Kevin Santiago Rey Rodriguez, Julián David Avellaneda Galindo, Josep Tárrega Juan, Juan Ramón Bermejo Higuera^*, Javier Bermejo Higuera, Juan Antonio Sicilia Montalvo

CMC-Computers, Materials & Continua, Vol.85, No.1, pp. 1807-1858, 2025, DOI:10.32604/cmc.2025.067127 - 29 August 2025

Abstract In today’s rapidly evolving digital landscape, web application security has become paramount as organizations face increasingly sophisticated cyber threats. This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js, Spring Boot, and MySQL architecture. The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication, fine-grained authorization controls, sophisticated session management, data confidentiality and integrity protection, secure logging mechanisms, comprehensive error handling, high availability strategies, advanced input validation, and security headers implementation. Significant… More >

Yuqi Chen^1,2, Guangjun Liang^1,2,3,*, Qun Wang^1,2,3

CMC-Computers, Materials & Continua, Vol.84, No.1, pp. 1145-1167, 2025, DOI:10.32604/cmc.2025.063319 - 09 June 2025

Abstract Structured Query Language (SQL) injection attacks have become the most common means of attacking Web applications due to their simple implementation and high degree of harm. Traditional injection attack detection techniques struggle to accurately identify various types of SQL injection attacks. This paper presents an enhanced SQL injection detection method that utilizes content matching technology to improve the accuracy and efficiency of detection. Features are extracted through content matching, effectively avoiding the loss of valid information, and an improved deep learning model is employed to enhance the detection effect of SQL injections. Considering that grammar More >

Stefan Ćirković¹, Vladimir Mladenović¹, Siniša Tomić², Dalibor Drljača², Olga Ristić^1,*

CMC-Computers, Materials & Continua, Vol.82, No.3, pp. 4409-4430, 2025, DOI:10.32604/cmc.2025.059696 - 06 March 2025

Abstract With the increasing use of web applications, challenges in the field of cybersecurity are becoming more complex. This paper explores the application of fine-tuned large language models (LLMs) for the automatic generation of synthetic attacks, including XSS (Cross-Site Scripting), SQL Injections, and Command Injections. A web application has been developed that allows penetration testers to quickly generate high-quality payloads without the need for in-depth knowledge of artificial intelligence. The fine-tuned language model demonstrates the capability to produce synthetic payloads that closely resemble real-world attacks. This approach not only improves the model’s precision and dependability but… More >

Nurhadi, Rabiah Abdul Kadir^*, Ely Salwana Mat Surin, Mahidur R. Sarker^*

Computer Systems Science and Engineering, Vol.48, No.6, pp. 1405-1435, 2024, DOI:10.32604/csse.2024.051851 - 22 November 2024

Abstract A data lake (DL), abbreviated as DL, denotes a vast reservoir or repository of data. It accumulates substantial volumes of data and employs advanced analytics to correlate data from diverse origins containing various forms of semi-structured, structured, and unstructured information. These systems use a flat architecture and run different types of data analytics. NoSQL databases are nontabular and store data in a different manner than the relational table. NoSQL databases come in various forms, including key-value pairs, documents, wide columns, and graphs, each based on its data model. They offer simpler scalability and generally outperform… More >

Yifei Zhao, Zhaohui Li, Siyi Lv^*

CMC-Computers, Materials & Continua, Vol.80, No.1, pp. 217-234, 2024, DOI:10.32604/cmc.2024.052310 - 18 July 2024

Abstract The EU’s Artificial Intelligence Act (AI Act) imposes requirements for the privacy compliance of AI systems. AI systems must comply with privacy laws such as the GDPR when providing services. These laws provide users with the right to issue a Data Subject Access Request (DSAR). Responding to such requests requires database administrators to identify information related to an individual accurately. However, manual compliance poses significant challenges and is error-prone. Database administrators need to write queries through time-consuming labor. The demand for large amounts of data by AI systems has driven the development of NoSQL databases.… More >

Abdulgbar A. R. Farea¹, Gehad Abdullah Amran^2,*, Ebraheem Farea³, Amerah Alabrah^4,*, Ahmed A. Abdulraheem⁵, Muhammad Mursil⁶, Mohammed A. A. Al-qaness⁷

