MD Hamid Borkot Tulla^1,*, MD Moniur Rahman Ratan², Rashid MD Mamunur³, Abdullah Hil Safi Sohan⁴, MD Matiur Rahman⁵

Journal of Cyber Security, Vol.7, pp. 675-691, 2025, DOI:10.32604/jcs.2025.074737 - 24 December 2025

Abstract Phishing is considered one of the most widespread cybercrimes due to the fact that it combines both technical and human vulnerabilities with the intention of stealing sensitive information. Traditional blacklist and heuristic-based defenses fail to detect such emerging attack patterns; hence, intelligent and transparent detection systems are needed. This paper proposes an explainable machine learning framework that integrates predictive performance with regulatory accountability. Four models were trained and tested on a balanced dataset of 10,000 URLs, comprising 5000 phishing and 5000 legitimate samples, each characterized by 48 lexical and content-based features: Decision Tree, XGBoost, Logistic… More >

Sapan Pandya^*

Journal of Cyber Security, Vol.7, pp. 637-651, 2025, DOI:10.32604/jcs.2025.073670 - 24 December 2025

Abstract Ransomware has evolved from opportunistic malware into a global economic weapon, crippling critical services and extracting billions in illicit revenue. While most research has centered on enterprise networks and healthcare systems, an equally vulnerable frontier is emerging in lottery and betting kiosks—self-service financial Internet of Things (IoT) devices that handle billions of dollars annually. These terminals operate unattended, rely on legacy operating systems, and interact with sensitive transactional data, making them prime ransomware targets. This paper introduces a Resilient Security Framework (RSF) for kiosks under ransomware threat conditions. RSF integrates three defensive layers: (1) prevention… More >

Mostafa Mohamed Ahmed Mohamed Alsaedy^1,*, Atef Zaki Ghalwash¹, Aliaa Abd Elhalim Yousif², Safaa Magdy Azzam¹

Journal of Cyber Security, Vol.7, pp. 653-674, 2025, DOI:10.32604/jcs.2025.073547 - 24 December 2025

Abstract Mobile financial applications and payment systems face significant security challenges from reverse engineering attacks. Attackers can decompile Android Package Kit (APK) files, modify permissions, and repackage applications with malicious capabilities. This work introduces E-AAPIV (Enhanced Android Apps Permissions Integrity Verifier), an advanced framework that uses Merkle Tree technology for real-time manifest integrity verification. The proposed system constructs cryptographic Merkle Tree from AndroidManifest.xml permission structures. It establishes secure client-server connections using Elliptic Curve Diffie-Hellman Protocol (ECDH-P384) key exchange. Root hashes are encrypted with Advanced Encryption Standard-256-Galois/Counter Mode (AES-256-GCM), integrated with hardware-backed Android Keystore for enhanced security. More >

Chunyong Yin, Williams Kyei^*

Journal of Cyber Security, Vol.7, pp. 615-635, 2025, DOI:10.32604/jcs.2025.072740 - 24 December 2025

Abstract The evolving sophistication of network threats demands anomaly detection methods that are both robust and adaptive. While autoencoders excel at learning normal traffic patterns, they struggle with complex feature interactions and require manual tuning for different environments. We introduce the Adaptive Robust AutoEncoder (ARAE), a novel framework that dynamically balances reconstruction fidelity with latent space regularization through learnable loss weighting. ARAE incorporates multi-head attention to model feature dependencies and fuses multiple anomaly indicators into an adaptive scoring mechanism. Extensive evaluation on four benchmark datasets demonstrates that ARAE significantly outperforms existing autoencoder variants and classical methods, More >

Mircea Ţălu^1,2,*

Journal of Cyber Security, Vol.7, pp. 565-587, 2025, DOI:10.32604/jcs.2025.073690 - 11 December 2025

Abstract The rapid proliferation of Internet of Things (IoT) devices has intensified the demand for cryptographic solutions that balance security, performance, and resource efficiency. However, existing studies often focus on isolated algorithmic families, lacking a comprehensive structural and experimental comparison across diverse lightweight cryptographic designs. This study addresses that gap by providing an integrated analysis of modern lightweight cryptographic algorithms spanning six structural classes—Substitution–Permutation Network (SPN), Feistel Network (FN), Generalized Feistel Network (GFN), Addition–Rotation–XOR (ARX), Nonlinear Feedback Shift Register (NLFSR), and Hybrid models—evaluated on resource-constrained IoT platforms. The key contributions include: (i) establishing a unified benchmarking… More >

