst., vol. 332, p. 114877, 2025

  23. [23]

    Transfer learn- ing for security: Challenges and future directions,

    A. S. Li, A. Iyengar, A. Kundu, and E. Bertino, “Transfer learn- ing for security: Challenges and future directions,”arXiv preprint arXiv:2403.00935, 2024

  24. [24]

    Cross-domain fault diagnosis of rotating machinery under time-varying rotational speed and asymmet- ric domain label condition,

    S. Liu, J. Huang, P. Han, Z. Fan, and J. Ma, “Cross-domain fault diagnosis of rotating machinery under time-varying rotational speed and asymmet- ric domain label condition,” vol. 25, p. 2818, MDPI, 2025

  25. [25]

    Imagenet classification with deep convolutional neural networks,

    A. Krizhevsky, I. Sutskever, and G. E. Hinton, “Imagenet classification with deep convolutional neural networks,” inAdvances in Neural Infor- mation Processing Systems, vol. 25, pp. 1097–1105, 2012

  26. [26]

    Xda: Cross domain learning for at- tack attribution,

    K. Pei, Y . Li, Y . Yao, and B. Li, “Xda: Cross domain learning for at- tack attribution,” inProceedings of the 29th USENIX Security Symposium (USENIX Security), pp. 1061–1078, USENIX Association, 2020

  27. [27]

    Back- door attacks against transfer learning with pre-trained deep learning mod- els,

    S. Wang, S. Nepal, C. Rudolph, M. Grobler, S. Chen, and T. Chen, “Back- door attacks against transfer learning with pre-trained deep learning mod- els,” vol. 15, pp. 1526–1539, IEEE, 2020

  28. [28]

    A diffusion model based on network intrusion detection method for industrial cyber-physical sys- tems,

    B. Tang, Y . Lu, Q. Li, Y . Bai, J. Yu, and X. Yu, “A diffusion model based on network intrusion detection method for industrial cyber-physical sys- tems,” vol. 23, p. 1141, MDPI, 2023

  29. [29]

    Bert: Pre-training of deep bidirectional transformers for language understanding,

    J. Devlin, M.-W. Chang, K. Lee, and K. Toutanova, “Bert: Pre-training of deep bidirectional transformers for language understanding,” pp. 4171– 4186, 2019

  30. [30]

    RoBERTa: A Robustly Optimized BERT Pretraining Approach

    Y . Liu, M. Ott, N. Goyal, J. Du, M. Joshi, D. Chen, O. Levy, M. Lewis, L. Zettlemoyer, and V . Stoyanov, “Roberta: A robustly optimized bert pretraining approach,”arXiv preprint arXiv:1907.11692, 2019

  31. [31]

    DistilBERT, a distilled version of BERT: smaller, faster, cheaper and lighter

    V . Sanh, L. Debut, J. Chaumond, and T. Wolf, “Distilbert, a distilled version of bert: smaller, faster, cheaper and lighter,”arXiv preprint arXiv:1910.01108, 2019

  32. [32]

    Minilm: Deep self-attention distillation for task-agnostic compression of pre- trained transformers,

    W. Wang, F. Wei, L. Dong, H. Bao, N. Yang, and M. Zhou, “Minilm: Deep self-attention distillation for task-agnostic compression of pre- trained transformers,” inNeurIPS, 2020

  33. [33]

    Semi-supervised classification with graph convolutional networks,

    T. N. Kipf and M. Welling, “Semi-supervised classification with graph convolutional networks,” inProceedings of the International Conference on Learning Representations (ICLR), 2016

  34. [34]

    Variational graph auto-encoders,

    T. N. Kipf and M. Welling, “Variational graph auto-encoders,” 2016

  35. [35]

    Sinkhorn distances: Lightspeed computation of optimal transport,

    M. Cuturi, “Sinkhorn distances: Lightspeed computation of optimal transport,”Advances in neural information processing systems, vol. 26, 2013

  36. [36]

    Computational optimal transport: With appli- cations to data science,

    G. Peyr ´e, M. Cuturi,et al., “Computational optimal transport: With appli- cations to data science,”Foundations and Trends®in Machine Learning, vol. 11, no. 5-6, pp. 355–607, 2019

  37. [37]

    A joint reconstruction-triplet loss autoencoder approach to- wards unseen attack detection in iov networks,

    J. Boone, “A joint reconstruction-triplet loss autoencoder approach to- wards unseen attack detection in iov networks,”IEEE Internet of Things Journal, 2025

  38. [38]

    A novel semi-supervised deep transfer learning method with improved extended isolation forest for bearing fault diagnosis,

    S. Xue, B. Li, Y . Yang, S. Zhu, and Y . Yao, “A novel semi-supervised deep transfer learning method with improved extended isolation forest for bearing fault diagnosis,”IEEE Transactions on Instrumentation and Measurement, 2025

  39. [39]

    k- nn as a simple and effective estimator of transferability,

    M. Sorkhei, C. Matsoukas, J. F. Haslum, E. Konuk, and K. Smith, “k- nn as a simple and effective estimator of transferability,”arXiv preprint arXiv:2503.18528, 2025

  40. [40]

    Transfer learning for anomaly detection through localized and unsupervised instance selection,

    V . Vincent, “Transfer learning for anomaly detection through localized and unsupervised instance selection,” inProceedings of the AAAI Confer- ence on Artificial Intelligence, vol. 34, pp. 6054–6061, 2020

  41. [41]

    Cumulated gain-based evaluation of ir techniques,

    K. J ¨arvelin and J. Kek ¨al¨ainen, “Cumulated gain-based evaluation of ir techniques,”ACM Transactions on Information Systems (TOIS), vol. 20, no. 4, pp. 422–446, 2002

  42. [42]

    Breaking the top-k barrier: Advancing top-k ranking metrics optimization in recommender systems,

    W. Yang, J. Chen, S. Zhang, P. Wu, Y . Sun, Y . Feng, C. Chen, and C. Wang, “Breaking the top-k barrier: Advancing top-k ranking metrics optimization in recommender systems,” inProceedings of the 31st ACM SIGKDD Conference, pp. 3542–3552, 2025. 18