Danilo Greco^*

CMC-Computers, Materials & Continua, Vol.88, No.2, 2026, DOI:10.32604/cmc.2026.082708 - 15 June 2026

Abstract The Enhanced Graph Neural Network Autoencoder (Enhanced GNN-AE), recently proposed for unsupervised cybersecurity monitoring in battery energy storage systems (BESSs), builds a multiscale k-nearest neighbour graph over measurement samples and learns compact latent representations via manifold-regularised training. Its spatial encoder, however, employs the original Graph Attention Network (GAT), which has been formally shown to compute a rank-1 attention function equivalent to graph convolutional networks on many graph structures. This work investigates whether replacing the GAT encoder with the strictly more expressive GATv2 formulation—which applies the attention vector after a joint, asymmetric linear transformation of source… More >

Sajad Homayoun^*

CMC-Computers, Materials & Continua, Vol.88, No.2, 2026, DOI:10.32604/cmc.2026.082332 - 15 June 2026

Abstract Intrusion detection systems depend on detailed security telemetry, yet such telemetry is often too sensitive to share or reuse outside controlled environments. Differential Privacy (DP) offers formal protection by injecting randomness, but its practical impact on detection utility is not well understood, especially under class imbalance and for rare attacks. This paper presents a controlled empirical study of feature-level DP applied to security telemetry for intrusion detection. Using a fixed model and a fixed train–test split, we vary only the privacy budget and quantify how performance changes across standard metrics, including macro-averaged scores and per-class More >

Óscar Mogollón-Gutiérrez^*, José Carlos Sancho Núñez, Mar Ávila, MohammadHossein Homaei, Andrés Caro

CMC-Computers, Materials & Continua, Vol.88, No.1, 2026, DOI:10.32604/cmc.2026.079694 - 08 May 2026

Abstract Cyberattacks have increased in frequency and complexity in recent years, resulting in significant consequences for organizations. The negative consequences of cyberattacks force organizations to implement adequate cybersecurity measures to prevent and mitigate the impact of these attacks. Analysis of network traffic is essential for determining whether a cyberattack has been conducted. Intrusion detection systems (IDS) are used to detect malicious actions or irregularities in information systems. In conjunction with artificial intelligence (AI), they enable the development of intelligent intrusion detection systems. This paper presents an intelligent method of network traffic classification for securing systems with… More >

Wajdan Al Malwi^1,*, Fatima Asiri¹, Muhammad Shahbaz Khan^2,3,*

CMC-Computers, Materials & Continua, Vol.88, No.1, 2026, DOI:10.32604/cmc.2026.075326 - 08 May 2026

Abstract Modern intrusion detection systems (IDS) struggle to recognise zero-day cyberattacks, as classical discriminative models rely on historical attack labels and fail to characterise deviations from normal network behaviour. This work presents a hybrid quantum–classical intrusion detection framework in which a Quantum Circuit Born Machine (QCBM) models benign traffic as a probabilistic quantum state. The trained QCBM assigns each network flow a Quantum Anomaly Score (QAS), defined as the negative log-likelihood under the learned benign distribution, which is subsequently fused with classical flow statistics in a Light Gradient Boosted Machine (LightGBM) classifier. The proposed system employs a… More >

Liam Revell¹, Hyunjae Kang^1,*, Jung Taek Seo², Dan Dongseong Kim¹

CMES-Computer Modeling in Engineering & Sciences, Vol.147, No.1, 2026, DOI:10.32604/cmes.2026.078467 - 27 April 2026

Abstract The rapid proliferation of Internet of Things (IoT) devices has increased the importance of network intrusion detection systems (NIDS) for protecting modern networks. However, many machine learning and deep learning based NIDS rely on large volumes of labeled attack data, which is often impractical to obtain for newly emerging or rare attacks. This paper presents a benchmark-style systematic evaluation of meta-learning-based Few-Shot Learning (FSL) classifiers for detecting previously unseen intrusions with limited labeled data. We investigate three representative FSL models, namely Prototypical Networks, Relation Networks, and MetaOptNet, and further examine two decision-level ensemble strategies based… More >

