Lincong Zhao¹, Liandong Chen¹, Peipei Shen¹, Zizhou Liu¹, Chengzhu Li¹, Fanqin Zhou^2,*

CMC-Computers, Materials & Continua, Vol.85, No.3, pp. 5057-5071, 2025, DOI:10.32604/cmc.2025.067521 - 23 October 2025

Abstract The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate. Federated learning offers a promising solution to expedite the training of security assessment models. However, ensuring the trustworthiness and robustness of federated learning under multi-party collaboration scenarios remains a challenge. To address these issues, this study proposes a shard aggregation network structure and a malicious node detection mechanism, along with improvements to the federated learning training process. First, we extract the data features of the participants by using spectral clustering methods combined… More >

Yulin Yao, Kangfeng Zheng, Bin Wu^*, Chunhua Wu, Jiaqi Gao, Jvjie Wang, Minjiao Yang

CMC-Computers, Materials & Continua, Vol.85, No.3, pp. 4753-4776, 2025, DOI:10.32604/cmc.2025.065059 - 23 October 2025

Abstract Cognitive biases are commonly used by attackers to manipulate users’ psychology in phishing emails. This study systematically analyzes the exploitation of cognitive biases in phishing emails and addresses the following questions: (1) Which cognitive biases are frequently exploited in phishing emails? (2) How are cognitive biases exploited in phishing emails? (3) How effective are cognitive bias features in detecting phishing emails? (4) How can the exploitation of cognitive biases in phishing emails be modelled? To address these questions, this study constructed a cognitive processing model that explains how attackers manipulate users by leveraging cognitive biases More >

Xuezhi Wen^1,2, Eric Danso^1,2,*, Solomon Danso¹

Journal of Cyber Security, Vol.7, pp. 439-462, 2025, DOI:10.32604/jcs.2025.070587 - 17 October 2025

Abstract Cloud-based intrusion detection systems increasingly face sophisticated adversarial attacks such as evasion and poisoning that exploit vulnerabilities in traditional machine learning (ML) models. While deep learning (DL) offers superior detection accuracy for high-dimensional cloud logs, it remains vulnerable to adversarial perturbations and lacks interpretability. Conversely, Hidden Markov Models (HMMs) provide probabilistic reasoning but struggle with raw, sequential cloud data. To bridge this gap, we propose a Deep Learning-Enhanced Ensemble Hidden Markov Model (DL-HMM) framework that synergizes the strengths of Long Short-Term Memory (LSTM) networks and HMMs while incorporating adversarial training and ensemble learning. Our architecture… More >

Brian Mweu^1,*, John Ndia²

Journal of Cyber Security, Vol.7, pp. 417-437, 2025, DOI:10.32604/jcs.2025.071765 - 10 October 2025

Abstract Static analysis methods are crucial in developing secure software, as they allow for the early identification of vulnerabilities before the software is executed. This systematic review follows Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) 2020 guidelines to assess static analysis techniques for software security enhancement. We systematically searched IEEE Xplore, Association for Computing Machinery (ACM) Digital Library, SpringerLink, and ScienceDirect for journal articles published between 2017 and 2025. The review examines hybrid analyses and machine learning integration to enhance vulnerability detection accuracy. Static analysis tools enable early fault detection but face persistent challenges. More >

Jingfu Yan, Huachun Zhou^*, Weilin Wang

Computer Systems Science and Engineering, Vol.49, pp. 499-531, 2025, DOI:10.32604/csse.2025.068151 - 10 October 2025

Abstract The 6G network architecture introduces the paradigm of Trust + Security, representing a shift in network protection strategies from external defense mechanisms to endogenous security enforcement. While ZTNs (zero-trust networks) have demonstrated significant advancements in constructing trust-centric frameworks, most existing ZTN implementations lack comprehensive integration of security deployment and traffic monitoring capabilities. Furthermore, current ZTN designs generally do not facilitate dynamic assessment of user reputation. To address these limitations, this study proposes a DPZTN (Data-plane-based Zero Trust Network). DPZTN framework extends traditional ZTN models by incorporating security mechanisms directly into the data plane. Additionally, blockchain infrastructure… More > Graphic Abstract

Eleena Sarah Mathew^*

Journal on Artificial Intelligence, Vol.7, pp. 347-363, 2025, DOI:10.32604/jai.2025.069841 - 06 October 2025