Abd Rahman Wahid^*

Journal of Cyber Security, Vol.7, pp. 589-614, 2025, DOI:10.32604/jcs.2025.071622 - 11 December 2025

Abstract The rapid increase in cyber attacks requires accurate, adaptive, and interpretable detection and response mechanisms. Conventional security solutions remain fragmented, leaving gaps that attackers can exploit. This study introduces the HI-XDR (Hybrid Intelligent Extended Detection and Response) framework, which combines network-based Suricata rules and endpoint-based Wazuh rules into a unified dataset containing 45,705 entries encoded into 1058 features. A semantic-aware autoencoder-based anomaly detection module is trained and strengthened through adversarial learning using Projected Gradient Descent, achieving a minimum mean squared error of 0.0015 and detecting 458 anomaly rules at the 99th percentile threshold. A comparative… More >

Edward Danso Ansong^*, Simon Bonsu Osei^*, Raphael Adjetey Adjei

Journal of Cyber Security, Vol.7, pp. 533-564, 2025, DOI:10.32604/jcs.2025.061821 - 11 December 2025

Abstract The surge in identity fraud, driven by the rapid adoption of mobile money, internet banking, and e-services during the COVID-19 pandemic, underscores the need for robust cybersecurity solutions. Zero-Knowledge Proofs (ZKPs) enable secure identity verification by allowing individuals to prove possession of a National ID card without revealing sensitive information. This study implements a ZKP-based identity verification system using Camenisch-Lysyanskaya (CL) signatures, reducing reliance on complex trusted setup ceremonies. While a trusted issuer is still required, as assumed in this work, our approach eliminates the need for broader system-wide trusted parameters. We evaluate the system’s More >

Daskshnamoorthy Manivannan^*

Journal of Cyber Security, Vol.7, pp. 505-531, 2025, DOI:10.32604/jcs.2025.072810 - 28 November 2025

Abstract Attribute-Based Encryption (ABE) secures data by linking decryption rights to user attributes rather than user identities, enabling fine-grained access control. While ABE is effective for enforcing access policies, integrating it with Searchable Encryption (SE)—which allows searching encrypted data without decryption—remains a complex challenge. This paper presents a comprehensive survey of ABE schemes that support SE proposed over the past decade. It critically analyzes their strengths, limitations, and access control capabilities. The survey offers insights into the security, efficiency, and practical applicability of these schemes, outlines the current landscape of ABE-integrated SE, and identifies key challenges More >

Chaonan Xin^*, Keqing Xu

Journal of Cyber Security, Vol.7, pp. 483-503, 2025, DOI:10.32604/jcs.2025.071627 - 28 November 2025

Abstract Intrusion Detection Systems (IDS) have achieved high accuracy on benchmark datasets, yet models often fail to generalize across different network environments. In this paper, we propose Transformer-IDS, a transformer-based network intrusion detection model designed for cross-dataset generalization. The model incorporates a classification token, multi-head self-attention, and embedding layers to learn versatile features, and it introduces a calibration module and an AUC-oriented optimization objective to improve reliability and ranking performance. We evaluate Transformer-IDS on three prominent datasets (NSL-KDD, UNSW-NB15, CIC-IDS2017) in both within-dataset and cross-dataset scenarios. Results demonstrate that while conventional deep IDS models (e.g., CNN-LSTM More >

Boniface Wambui^1,*, Margaret Mwinji¹, Hellen Nyambura²

Journal of Cyber Security, Vol.7, pp. 463-482, 2025, DOI:10.32604/jcs.2025.069444 - 23 October 2025

Abstract As universities rapidly embrace digital transformation, their growing dependence on interconnected systems for academic, research, and administrative operations has significantly heightened their exposure to sophisticated cyber threats. Traditional defenses such as firewalls and signature-based intrusion detection systems have proven inadequate against evolving attacks like malware, phishing, ransomware, and advanced persistent threats (APTs). This growing complexity necessitates intelligent, adaptive, and anticipatory cybersecurity strategies. Artificial Intelligence (AI) offers a transformative approach by enabling automated threat detection, anomaly identification, and real-time incident response. This study sought to design and evaluate an AI-driven cybersecurity framework specifically for university networks… More >