Abdulaziz A. Alsulami^1,*, Badraddin Alturki², Ahmad J. Tayeb², Rayan A. Alsemmeari², Raed Alsini¹

CMC-Computers, Materials & Continua, Vol.87, No.3, 2026, DOI:10.32604/cmc.2026.076413 - 09 April 2026

Abstract Intrusion Detection Systems (IDS) play a critical role in protecting networked environments from cyberattacks. They have become increasingly important in smart environments such as the Internet of Things (IoT) systems. However, IDS for IoT networks face critical challenges due to hardware constraints, including limited computational resources and storage capacity, which lead to high feature dimensionality, prediction uncertainty, and increased processing cost. These factors make many conventional detection approaches unsuitable for real-time IoT deployment. To address these challenges, this paper proposes an adaptive intrusion detection framework that intelligently balances detection accuracy and computational efficiency. The proposed… More >

Le Thi Hong Van^1,*, Le Duc Thuan¹, Pham Van Huong¹, Nguyen Hieu Minh²

CMC-Computers, Materials & Continua, Vol.87, No.1, 2026, DOI:10.32604/cmc.2025.075027 - 10 February 2026

Abstract Optimizing convolutional neural networks (CNNs) for IoT attack detection remains a critical yet challenging task due to the need to balance multiple performance metrics beyond mere accuracy. This study proposes a unified and flexible optimization framework that leverages metaheuristic algorithms to automatically optimize CNN configurations for IoT attack detection. Unlike conventional single-objective approaches, the proposed method formulates a global multi-objective fitness function that integrates accuracy, precision, recall, and model size (speed/model complexity penalty) with adjustable weights. This design enables both single-objective and weighted-sum multi-objective optimization, allowing adaptive selection of optimal CNN configurations for diverse deployment… More >

Enzo Hoummady^*, Fehmi Jaafar

CMC-Computers, Materials & Continua, Vol.87, No.1, 2026, DOI:10.32604/cmc.2025.074897 - 10 February 2026

Abstract With the proliferation of Internet of Things (IoT) devices, securing these interconnected systems against cyberattacks has become a critical challenge. Traditional security paradigms often fail to cope with the scale and diversity of IoT network traffic. This paper presents a comparative benchmark of classic machine learning (ML) and state-of-the-art deep learning (DL) algorithms for IoT intrusion detection. Our methodology employs a two-phased approach: a preliminary pilot study using a custom-generated dataset to establish baselines, followed by a comprehensive evaluation on the large-scale CICIoTDataset2023. We benchmarked algorithms including Random Forest, XGBoost, CNN, and Stacked LSTM. The… More >

Fatemeh Ahmadi Abkenari^*, Melika Zandi, Shanmugapriya Gopalakrishnan

Journal of Cyber Security, Vol.8, pp. 93-109, 2026, DOI:10.32604/jcs.2026.074197 - 20 January 2026

Abstract Nowadays, cyberattacks are considered a significant threat not only to the reputation of organizations through the theft of customers’ data or reducing operational throughput, but also to their data ownership and the safety and security of their operations. In recent decades, machine learning techniques have been widely employed in cybersecurity research to detect various types of cyberattacks. In the domain of cybersecurity data, and especially in Trojan detection datasets, it is common for datasets to record multiple statistical measures for a single concept. We referred to them as SWMF features in this paper, which include… More >

Yeasul Kim¹, Chaeeun Won¹, Hwankuk Kim^2,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-28, 2026, DOI:10.32604/cmc.2025.069608 - 10 November 2025

Abstract With the increasing emphasis on personal information protection, encryption through security protocols has emerged as a critical requirement in data transmission and reception processes. Nevertheless, IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices, spanning a range of devices from non-encrypted ones to fully encrypted ones. Given the limited visibility into payloads in this context, this study investigates AI-based attack detection methods that leverage encrypted traffic metadata, eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices. Using the UNSW-NB15 and CICIoT-2023 dataset, encrypted and… More >