Seulki Han¹, Sangho Son², Won Sakong², Haemin Jung^3,*

CMC-Computers, Materials & Continua, Vol.85, No.2, pp. 2893-2912, 2025, DOI:10.32604/cmc.2025.067211 - 23 September 2025

Abstract As cyber threats become increasingly sophisticated, Distributed Denial-of-Service (DDoS) attacks continue to pose a serious threat to network infrastructure, often disrupting critical services through overwhelming traffic. Although unsupervised anomaly detection using convolutional autoencoders (CAEs) has gained attention for its ability to model normal network behavior without requiring labeled data, conventional CAEs struggle to effectively distinguish between normal and attack traffic due to over-generalized reconstructions and naive anomaly scoring. To address these limitations, we propose CA-CAE, a novel anomaly detection framework designed to improve DDoS detection through asymmetric joint reconstruction learning and refined anomaly scoring. Our… More >

Mohammad Nowsin Amin Sheikh^1,2,*, Muhammad Saibtain Raza¹, I-Shyan Hwang^1,*, Md. Alamgir Hossain³, Ihsan Ullah¹, Tahmid Hasan⁴, Mohammad Syuhaimi Ab-Rahman⁵

CMC-Computers, Materials & Continua, Vol.85, No.2, pp. 4043-4066, 2025, DOI:10.32604/cmc.2025.065850 - 23 September 2025

Abstract The rapid advancement of the Internet of Things (IoT) has heightened the importance of security, with a notable increase in Distributed Denial-of-Service (DDoS) attacks targeting IoT devices. Network security specialists face the challenge of producing systems to identify and offset these attacks. This research manages IoT security through the emerging Software-Defined Networking (SDN) standard by developing a unified framework (RNN-RYU). We thoroughly assess multiple deep learning frameworks, including Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM), Feed-Forward Convolutional Neural Network (FFCNN), and Recurrent Neural Network (RNN), and present the novel usage of Synthetic Minority Over-Sampling More >

Junzhe Cheng^*

Journal of Cyber Security, Vol.7, pp. 343-357, 2025, DOI:10.32604/jcs.2025.067979 - 22 September 2025

Abstract We present a novel Transformer-based network intrusion detection system (IDS) that automatically learns complex feature relationships from raw traffic. Our architecture embeds both categorical (e.g., protocol, flag) and numerical (e.g., packet count, duration) inputs into a unified latent space with positional encodings, and processes them through multi-layer multi-head self-attention blocks. The Transformer’s global attention enables the IDS to capture subtle, long-range correlations in the data (e.g., coordinated multi-step attacks) without manual feature engineering. We complement the model with extensive data augmentation (SMOTE, GANs) to mitigate class imbalance and improve robustness. In evaluation on benchmark datasets… More >

Singamaneni Krishnapriya^1,2,*, Sukhvinder Singh¹

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.2, pp. 1849-1881, 2025, DOI:10.32604/cmes.2025.068326 - 31 August 2025

Abstract The explosive expansion of the Internet of Things (IoT) systems has increased the imperative to have strong and robust solutions to cyber Security, especially to curtail Distributed Denial of Service (DDoS) attacks, which can cripple critical infrastructure. The proposed framework presented in the current paper is a new hybrid scheme that induces deep learning-based traffic classification and blockchain-enabled mitigation to make intelligent, decentralized, and real-time DDoS countermeasures in an IoT network. The proposed model fuses the extracted deep features with statistical features and trains them by using traditional machine-learning algorithms, which makes them more accurate… More > Graphic Abstract

Tamara Zhukabayeva^1,2,*, Vasily Desnitsky³, Assel Abdildayeva^1,4

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.2, pp. 2591-2625, 2025, DOI:10.32604/cmes.2025.067142 - 31 August 2025

Abstract Wireless Sensor Networks (WSN) have gained significant attention over recent years due to their extensive applications in various domains such as environmental monitoring, healthcare systems, industrial automation, and smart cities. However, such networks are inherently vulnerable to different types of attacks because they operate in open environments with limited resources and constrained communication capabilities. The paper addresses challenges related to modeling and analysis of wireless sensor networks and their susceptibility to attacks. Its objective is to create versatile modeling tools capable of detecting attacks against network devices and identifying anomalies caused either by legitimate user… More >

