Anomaly-based ML-NIDS (A-NIDS) model normal network behavior from benign data and classify deviations from this baseline as anomalies, theoretically enabling the detection of evolving attack variants without labeled attack data. The ability of A-NIDS to generalize critically depends on the quality of the feature space representing network behavior. However, the requirement for feature spaces that encode attack-relevant semantics has received little attention and remains poorly understood. As a consequence, these systems still struggle to meet practical operational constraints (low false positive rates without compromising detection performance and generalization to attack variants). We identify two limitations in the current feature spaces. First, Out-of-Dimension Blindness, where features do not capture essential attack mechanism properties. Second, Attack Strategy Aggregation Failure, where features cannot encode composite attack behaviors. Moreover, we demonstrate that two SotA data-driven generalization frameworks (based on incremental and contrastive learning) cannot compensate for these feature-level shortcomings. To bridge this gap, we present KnowML, a framework that encodes attack domain knowledge directly into the feature space. For each attack family, our method employs LLMs to construct a corresponding Knowledge Graph (KG) from attack implementations. Symbolic reasoning is then applied over the KG to enumerate potential attack strategies and their compositions. The resulting Knowledge-Augmented Feature Space enables effective generalization even when trained exclusively on benign traffic, a capability beyond current approaches. Systematic empirical evaluations show that KnowML achieves up to 99% detection rates while maintaining false positive rates at or below 0.0137%, substantially outperforming contemporary feature-based baselines across diverse attack variants.

翻译：基于异常的机器学习网络入侵检测系统（A-NIDS）从良性数据中建模正常网络行为，并将偏离该基线的行为分类为异常，理论上无需标记攻击数据即可检测不断演变的攻击变体。A-NIDS的泛化能力关键取决于表征网络行为的特征空间质量。然而，针对编码攻击相关语义的特征空间需求鲜少受到关注，其机理仍未被充分理解。因此，这些系统仍难以满足实际运行约束（在不损害检测性能的前提下保持低误报率，以及对攻击变体的泛化能力）。我们识别出当前特征空间的两个局限性：第一，维度外盲区——特征无法捕获关键攻击机制属性；第二，攻击策略聚合失效——特征无法编码复合攻击行为。此外，我们证明两种基于数据驱动的主流泛化框架（基于增量学习和对比学习）无法弥补这些特征层面的缺陷。为弥合这一差距，我们提出KnowML框架，将攻击领域知识直接编码到特征空间中。针对每个攻击家族，该方法利用大语言模型从攻击实现中构建对应的知识图谱，随后对知识图谱进行符号推理以枚举潜在攻击策略及其组合方式。由此产生的知识增强特征空间即使在仅基于良性流量训练时也能实现有效泛化，这一能力超越了当前所有方法。系统性实证评估表明，KnowML在维持误报率≤0.0137%的同时达到高达99%的检测率，在各类攻击变体中显著优于当代基于特征的方法基线。