Federica Uccello^1,2, Marek Pawlicki^3,4, Salvatore D'Antonio¹, Rafał Kozik^3,4, Michał Choraś^3,4,*

CMC-Computers, Materials & Continua, Vol.83, No.2, pp. 1607-1621, 2025, DOI:10.32604/cmc.2025.062801 - 16 April 2025

Abstract The growing sophistication of cyberthreats, among others the Distributed Denial of Service attacks, has exposed limitations in traditional rule-based Security Information and Event Management systems. While machine learning–based intrusion detection systems can capture complex network behaviours, their “black-box” nature often limits trust and actionable insight for security operators. This study introduces a novel approach that integrates Explainable Artificial Intelligence—xAI—with the Random Forest classifier to derive human-interpretable rules, thereby enhancing the detection of Distributed Denial of Service (DDoS) attacks. The proposed framework combines traditional static rule formulation with advanced xAI techniques—SHapley Additive exPlanations and Scoped Rules More >

Xiangbin Wang¹, Qingjun Yuan^1,*, Weina Niu², Qianwei Meng¹, Yongjuan Wang¹, Chunxiang Gu¹

CMC-Computers, Materials & Continua, Vol.83, No.2, pp. 2267-2285, 2025, DOI:10.32604/cmc.2025.061767 - 16 April 2025

Abstract With the rise of encrypted traffic, traditional network analysis methods have become less effective, leading to a shift towards deep learning-based approaches. Among these, multimodal learning-based classification methods have gained attention due to their ability to leverage diverse feature sets from encrypted traffic, improving classification accuracy. However, existing research predominantly relies on late fusion techniques, which hinder the full utilization of deep features within the data. To address this limitation, we propose a novel multimodal encrypted traffic classification model that synchronizes modality fusion with multiscale feature extraction. Specifically, our approach performs real-time fusion of modalities More >

Zengyu Cai^1,*, Yuming Dai¹, Jianwei Zhang^2,3,*, Yuan Feng⁴

CMC-Computers, Materials & Continua, Vol.83, No.2, pp. 3335-3350, 2025, DOI:10.32604/cmc.2025.061206 - 16 April 2025

Abstract The rapid development and widespread adoption of Internet technology have significantly increased Internet traffic, highlighting the growing importance of network security. Intrusion Detection Systems (IDS) are essential for safeguarding network integrity. To address the low accuracy of existing intrusion detection models in identifying network attacks, this paper proposes an intrusion detection method based on the fusion of Spatial Attention mechanism and Residual Neural Network (SA-ResNet). Utilizing residual connections can effectively capture local features in the data; by introducing a spatial attention mechanism, the global dependency relationships of intrusion features can be extracted, enhancing the intrusion More >

Mourad Benmalek^1,*,#,*, Abdessamed Seddiki^2,#, Kamel-Dine Haouam¹

CMES-Computer Modeling in Engineering & Sciences, Vol.143, No.1, pp. 1157-1184, 2025, DOI:10.32604/cmes.2025.062841 - 11 April 2025

Abstract The Internet of Medical Things (IoMT) connects healthcare devices and sensors to the Internet, driving transformative advancements in healthcare delivery. However, expanding IoMT infrastructures face growing security threats, necessitating robust Intrusion Detection Systems (IDS). Maintaining the confidentiality of patient data is critical in AI-driven healthcare systems, especially when securing interconnected medical devices. This paper introduces SNN-IoMT (Stacked Neural Network Ensemble for IoMT Security), an AI-driven IDS framework designed to secure dynamic IoMT environments. Leveraging a stacked deep learning architecture combining Multi-Layer Perceptron (MLP), Convolutional Neural Networks (CNN), and Long Short-Term Memory (LSTM), the model optimizes data management More >

Noveela Iftikhar¹, Mujeeb Ur Rehman¹, Mumtaz Ali Shah², Mohammed J. F. Alenazi³, Jehad Ali^4,*

CMES-Computer Modeling in Engineering & Sciences, Vol.143, No.1, pp. 639-671, 2025, DOI:10.32604/cmes.2025.062788 - 11 April 2025

Abstract Intrusion attempts against Internet of Things (IoT) devices have significantly increased in the last few years. These devices are now easy targets for hackers because of their built-in security flaws. Combining a Self-Organizing Map (SOM) hybrid anomaly detection system for dimensionality reduction with the inherited nature of clustering and Extreme Gradient Boosting (XGBoost) for multi-class classification can improve network traffic intrusion detection. The proposed model is evaluated on the NSL-KDD dataset. The hybrid approach outperforms the baseline line models, Multilayer perceptron model, and SOM-KNN (k-nearest neighbors) model in precision, recall, and F1-score, highlighting the proposed More >

