Yeasul Kim¹, Chaeeun Won¹, Hwankuk Kim^2,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-28, 2026, DOI:10.32604/cmc.2025.069608 - 10 November 2025

Abstract With the increasing emphasis on personal information protection, encryption through security protocols has emerged as a critical requirement in data transmission and reception processes. Nevertheless, IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices, spanning a range of devices from non-encrypted ones to fully encrypted ones. Given the limited visibility into payloads in this context, this study investigates AI-based attack detection methods that leverage encrypted traffic metadata, eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices. Using the UNSW-NB15 and CICIoT-2023 dataset, encrypted and… More >

Abeer Alhuzali^1,*, Qamar Al-Qahtani¹, Asmaa Niyazi¹, Lama Alshehri¹, Fatemah Alharbi²

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-19, 2026, DOI:10.32604/cmc.2025.069491 - 10 November 2025

Abstract The surge in smishing attacks underscores the urgent need for robust, real-time detection systems powered by advanced deep learning models. This paper introduces PhishNet, a novel ensemble learning framework that integrates transformer-based models (RoBERTa) and large language models (LLMs) (GPT-OSS 120B, LLaMA3.3 70B, and Qwen3 32B) to enhance smishing detection performance significantly. To mitigate class imbalance, we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques. Our system employs a dual-layer voting mechanism: weighted majority voting among LLMs and a final ensemble vote to classify messages as ham, spam, or smishing. Experimental More >

Seulki Han¹, Sangho Son², Won Sakong², Haemin Jung^3,*

CMC-Computers, Materials & Continua, Vol.85, No.2, pp. 2893-2912, 2025, DOI:10.32604/cmc.2025.067211 - 23 September 2025

Abstract As cyber threats become increasingly sophisticated, Distributed Denial-of-Service (DDoS) attacks continue to pose a serious threat to network infrastructure, often disrupting critical services through overwhelming traffic. Although unsupervised anomaly detection using convolutional autoencoders (CAEs) has gained attention for its ability to model normal network behavior without requiring labeled data, conventional CAEs struggle to effectively distinguish between normal and attack traffic due to over-generalized reconstructions and naive anomaly scoring. To address these limitations, we propose CA-CAE, a novel anomaly detection framework designed to improve DDoS detection through asymmetric joint reconstruction learning and refined anomaly scoring. Our… More >

Mohammad Nowsin Amin Sheikh^1,2,*, Muhammad Saibtain Raza¹, I-Shyan Hwang^1,*, Md. Alamgir Hossain³, Ihsan Ullah¹, Tahmid Hasan⁴, Mohammad Syuhaimi Ab-Rahman⁵

CMC-Computers, Materials & Continua, Vol.85, No.2, pp. 4043-4066, 2025, DOI:10.32604/cmc.2025.065850 - 23 September 2025

Abstract The rapid advancement of the Internet of Things (IoT) has heightened the importance of security, with a notable increase in Distributed Denial-of-Service (DDoS) attacks targeting IoT devices. Network security specialists face the challenge of producing systems to identify and offset these attacks. This research manages IoT security through the emerging Software-Defined Networking (SDN) standard by developing a unified framework (RNN-RYU). We thoroughly assess multiple deep learning frameworks, including Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM), Feed-Forward Convolutional Neural Network (FFCNN), and Recurrent Neural Network (RNN), and present the novel usage of Synthetic Minority Over-Sampling More >

Junzhe Cheng^*

Journal of Cyber Security, Vol.7, pp. 343-357, 2025, DOI:10.32604/jcs.2025.067979 - 22 September 2025

Abstract We present a novel Transformer-based network intrusion detection system (IDS) that automatically learns complex feature relationships from raw traffic. Our architecture embeds both categorical (e.g., protocol, flag) and numerical (e.g., packet count, duration) inputs into a unified latent space with positional encodings, and processes them through multi-layer multi-head self-attention blocks. The Transformer’s global attention enables the IDS to capture subtle, long-range correlations in the data (e.g., coordinated multi-step attacks) without manual feature engineering. We complement the model with extensive data augmentation (SMOTE, GANs) to mitigate class imbalance and improve robustness. In evaluation on benchmark datasets… More >

