CSTS: A Canonical Security Telemetry Substrate for AI-Native Cyber Detection
Abstract
AI-driven cybersecurity systems often fail under cross-environment deployment due to fragmented, event-centric telemetry representations. We introduce the Canonical Security Telemetry Substrate (CSTS), an entity-relational abstraction that enforces identity persistence, typed relationships, and temporal state invariants. Across heterogeneous environments, CSTS improves cross-topology transfer for identity-centric detection and prevents collapse under schema perturbation. For zero-day detection, ...
Description / Details
AI-driven cybersecurity systems often fail under cross-environment deployment due to fragmented, event-centric telemetry representations. We introduce the Canonical Security Telemetry Substrate (CSTS), an entity-relational abstraction that enforces identity persistence, typed relationships, and temporal state invariants. Across heterogeneous environments, CSTS improves cross-topology transfer for identity-centric detection and prevents collapse under schema perturbation. For zero-day detection, CSTS isolates semantic orientation instability as a modeling, not schema, phenomenon, clarifying layered portability requirements.
Source: arXiv:2603.23459v1 - http://arxiv.org/abs/2603.23459v1 PDF: https://arxiv.org/pdf/2603.23459v1 Original Link: http://arxiv.org/abs/2603.23459v1
Please sign in to join the discussion.
No comments yet. Be the first to share your thoughts!
Mar 25, 2026
Computer Science
Cybersecurity
0