Yanmei Shi¹, Wei Yu^2,*, Yanxia Zhao^3,*, Yungang Jia⁴

CMES-Computer Modeling in Engineering & Sciences, Vol.140, No.1, pp. 887-906, 2024, DOI:10.32604/cmes.2024.046140

Abstract Web application fingerprint recognition is an effective security technology designed to identify and classify web applications, thereby enhancing the detection of potential threats and attacks. Traditional fingerprint recognition methods, which rely on preannotated feature matching, face inherent limitations due to the ever-evolving nature and diverse landscape of web applications. In response to these challenges, this work proposes an innovative web application fingerprint recognition method founded on clustering techniques. The method involves extensive data collection from the Tranco List, employing adjusted feature selection built upon Wappalyzer and noise reduction through truncated SVD dimensionality reduction. The core of the methodology lies in… More >

Youlin Ji, Bo Yin^*, Ke Gu

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 4205-4223, 2024, DOI:10.32604/cmc.2024.049086

Abstract With its untameable and traceable properties, blockchain technology has been widely used in the field of data sharing. How to preserve individual privacy while enabling efficient data queries is one of the primary issues with secure data sharing. In this paper, we study verifiable keyword frequency (KF) queries with local differential privacy in blockchain. Both the numerical and the keyword attributes are present in data objects; the latter are sensitive and require privacy protection. However, prior studies in blockchain have the problem of trilemma in privacy protection and are unable to handle KF queries. We propose an efficient framework that… More >

Shaha Al-Otaibi¹, Rahim Khan^2,*, Hashim Ali², Aftab Ahmed Khan², Amir Saeed³, Jehad Ali^4,*

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 3805-3823, 2024, DOI:10.32604/cmc.2024.049017

Abstract The Internet of Things (IoT) is a smart networking infrastructure of physical devices, i.e., things, that are embedded with sensors, actuators, software, and other technologies, to connect and share data with the respective server module. Although IoTs are cornerstones in different application domains, the device’s authenticity, i.e., of server(s) and ordinary devices, is the most crucial issue and must be resolved on a priority basis. Therefore, various field-proven methodologies were presented to streamline the verification process of the communicating devices; however, location-aware authentication has not been reported as per our knowledge, which is a crucial metric, especially in scenarios where… More >

Qinyue Wu, Hui Xu^*, Mengran Liu

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 4091-4107, 2024, DOI:10.32604/cmc.2024.048461

Abstract Network traffic identification is critical for maintaining network security and further meeting various demands of network applications. However, network traffic data typically possesses high dimensionality and complexity, leading to practical problems in traffic identification data analytics. Since the original Dung Beetle Optimizer (DBO) algorithm, Grey Wolf Optimization (GWO) algorithm, Whale Optimization Algorithm (WOA), and Particle Swarm Optimization (PSO) algorithm have the shortcomings of slow convergence and easily fall into the local optimal solution, an Improved Dung Beetle Optimizer (IDBO) algorithm is proposed for network traffic identification. Firstly, the Sobol sequence is utilized to initialize the dung beetle population, laying the… More >

Muhammad Binsawad^*

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 3645-3663, 2024, DOI:10.32604/cmc.2024.048183

Abstract Malware is an ever-present and dynamic threat to networks and computer systems in cybersecurity, and because of its complexity and evasiveness, it is challenging to identify using traditional signature-based detection approaches. The study article discusses the growing danger to cybersecurity that malware hidden in PDF files poses, highlighting the shortcomings of conventional detection techniques and the difficulties presented by adversarial methodologies. The article presents a new method that improves PDF virus detection by using document analysis and a Logistic Model Tree. Using a dataset from the Canadian Institute for Cybersecurity, a comparative analysis is carried out with well-known machine learning… More >

Bing Liu¹, Zhe Zhang¹, Shengrong Hu², Song Sun^3,*, Dapeng Liu⁴, Zhenyu Qiu⁵

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 4049-4069, 2024, DOI:10.32604/cmc.2024.048099

Abstract Internet of Things (IoT) is vulnerable to data-tampering (DT) attacks. Due to resource limitations, many anomaly detection systems (ADSs) for IoT have high false positive rates when detecting DT attacks. This leads to the misreporting of normal data, which will impact the normal operation of IoT. To mitigate the impact caused by the high false positive rate of ADS, this paper proposes an ADS management scheme for clustered IoT. First, we model the data transmission and anomaly detection in clustered IoT. Then, the operation strategy of the clustered IoT is formulated as the running probabilities of all ADSs deployed on… More >

Rahul Gupta¹, Kapil Sharma^1,*, R. K. Garg²

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 4283-4301, 2024, DOI:10.32604/cmc.2024.046890

Abstract The prevalence of smartphones is deeply embedded in modern society, impacting various aspects of our lives. Their versatility and functionalities have fundamentally changed how we communicate, work, seek entertainment, and access information. Among the many smartphones available, those operating on the Android platform dominate, being the most widely used type. This widespread adoption of the Android OS has significantly contributed to increased malware attacks targeting the Android ecosystem in recent years. Therefore, there is an urgent need to develop new methods for detecting Android malware. The literature contains numerous works related to Android malware detection. As far as our understanding… More >

Rabia Abid¹, Muhammad Rizwan², Abdulatif Alabdulatif^3,*, Abdullah Alnajim⁴, Meznah Alamro⁵, Mourade Azrour⁶

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 3413-3429, 2024, DOI:10.32604/cmc.2024.046880

Abstract Explainable Artificial Intelligence (XAI) has an advanced feature to enhance the decision-making feature and improve the rule-based technique by using more advanced Machine Learning (ML) and Deep Learning (DL) based algorithms. In this paper, we chose e-healthcare systems for efficient decision-making and data classification, especially in data security, data handling, diagnostics, laboratories, and decision-making. Federated Machine Learning (FML) is a new and advanced technology that helps to maintain privacy for Personal Health Records (PHR) and handle a large amount of medical data effectively. In this context, XAI, along with FML, increases efficiency and improves the security of e-healthcare systems. The… More >

Dahyeon Kim¹, Namgi Kim², Junho Ahn^2,*

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 3867-3889, 2024, DOI:10.32604/cmc.2024.046871

Abstract This research aims to propose a practical framework designed for the automatic analysis of a product’s comprehensive functionality and security vulnerabilities, generating applicable guidelines based on real-world software. The existing analysis of software security vulnerabilities often focuses on specific features or modules. This partial and arbitrary analysis of the security vulnerabilities makes it challenging to comprehend the overall security vulnerabilities of the software. The key novelty lies in overcoming the constraints of partial approaches. The proposed framework utilizes data from various sources to create a comprehensive functionality profile, facilitating the derivation of real-world security guidelines. Security guidelines are dynamically generated… More >

Fauziyah¹, Zhaoshun Wang^1,*, Mujahid Tabassum²

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 4417-4452, 2024, DOI:10.32604/cmc.2024.046797

Abstract In an era characterized by digital pervasiveness and rapidly expanding datasets, ensuring the integrity and reliability of information is paramount. As cyber threats evolve in complexity, traditional cryptographic methods face increasingly sophisticated challenges. This article initiates an exploration into these challenges, focusing on key exchanges (encompassing their variety and subtleties), scalability, and the time metrics associated with various cryptographic processes. We propose a novel cryptographic approach underpinned by theoretical frameworks and practical engineering. Central to this approach is a thorough analysis of the interplay between Confidentiality and Integrity, foundational pillars of information security. Our method employs a phased strategy, beginning… More >