Saad Alahmari^1,*, Abdulwhab Alkharashi²

CMES-Computer Modeling in Engineering & Sciences, Vol.143, No.1, pp. 849-873, 2025, DOI:10.32604/cmes.2025.062549 - 11 April 2025

Abstract The Internet of Things (IoT) is emerging as an innovative phenomenon concerned with the development of numerous vital applications. With the development of IoT devices, huge amounts of information, including users’ private data, are generated. IoT systems face major security and data privacy challenges owing to their integral features such as scalability, resource constraints, and heterogeneity. These challenges are intensified by the fact that IoT technology frequently gathers and conveys complex data, creating an attractive opportunity for cyberattacks. To address these challenges, artificial intelligence (AI) techniques, such as machine learning (ML) and deep learning (DL),… More >

Tajinder Kumar¹, Purushottam Sharma^2,*, Xiaochun Cheng^3,*, Sachin Lalar⁴, Shubham Kumar⁵, Sandhya Bansal⁶

CMC-Computers, Materials & Continua, Vol.83, No.1, pp. 719-738, 2025, DOI:10.32604/cmc.2025.060836 - 26 March 2025

Abstract With cloud computing, large chunks of data can be handled at a small cost. However, there are some reservations regarding the security and privacy of cloud data stored. For solving these issues and enhancing cloud computing security, this research provides a Three-Layered Security Access model (TLSA) aligned to an intrusion detection mechanism, access control mechanism, and data encryption system. The TLSA underlines the need for the protection of sensitive data. This proposed approach starts with Layer 1 data encryption using the Advanced Encryption Standard (AES). For data transfer and storage, this encryption guarantees the data’s… More >

Mathew Nicho^1,2,*, Oluwasegun Adelaiye³, Christopher D. McDermott⁴, Shini Girija⁵

CMC-Computers, Materials & Continua, Vol.83, No.1, pp. 281-308, 2025, DOI:10.32604/cmc.2025.059597 - 26 March 2025

Abstract The successful penetration of government, corporate, and organizational IT systems by state and non-state actors deploying APT vectors continues at an alarming pace. Advanced Persistent Threat (APT) attacks continue to pose significant challenges for organizations despite technological advancements in artificial intelligence (AI)-based defense mechanisms. While AI has enhanced organizational capabilities for deterrence, detection, and mitigation of APTs, the global escalation in reported incidents, particularly those successfully penetrating critical government infrastructure has heightened concerns among information technology (IT) security administrators and decision-makers. Literature review has identified the stealthy lateral movement (LM) of malware within the initially… More >

Tarak Dhaouadi¹, Hichem Mrabet^1,2,*, Adeeb Alhomoud³, Abderrazak Jemai^1,4

CMC-Computers, Materials & Continua, Vol.82, No.3, pp. 4535-4554, 2025, DOI:10.32604/cmc.2025.060935 - 06 March 2025

Abstract The increasing adoption of Industrial Internet of Things (IIoT) systems in smart manufacturing is leading to raise cyberattack numbers and pressing the requirement for intrusion detection systems (IDS) to be effective. However, existing datasets for IDS training often lack relevance to modern IIoT environments, limiting their applicability for research and development. To address the latter gap, this paper introduces the HiTar-2024 dataset specifically designed for IIoT systems. As a consequence, that can be used by an IDS to detect imminent threats. Likewise, HiTar-2024 was generated using the AREZZO simulator, which replicates realistic smart manufacturing scenarios.… More >

Yue Yang^1,2, Xiangyan Tang^2,3,*, Zhaowu Liu^2,3,*, Jieren Cheng^2,3, Haozhe Fang³, Cunyi Zhang³

CMC-Computers, Materials & Continua, Vol.82, No.3, pp. 4389-4408, 2025, DOI:10.32604/cmc.2025.060357 - 06 March 2025

Abstract With the rapid development of Internet of Things technology, the sharp increase in network devices and their inherent security vulnerabilities present a stark contrast, bringing unprecedented challenges to the field of network security, especially in identifying malicious attacks. However, due to the uneven distribution of network traffic data, particularly the imbalance between attack traffic and normal traffic, as well as the imbalance between minority class attacks and majority class attacks, traditional machine learning detection algorithms have significant limitations when dealing with sparse network traffic data. To effectively tackle this challenge, we have designed a lightweight… More >