This work proposes TempoNet, a generative model that integrates multi-task learning with a multi-label temporal point process to enhance the realism of intrusion detection system evaluation and cybersecurity training. TempoNet jointly models network packet and flow header fields along with their inter-arrival times, uniquely combining multi-task learning and temporal point processes to effectively capture structured temporal dynamics—such as host-pair interactions and seasonal trends—and higher-order dependencies. Evaluated on real-world datasets, TempoNet generates network traffic with superior temporal fidelity compared to generative adversarial networks (GANs), large language models, and Bayesian approaches. Notably, intrusion detection models trained on TempoNet-synthesized data achieve performance comparable to those trained on genuine traffic, demonstrating its practical utility for realistic and privacy-preserving cybersecurity applications.

Realistic network traffic simulation is critical for evaluating intrusion detection systems, stress-testing network protocols, and constructing high-fidelity environments for cybersecurity training. While attack traffic can often be layered into training environments using red-teaming or replay methods, generating authentic benign background traffic remains a core challenge -- particularly in simulating the complex temporal and communication dynamics of real-world networks. This paper introduces TempoNet, a novel generative model that combines multi-task learning with multi-mark temporal point processes to jointly model inter-arrival times and all packet- and flow-header fields. TempoNet captures fine-grained timing patterns and higher-order correlations such as host-pair behavior and seasonal trends, addressing key limitations of GAN-, LLM-, and Bayesian-based methods that fail to reproduce structured temporal variation. TempoNet produces temporally consistent, high-fidelity traces, validated on real-world datasets. Furthermore, we show that intrusion detection models trained on TempoNet-generated background traffic perform comparably to those trained on real data, validating its utility for real-world security applications.