Osamah Ibrahim Khalaf¹, Munsif Sokiyna^2,*, Youseef Alotaibi³, Abdulmajeed Alsufyani⁴, Saleh Alghamdi⁵

CMC-Computers, Materials & Continua, Vol.68, No.3, pp. 3167-3184, 2021, DOI:10.32604/cmc.2021.016099

Abstract A major issue while building web applications is proper input validation and sanitization. Attackers can quickly exploit errors and vulnerabilities that lead to malicious behavior in web application validation operations. Attackers are rapidly improving their capabilities and technologies and now focus on exploiting vulnerabilities in web applications and compromising confidentiality. Cross-site scripting (XSS) and SQL injection attack (SQLIA) are attacks in which a hacker sends malicious inputs (cheat codes) to confuse a web application, to access or disable the application’s back-end without user awareness. In this paper, we explore the problem of detecting and removing bugs from both client-side and… More >

Rajesh Kumar Dhanaraj¹, Lalitha Krishnasamy², Oana Geman^3,*, Diana Roxana Izdrui⁴

CMC-Computers, Materials & Continua, Vol.68, No.2, pp. 1949-1965, 2021, DOI:10.32604/cmc.2021.015363

Abstract In Wireless Body Area Networks (WBANs) with respect to health care, sensors are positioned inside the body of an individual to transfer sensed data to a central station periodically. The great challenges posed to healthcare WBANs are the black hole and sink hole attacks. Data from deployed sensor nodes are attracted by sink hole or black hole nodes while grabbing the shortest path. Identifying this issue is quite a challenging task as a small variation in medicine intake may result in a severe illness. This work proposes a hybrid detection framework for attacks by applying a Proportional Coinciding Score (PCS)… More >

Jialin Wan¹, Muhammad Waqas^1,2, Shanshan Tu^1,*, Syed Mudassir Hussain³, Ahsan Shah², Sadaqat Ur Rehman⁴, Muhammad Hanif²

CMC-Computers, Materials & Continua, Vol.68, No.1, pp. 267-281, 2021, DOI:10.32604/cmc.2021.016260

Abstract Fog computing paradigm extends computing, communication, storage, and network resources to the network’s edge. As the fog layer is located between cloud and end-users, it can provide more convenience and timely services to end-users. However, in fog computing (FC), attackers can behave as real fog nodes or end-users to provide malicious services in the network. The attacker acts as an impersonator to impersonate other legitimate users. Therefore, in this work, we present a detection technique to secure the FC environment. First, we model a physical layer key generation based on wireless channel characteristics. To generate the secret keys between the… More >

Jeonghoon Park¹, Jinsu Kim¹, B. B. Gupta², Namje Park^1,*

CMC-Computers, Materials & Continua, Vol.68, No.1, pp. 887-901, 2021, DOI:10.32604/cmc.2021.015172

Abstract The rapid advancement of IT technology has enabled the quick discovery, sharing and collection of quality information, but has also increased cyberattacks at a fast pace at the same time. There exists no means to block these cyberattacks completely, and all security policies need to consider the possibility of external attacks. Therefore, it is crucial to reduce external attacks through preventative measures. In general, since routers located in the upper part of a firewall can hardly be protected by security systems, they are exposed to numerous unblocked cyberattacks. Routers block unnecessary services and accept necessary ones while taking appropriate measures… More >

Zihao Shen^1,2, Hui Wang^1,*, Kun Liu¹, Peiqian Liu¹, Menglong Ba¹, MengYao Zhao³

Computer Systems Science and Engineering, Vol.37, No.1, pp. 121-133, 2021, DOI:10.32604/csse.2021.014988

Abstract The rapid progress of the Internet has exposed networks to an increased number of threats. Intrusion detection technology can effectively protect network security against malicious attacks. In this paper, we propose a ReliefF-P-Naive Bayes and softmax regression (RP-NBSR) model based on machine learning for network attack detection to improve the false detection rate and F1 score of unknown intrusion behavior. In the proposed model, the Pearson correlation coefficient is introduced to compensate for deficiencies in correlation analysis between features by the ReliefF feature selection algorithm, and a ReliefF-Pearson correlation coefficient (ReliefF-P) algorithm is proposed. Then, the Relief-P algorithm is used… More >

V. Priya¹, I. Sumaiya Thaseen¹, Thippa Reddy Gadekallu¹, Mohamed K. Aboudaif^2,*, Emad Abouel Nasr³

CMC-Computers, Materials & Continua, Vol.66, No.3, pp. 2457-2470, 2021, DOI:10.32604/cmc.2021.013852

Abstract Generally, the risks associated with malicious threats are increasing for the Internet of Things (IoT) and its related applications due to dependency on the Internet and the minimal resource availability of IoT devices. Thus, anomaly-based intrusion detection models for IoT networks are vital. Distinct detection methodologies need to be developed for the Industrial Internet of Things (IIoT) network as threat detection is a significant expectation of stakeholders. Machine learning approaches are considered to be evolving techniques that learn with experience, and such approaches have resulted in superior performance in various applications, such as pattern recognition, outlier analysis, and speech recognition.… More >

Adel Assiri^*

CMC-Computers, Materials & Continua, Vol.66, No.1, pp. 767-778, 2021, DOI:10.32604/cmc.2020.013813

Abstract Anomaly classification based on network traffic features is an important task to monitor and detect network intrusion attacks. Network-based intrusion detection systems (NIDSs) using machine learning (ML) methods are effective tools for protecting network infrastructures and services from unpredictable and unseen attacks. Among several ML methods, random forest (RF) is a robust method that can be used in ML-based network intrusion detection solutions. However, the minimum number of instances for each split and the number of trees in the forest are two key parameters of RF that can affect classification accuracy. Therefore, optimal parameter selection is a real problem in… More >

Jieren Cheng^{1, 2}, Junqi Li^{2, *}, Xiangyan Tang², Victor S. Sheng³, Chen Zhang², Mengyang Li²

CMC-Computers, Materials & Continua, Vol.62, No.3, pp. 1423-1443, 2020, DOI:10.32604/cmc.2020.06176

Abstract Distributed Denial of Service (DDoS) attack has become one of the most destructive network attacks which can pose a mortal threat to Internet security. Existing detection methods cannot effectively detect early attacks. In this paper, we propose a detection method of DDoS attacks based on generalized multiple kernel learning (GMKL) combining with the constructed parameter R. The super-fusion feature value (SFV) and comprehensive degree of feature (CDF) are defined to describe the characteristic of attack flow and normal flow. A method for calculating R based on SFV and CDF is proposed to select the combination of kernel function and regularization… More >

Jieren Cheng^{1, 2}, Yifu Liu^{1, *}, Xiangyan Tang¹, Victor S. Sheng³, Mengyang Li¹, Junqi Li¹

CMC-Computers, Materials & Continua, Vol.62, No.3, pp. 1317-1333, 2020, DOI:10.32604/cmc.2020.06177

Abstract Distributed Denial-of-Service (DDoS) has caused great damage to the network in the big data environment. Existing methods are characterized by low computational efficiency, high false alarm rate and high false alarm rate. In this paper, we propose a DDoS attack detection method based on network flow grayscale matrix feature via multiscale convolutional neural network (CNN). According to the different characteristics of the attack flow and the normal flow in the IP protocol, the seven-tuple is defined to describe the network flow characteristics and converted into a grayscale feature by binary. Based on the network flow grayscale matrix feature (GMF), the… More >