Open Access

ARTICLE

LinguTimeX a Framework for Multilingual CTC Detection Using Explainable AI and Natural Language Processing

Omar Darwish¹, Shorouq Al-Eidi², Abdallah Al-Shorman¹, Majdi Maabreh³, Anas Alsobeh⁴, Plamen Zahariev⁵, Yahya Tashtoush^6,*

1 Information Security and Applied Computing, Eastern Michigan University, Ypsilanti, MI 48197, USA
2 Computer Science Department, Tafila Technical University, Tafila, 66110, Jordan
3 Department of Information Technology, Faculty of Prince Al-Hussein Bin Abdallah II For Information Technology, The Hashemite University, P.O. Box 330127, Zara, 13133, Jordan
4 Information Technology School of Computing, Southern Illinois University Carbondale, Carbondale, IL 62901, USA
5 Department of Telecommunications, University of Ruse “Angel Kanchev”, Ruse, POB 7017, Bulgaria
6 Department of Computer Science, Jordan University of Science and Technology, Irbid, 3030, Jordan

* Corresponding Author: Yahya Tashtoush. Email:

Computers, Materials & Continua 2026, 86(1), 1-21. https://doi.org/10.32604/cmc.2025.068266

Received 24 May 2025; Accepted 16 September 2025; Issue published 10 November 2025

Abstract

Covert timing channels (CTC) exploit network resources to establish hidden communication pathways, posing significant risks to data security and policy compliance. Therefore, detecting such hidden and dangerous threats remains one of the security challenges. This paper proposes LinguTimeX, a new framework that combines natural language processing with artificial intelligence, along with explainable Artificial Intelligence (AI) not only to detect CTC but also to provide insights into the decision process. LinguTimeX performs multidimensional feature extraction by fusing linguistic attributes with temporal network patterns to identify covert channels precisely. LinguTimeX demonstrates strong effectiveness in detecting CTC across multiple languages; namely English, Arabic, and Chinese. Specifically, the LSTM and RNN models achieved F1 scores of 90% on the English dataset, 89% on the Arabic dataset, and 88% on the Chinese dataset, showcasing their superior performance and ability to generalize across multiple languages. This highlights their robustness in detecting CTCs within security systems, regardless of the language or cultural context of the data. In contrast, the DeepForest model produced F1-scores ranging from 86% to 87% across the same datasets, further confirming its effectiveness in CTC detection. Although other algorithms also showed reasonable accuracy, the LSTM and RNN models consistently outperformed them in multilingual settings, suggesting that deep learning models might be better suited for this particular problem.

---

Keywords

---