Researchers trained four lightweight intrusion detection architectures (Decision Tree, small MLP, 1D-CNN, LSTM) on Edge-IIoTset and evaluated them without retraining on two independent datasets (Gotham 2025, WUSTL-IIoT-2021) to assess cross-domain generalization.
F1 scores collapsed dramatically from ~0.97 in-domain to 0.09–0.28 cross-domain across all models; the "port shortcut" vulnerability persists despite mitigation attempts, with top features appearing 96–435x more frequently in source-domain attack traffic than targets.
Balanced sampling reversed dataset difficulty rankings compared to natural imbalanced distributions; the best cross-domain performer (SmallLSTM) showed weakest adversarial robustness; few-shot recovery was architecture-dependent, with Decision Tree and LSTM recovering substantially while 1D-CNN barely improved.
Researchers released AI-Infra-Guard, an open-source framework designed to close the security gap in rapidly expanding AI agent infrastructure by organizing red teaming across four stratified attack-surface layers: infrastructure, protocol/tool, agent behavior, and model.
The framework integrates deterministic rule matching for 75+ AI components with 1,400+ vulnerability rules, LLM-driven auditing of MCP servers and agent-skill packages, multi-turn black-box agent red teaming, and a jailbreak harness with 26+ attack operators spanning 16 datasets.
AI-Infra-Guard is the only open-source framework to comprehensively cover all layers and include supply-chain auditing for agent skills, establishing layer-paradigm matching as a shared foundation for community-driven agent security improvements.