Singamaneni Krishnapriya^1,2,*, Sukhvinder Singh¹

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.2, pp. 1849-1881, 2025, DOI:10.32604/cmes.2025.068326 - 31 August 2025

Abstract The explosive expansion of the Internet of Things (IoT) systems has increased the imperative to have strong and robust solutions to cyber Security, especially to curtail Distributed Denial of Service (DDoS) attacks, which can cripple critical infrastructure. The proposed framework presented in the current paper is a new hybrid scheme that induces deep learning-based traffic classification and blockchain-enabled mitigation to make intelligent, decentralized, and real-time DDoS countermeasures in an IoT network. The proposed model fuses the extracted deep features with statistical features and trains them by using traditional machine-learning algorithms, which makes them more accurate… More > Graphic Abstract

Tamara Zhukabayeva^1,2,*, Vasily Desnitsky³, Assel Abdildayeva^1,4

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.2, pp. 2591-2625, 2025, DOI:10.32604/cmes.2025.067142 - 31 August 2025

Abstract Wireless Sensor Networks (WSN) have gained significant attention over recent years due to their extensive applications in various domains such as environmental monitoring, healthcare systems, industrial automation, and smart cities. However, such networks are inherently vulnerable to different types of attacks because they operate in open environments with limited resources and constrained communication capabilities. The paper addresses challenges related to modeling and analysis of wireless sensor networks and their susceptibility to attacks. Its objective is to create versatile modeling tools capable of detecting attacks against network devices and identifying anomalies caused either by legitimate user… More >

Prasanalakshmi Balaji^1,2, Sangita Babu³, Maode Ma⁴, Zhaoxi Fang², Syarifah Bahiyah Rahayu^5,6,*, Mariyam Aysha Bivi¹, Mahaveerakannan Renganathan⁷

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 5831-5858, 2025, DOI:10.32604/cmc.2025.065260 - 30 July 2025

Abstract The rapid progression of the Internet of Things (IoT) technology enables its application across various sectors. However, IoT devices typically acquire inadequate computing power and user interfaces, making them susceptible to security threats. One significant risk to cloud networks is Distributed Denial-of-Service (DoS) attacks, where attackers aim to overcome a target system with excessive data and requests. Among these, low-rate DoS (LR-DoS) attacks present a particular challenge to detection. By sending bursts of attacks at irregular intervals, LR-DoS significantly degrades the targeted system’s Quality of Service (QoS). The low-rate nature of these attacks confuses their… More >

Atena Shiranzaei^1,*, Emad Alizadeh², Mahdi Rabbani³, Sajjad Bagheri Baba Ahmadi^4,*, Mohsen Tajgardan⁵

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 5381-5402, 2025, DOI:10.32604/cmc.2025.064414 - 30 July 2025

Abstract The sinkhole attack is one of the most damaging threats in the Internet of Things (IoT). It deceptively attracts neighboring nodes and initiates malicious activity, often disrupting the network when combined with other attacks. This study proposes a novel approach, named NADSA, to detect and isolate sinkhole attacks. NADSA is based on the RPL protocol and consists of two detection phases. In the first phase, the minimum possible hop count between the sender and receiver is calculated and compared with the sender’s reported hop count. The second phase utilizes the number of DIO messages to More >

Hanqing Sun¹, Xue Li^2,*, Qiyuan Fan³, Puming Wang³

CMC-Computers, Materials & Continua, Vol.84, No.1, pp. 1659-1679, 2025, DOI:10.32604/cmc.2025.061426 - 09 June 2025

Abstract The era of big data brings new challenges for information network systems (INS), simultaneously offering unprecedented opportunities for advancing intelligent intrusion detection systems. In this work, we propose a data-driven intrusion detection system for Distributed Denial of Service (DDoS) attack detection. The system focuses on intrusion detection from a big data perceptive. As intelligent information processing methods, big data and artificial intelligence have been widely used in information systems. The INS system is an important information system in cyberspace. In advanced INS systems, the network architectures have become more complex. And the smart devices in… More >