Chaonan Xin^*, Keqing Xu

Journal of Cyber Security, Vol.7, pp. 483-503, 2025, DOI:10.32604/jcs.2025.071627 - 28 November 2025

Abstract Intrusion Detection Systems (IDS) have achieved high accuracy on benchmark datasets, yet models often fail to generalize across different network environments. In this paper, we propose Transformer-IDS, a transformer-based network intrusion detection model designed for cross-dataset generalization. The model incorporates a classification token, multi-head self-attention, and embedding layers to learn versatile features, and it introduces a calibration module and an AUC-oriented optimization objective to improve reliability and ranking performance. We evaluate Transformer-IDS on three prominent datasets (NSL-KDD, UNSW-NB15, CIC-IDS2017) in both within-dataset and cross-dataset scenarios. Results demonstrate that while conventional deep IDS models (e.g., CNN-LSTM More >

I Wayan Adi Juliawan Pawana^1,2, Vincent Abella², Jhury Kevin Lastre², Yongho Ko², Ilsun You^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.2, pp. 2733-2760, 2025, DOI:10.32604/cmes.2025.072611 - 26 November 2025

Abstract Roaming in 5G networks enables seamless global mobility but also introduces significant security risks due to legacy protocol dependencies, uneven Security Edge Protection Proxy (SEPP) deployment, and the dynamic nature of inter-Public Land Mobile Network (inter-PLMN) signaling. Traditional rule-based defenses are inadequate for protecting cloud-native 5G core networks, particularly as roaming expands into enterprise and Internet of Things (IoT) domains. This work addresses these challenges by designing a scalable 5G Standalone testbed, generating the first intrusion detection dataset specifically tailored to roaming threats, and proposing a deep learning based intrusion detection framework for cloud-native environments.… More > Graphic Abstract

Mona Almofarreh¹, Amnah Alshahrani², Nouf Helal Alharbi³, Ahmed Omer Ahmed⁴, Hussain Alshahrani⁵, Abdulrahman Alzahrani^6,*, Mohammed Mujib Alshahrani⁷, Asma A. Alhashmi⁸

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.2, pp. 2631-2656, 2025, DOI:10.32604/cmes.2025.070545 - 26 November 2025

Abstract Zero-day attacks use unknown vulnerabilities that prevent being identified by cybersecurity detection tools. This study indicates that zero-day attacks have a significant impact on computer security. A conventional signature-based detection algorithm is not efficient at recognizing zero-day attacks, as the signatures of zero-day attacks are usually not previously accessible. A machine learning (ML)-based detection algorithm is proficient in capturing statistical features of attacks and, therefore, optimistic for zero-day attack detection. ML and deep learning (DL) are employed for designing intrusion detection systems. The improvement of absolute varieties of novel cyberattacks poses significant challenges for IDS… More >

Adeel Munawar¹, Muhammad Nadeem Ali², Awais Qasim³, Byung-Seo Kim^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.1, pp. 1189-1211, 2025, DOI:10.32604/cmes.2025.071876 - 30 October 2025

Abstract Cyber-physical systems (CPS) represent a sophisticated integration of computational and physical components that power critical applications such as smart manufacturing, healthcare, and autonomous infrastructure. However, their extensive reliance on internet connectivity makes them increasingly susceptible to cyber threats, potentially leading to operational failures and data breaches. Furthermore, CPS faces significant threats related to unauthorized access, improper management, and tampering of the content it generates. In this paper, we propose an intrusion detection system (IDS) optimized for CPS environments using a hybrid approach by combining a nature-inspired feature selection scheme, such as Grey Wolf Optimization (GWO),… More >

Seungyeon Baek^1,#, Jueun Jeon^2,#, Byeonghui Jeong¹, Young-Sik Jeong^1,*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.1, pp. 1213-1236, 2025, DOI:10.32604/cmes.2025.070679 - 30 October 2025

Abstract With the advent of the sixth-generation wireless technology, the importance of using artificial intelligence of things (AIoT) devices is increasing to enhance efficiency. As massive volumes of data are collected and stored in these AIoT environments, each device becomes a potential attack target, leading to increased security vulnerabilities. Therefore, intrusion detection studies have been conducted to detect malicious network traffic. However, existing studies have been biased toward conducting in-depth analyses of individual packets to improve accuracy or applying flow-based statistical information to ensure real-time performance. Effectively responding to complex and multifaceted threats in large-scale AIoT… More >

Muhammad Sajid Farooq¹, Muhammad Saleem², M.A. Khan^3,4, Muhammad Farrukh Khan⁵, Shahan Yamin Siddiqui⁶, Muhammad Shoukat Aslam⁷, Khan M. Adnan^8,*