Prasanalakshmi Balaji^1,2, Sangita Babu³, Maode Ma⁴, Zhaoxi Fang², Syarifah Bahiyah Rahayu^5,6,*, Mariyam Aysha Bivi¹, Mahaveerakannan Renganathan⁷

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 5831-5858, 2025, DOI:10.32604/cmc.2025.065260 - 30 July 2025

Abstract The rapid progression of the Internet of Things (IoT) technology enables its application across various sectors. However, IoT devices typically acquire inadequate computing power and user interfaces, making them susceptible to security threats. One significant risk to cloud networks is Distributed Denial-of-Service (DoS) attacks, where attackers aim to overcome a target system with excessive data and requests. Among these, low-rate DoS (LR-DoS) attacks present a particular challenge to detection. By sending bursts of attacks at irregular intervals, LR-DoS significantly degrades the targeted system’s Quality of Service (QoS). The low-rate nature of these attacks confuses their… More >

Atena Shiranzaei^1,*, Emad Alizadeh², Mahdi Rabbani³, Sajjad Bagheri Baba Ahmadi^4,*, Mohsen Tajgardan⁵

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 5381-5402, 2025, DOI:10.32604/cmc.2025.064414 - 30 July 2025

Abstract The sinkhole attack is one of the most damaging threats in the Internet of Things (IoT). It deceptively attracts neighboring nodes and initiates malicious activity, often disrupting the network when combined with other attacks. This study proposes a novel approach, named NADSA, to detect and isolate sinkhole attacks. NADSA is based on the RPL protocol and consists of two detection phases. In the first phase, the minimum possible hop count between the sender and receiver is calculated and compared with the sender’s reported hop count. The second phase utilizes the number of DIO messages to More >

Hanqing Sun¹, Xue Li^2,*, Qiyuan Fan³, Puming Wang³

CMC-Computers, Materials & Continua, Vol.84, No.1, pp. 1659-1679, 2025, DOI:10.32604/cmc.2025.061426 - 09 June 2025

Abstract The era of big data brings new challenges for information network systems (INS), simultaneously offering unprecedented opportunities for advancing intelligent intrusion detection systems. In this work, we propose a data-driven intrusion detection system for Distributed Denial of Service (DDoS) attack detection. The system focuses on intrusion detection from a big data perceptive. As intelligent information processing methods, big data and artificial intelligence have been widely used in information systems. The INS system is an important information system in cyberspace. In advanced INS systems, the network architectures have become more complex. And the smart devices in… More >

Hongyang Wang^1,2, Yichen Shi³, Jun Feng^1,2,*, Zitong Yu⁴, Zhuofu Tao⁵

CMC-Computers, Materials & Continua, Vol.83, No.2, pp. 3097-3112, 2025, DOI:10.32604/cmc.2025.061019 - 16 April 2025

Abstract Face Presentation Attack Detection (fPAD) plays a vital role in securing face recognition systems against various presentation attacks. While supervised learning-based methods demonstrate effectiveness, they are prone to overfitting to known attack types and struggle to generalize to novel attack scenarios. Recent studies have explored formulating fPAD as an anomaly detection problem or one-class classification task, enabling the training of generalized models for unknown attack detection. However, conventional anomaly detection approaches encounter difficulties in precisely delineating the boundary between bonafide samples and unknown attacks. To address this challenge, we propose a novel framework focusing on… More >

Chin-Shiuh Shieh¹, Thanh-Lam Nguyen¹, Thanh-Tuan Nguyen^2,*, Mong-Fong Horng^1,*

CMC-Computers, Materials & Continua, Vol.82, No.3, pp. 4881-4912, 2025, DOI:10.32604/cmc.2025.061001 - 06 March 2025

Abstract DDoS attacks represent one of the most pervasive and evolving threats in cybersecurity, capable of crippling critical infrastructures and disrupting services globally. As networks continue to expand and threats become more sophisticated, there is an urgent need for Intrusion Detection Systems (IDS) capable of handling these challenges effectively. Traditional IDS models frequently have difficulties in detecting new or changing attack patterns since they heavily depend on existing characteristics. This paper presents a novel approach for detecting unknown Distributed Denial of Service (DDoS) attacks by integrating Sliced Iterative Normalizing Flows (SINF) into IDS. SINF utilizes the… More >