CMC-Computers, Materials & Continua, Vol.76, No.3, pp. 3605-3622, 2023, DOI:10.32604/cmc.2023.040121 - 08 October 2023

Abstract E-commerce, online ticketing, online banking, and other web-based applications that handle sensitive data, such as passwords, payment information, and financial information, are widely used. Various web developers may have varying levels of understanding when it comes to securing an online application. Structured Query language SQL injection and cross-site scripting are the two vulnerabilities defined by the Open Web Application Security Project (OWASP) for its 2017 Top Ten List Cross Site Scripting (XSS). An attacker can exploit these two flaws and launch malicious web-based actions as a result of these flaws. Many published articles focused on… More >

Deris Stiawan¹, Ali Bardadi¹, Nurul Afifah¹, Lisa Melinda¹, Ahmad Heryanto¹, Tri Wanda Septian¹, Mohd Yazid Idris², Imam Much Ibnu Subroto³, Lukman⁴, Rahmat Budiarto^5,*

Computer Systems Science and Engineering, Vol.46, No.2, pp. 1759-1774, 2023, DOI:10.32604/csse.2023.034047 - 09 February 2023

Abstract The Repository Mahasiswa (RAMA) is a national repository of research reports in the form of final assignments, student projects, theses, dissertations, and research reports of lecturers or researchers that have not yet been published in journals, conferences, or integrated books from the scientific repository of universities and research institutes in Indonesia. The increasing popularity of the RAMA Repository leads to security issues, including the two most widespread, vulnerable attacks i.e., Structured Query Language (SQL) injection and cross-site scripting (XSS) attacks. An attacker gaining access to data and performing unauthorized data modifications is extremely dangerous. This… More >

Arodh Lal Karn¹, Panneer Selvam Manickam², R. Saravanan^3,*, Roobaea Alroobaea⁴, Jasem Almotiri⁴, Sudhakar Sengan⁵

CMC-Computers, Materials & Continua, Vol.74, No.3, pp. 6019-6037, 2023, DOI:10.32604/cmc.2023.032791 - 28 December 2022

Abstract Power Station (PS) monitoring systems are becoming critical, ensuring electrical safety through early warning, and in the event of a PS fault, the power supply is quickly disconnected. Traditional technologies are based on relays and don’t have a way to capture and store user data when there is a problem. The proposed framework is designed with the goal of providing smart environments for protecting electrical types of equipment. This paper proposes an Internet of Things (IoT)-based Smart Framework (SF) for monitoring the Power Devices (PD) which are being used in power substations. A Real-Time Monitoring… More >

Pei Yin¹, Jing Cheng^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.135, No.3, pp. 2387-2405, 2023, DOI:10.32604/cmes.2023.023666 - 23 November 2022

Abstract With the development of the digital city, data and data analysis have become more and more important. The database is the foundation of data analysis. In this paper, the software system of the urban land planning database of Shanghai in China is developed based on MySQL. The conceptual model of the urban land planning database is proposed, and the entities, attributes and connections of this model are discussed. Then the E-R conceptual model is transformed into a logical structure, which is supported by the relational database management system (DBMS). Based on the conceptual and logical… More >

Kamal ElDahshan¹, Eman Selim², Ahmed Ismail Ebada², Mohamed Abouhawwash^3,4, Yunyoung Nam^5,*, Gamal Behery²

CMC-Computers, Materials & Continua, Vol.72, No.3, pp. 5149-5164, 2022, DOI:10.32604/cmc.2022.028326 - 21 April 2022

Abstract Currently, relational database management systems (RDBMSs) face different challenges in application development due to the massive growth of unstructured and semi-structured data. This introduced new DBMS categories, known as not only structured query language (NoSQL) DBMSs, which do not adhere to the relational model. The migration from relational databases to NoSQL databases is challenging due to the data complexity. This study aims to enhance the storage performance of RDBMSs in handling a variety of data. The paper presents two approaches. The first approach proposes a convenient representation of unstructured data storage. Several extensive experiments were More >