CMC-Computers, Materials & Continua, Vol.85, No.3, pp. 5183-5206, 2025, DOI:10.32604/cmc.2025.069641 - 23 October 2025

Abstract The rapid evolution of smart cities through IoT, cloud computing, and connected infrastructures has significantly enhanced sectors such as transportation, healthcare, energy, and public safety, but also increased exposure to sophisticated cyber threats. The diversity of devices, high data volumes, and real-time operational demands complicate security, requiring not just robust intrusion detection but also effective feature selection for relevance and scalability. Traditional Machine Learning (ML) based Intrusion Detection System (IDS) improves detection but often lacks interpretability, limiting stakeholder trust and timely responses. Moreover, centralized feature selection in conventional IDS compromises data privacy and fails to… More >

Siraj Un Muneer¹, Ihsan Ullah¹, Zeshan Iqbal^2,*, Rajermani Thinakaran³

CMC-Computers, Materials & Continua, Vol.85, No.3, pp. 4959-4975, 2025, DOI:10.32604/cmc.2025.068566 - 23 October 2025

Abstract The complexity of cloud environments challenges secure resource management, especially for intrusion detection systems (IDS). Existing strategies struggle to balance efficiency, cost fairness, and threat resilience. This paper proposes an innovative approach to managing cloud resources through the integration of a genetic algorithm (GA) with a “double auction” method. This approach seeks to enhance security and efficiency by aligning buyers and sellers within an intelligent market framework. It guarantees equitable pricing while utilizing resources efficiently and optimizing advantages for all stakeholders. The GA functions as an intelligent search mechanism that identifies optimal combinations of bids More >

Roberto Caviglia¹, Daniyar Aliaskharov², Alessio Aceti¹, Mila Dalla Preda³, Paola Girdinio², Giovanni Battista Gaggero^2,*

CMC-Computers, Materials & Continua, Vol.85, No.3, pp. 5327-5340, 2025, DOI:10.32604/cmc.2025.068509 - 23 October 2025

Abstract Industrial Control Systems (ICS) in Operational Technology (OT) environments face unique cybersecurity challenges due to legacy systems, critical operational needs, and incompatibility with standard IT security practices. To address these challenges, this paper presents the Security Operation and Event Management (SOEM) platform, a software designed to support Security Operations Centers (SOCs) in reaching full visibility of OT environments. SOEM integrates diverse log sources and intrusion detection systems, including logs generated by the control system itself and additional on-the-shelf products, to enhance situational awareness and enable rapid incident response. The pilot project was carried out within More >

Bappa Muktar^*, Vincent Fono, Adama Nouboukpo

CMC-Computers, Materials & Continua, Vol.85, No.3, pp. 4705-4727, 2025, DOI:10.32604/cmc.2025.067733 - 23 October 2025

Abstract Vehicular Ad Hoc Networks (VANETs) are central to Intelligent Transportation Systems (ITS), especially for real-time communication involving emergency vehicles. Yet, Distributed Denial of Service (DDoS) attacks can disrupt safety-critical channels and undermine reliability. This paper presents a robust, scalable framework for detecting DDoS attacks in highway VANETs. We construct a new dataset with Network Simulator 3 (NS-3) and Simulation of Urban Mobility (SUMO), enriched with real mobility traces from Germany’s A81 highway (OpenStreetMap). Three traffic classes are modeled: DDoS, Voice over IP (VoIP), and Transmission Control Protocol Based (TCP-based) video streaming (VideoTCP). The pipeline includes normalization,… More >

Xuezhi Wen^1,2, Eric Danso^1,2,*, Solomon Danso¹

Journal of Cyber Security, Vol.7, pp. 439-462, 2025, DOI:10.32604/jcs.2025.070587 - 17 October 2025

Abstract Cloud-based intrusion detection systems increasingly face sophisticated adversarial attacks such as evasion and poisoning that exploit vulnerabilities in traditional machine learning (ML) models. While deep learning (DL) offers superior detection accuracy for high-dimensional cloud logs, it remains vulnerable to adversarial perturbations and lacks interpretability. Conversely, Hidden Markov Models (HMMs) provide probabilistic reasoning but struggle with raw, sequential cloud data. To bridge this gap, we propose a Deep Learning-Enhanced Ensemble Hidden Markov Model (DL-HMM) framework that synergizes the strengths of Long Short-Term Memory (LSTM) networks and HMMs while incorporating adversarial training and ensemble learning. Our architecture… More >