Abstract This review paper explores advanced methods to prompt Large Language Models (LLMs) into generating objectionable or unintended behaviors through adversarial prompt injection attacks. We examine a series of novel projects like HOUYI, Robustly Aligned LLM (RA-LLM), StruQ, and Virtual Prompt Injection that compel LLMs to produce affirmative responses to harmful queries. Several new benchmarks, such as PromptBench, AdvBench, AttackEval, INJECAGENT, and RobustnessSuite, have been created to evaluate the performance and resilience of LLMs against these adversarial attacks. Results show significant success rates in misleading models like Vicuna-7B, LLaMA-2-7B-Chat, GPT-3.5, and GPT-4. The review highlights limitations… More >

Asere Gbenga Femi^1,*, Monday Osagie Adenomon¹, Gilbert Imuetinyan Osaze Aimufua¹, Umar Ibrahim²

Journal of Cyber Security, Vol.7, pp. 377-394, 2025, DOI:10.32604/jcs.2025.069185 - 30 September 2025

Abstract Effective data protection frameworks are vital for safeguarding personal information, fostering digital trust, and ensuring alignment with global standards. In Nigeria, the Nigeria Data Protection Regulation (NDPR), administered by the National Information Technology Development Agency (NITDA), constitutes the nation’s primary privacy framework, harmonized with principles of the European Union’s GDPR. This study evaluates NDPR compliance across six strategic sectors; finance, telecommunications, education, health, Small and Medium-sized Enterprises (SMEs), and the public sector using a mixed-methods design. Data from 615 respondents in 30 organizations were collected through surveys, interviews, and document analysis. Findings reveal notable sectoral… More >

Myoung-oh Choi¹, Mincheol Shin¹, Hyonjun Kang¹, Ka Lok Man², Mucheol Kim^1,*

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.3, pp. 3191-3212, 2025, DOI:10.32604/cmes.2025.068723 - 30 September 2025

Abstract The escalating complexity and heterogeneity of modern energy systems—particularly in smart grid and distributed energy infrastructures—has intensified the need for intelligent and scalable security vulnerability classification. To address this challenge, we propose Vulnerability2Vec, a graph-embedding-based framework designed to enhance the automated classification of security vulnerabilities that threaten energy system resilience. Vulnerability2Vec converts Common Vulnerabilities and Exposures (CVE) text explanations to semantic graphs, where nodes represent CVE IDs and key terms (nouns, verbs, and adjectives), and edges capture co-occurrence relationships. Then, it embeds the semantic graphs to a low-dimensional vector space with random-walk sampling and skip-gram More >

Shengjia Chang, Baojiang Cui^*, Shaocong Feng

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.3, pp. 3805-3827, 2025, DOI:10.32604/cmes.2025.067756 - 30 September 2025

Abstract With the rapid advancement of mobile communication networks, key technologies such as Multi-access Edge Computing (MEC) and Network Function Virtualization (NFV) have enhanced the quality of service for 5G users but have also significantly increased the complexity of network threats. Traditional static defense mechanisms are inadequate for addressing the dynamic and heterogeneous nature of modern attack vectors. To overcome these challenges, this paper presents a novel algorithmic framework, SD-5G, designed for high-precision intrusion detection in 5G environments. SD-5G adopts a three-stage architecture comprising traffic feature extraction, elastic representation, and adaptive classification. Specifically, an enhanced Concrete… More >

Ramadan Abdul-Rashid¹, Mohd Amiruddin Abd Rahman^1,*, Abdulaziz Yagoub Barnawi²

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.3, pp. 3213-3250, 2025, DOI:10.32604/cmes.2025.066589 - 30 September 2025

Abstract Accurate time synchronization is fundamental to the correct and efficient operation of Wireless Sensor Networks (WSNs), especially in security-critical, time-sensitive applications. However, most existing protocols degrade substantially under malicious interference. We introduce iSTSP, an Intelligent and Secure Time Synchronization Protocol that implements a four-stage defense pipeline to ensure robust, precise synchronization even in hostile environments: (1) trust preprocessing that filters node participation using behavioral trust scoring; (2) anomaly isolation employing a lightweight autoencoder to detect and excise malicious nodes in real time; (3) reliability-weighted consensus that prioritizes high-trust nodes during time aggregation; and (4) convergence-optimized synchronization… More >