[2603.23459] CSTS: A Canonical Security Telemetry Substrate for AI-Native Cyber Detection

Computer Science > Cryptography and Security arXiv:2603.23459 (cs) [Submitted on 24 Mar 2026] Title:CSTS: A Canonical Security Telemetry Substrate for AI-Native Cyber Detection Authors:Abdul Rahman View a PDF of the paper titled CSTS: A Canonical Security Telemetry Substrate for AI-Native Cyber Detection, by Abdul Rahman View PDF HTML (experimental) Abstract:AI-driven cybersecurity systems often fail under cross-environment deployment due to fragmented, event-centric telemetry representations. We introduce the Canonical Security Telemetry Substrate (CSTS), an entity-relational abstraction that enforces identity persistence, typed relationships, and temporal state invariants. Across heterogeneous environments, CSTS improves cross-topology transfer for identity-centric detection and prevents collapse under schema perturbation. For zero-day detection, CSTS isolates semantic orientation instability as a modeling, not schema, phenomenon, clarifying layered portability requirements. Comments: Subjects: Cryptography and Security (cs.CR); Machine Learning (cs.LG) Cite as: arXiv:2603.23459 [cs.CR]   (or arXiv:2603.23459v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2603.23459 Focus to learn more arXiv-issued DOI via DataCite (pending registration) Submission history From: Abdul Rahman [view email] [v1] Tue, 24 Mar 2026 17:30:03 UTC (105 KB) Full-text links: Access Paper: View a PDF of the paper titled CSTS: A Canonical Security Telemetry Substrate for AI-Native Cyber...