Abdulgbar A. R. Farea¹, Gehad Abdullah Amran^2,*, Ebraheem Farea³, Amerah Alabrah^4,*, Ahmed A. Abdulraheem⁵, Muhammad Mursil⁶, Mohammed A. A. Al-qaness⁷

CMC-Computers, Materials & Continua, Vol.76, No.3, pp. 3605-3622, 2023, DOI:10.32604/cmc.2023.040121

Abstract E-commerce, online ticketing, online banking, and other web-based applications that handle sensitive data, such as passwords, payment information, and financial information, are widely used. Various web developers may have varying levels of understanding when it comes to securing an online application. Structured Query language SQL injection and cross-site scripting are the two vulnerabilities defined by the Open Web Application Security Project (OWASP) for its 2017 Top Ten List Cross Site Scripting (XSS). An attacker can exploit these two flaws and launch malicious web-based actions as a result of these flaws. Many published articles focused on these attacks’ binary classification. This… More >

Borja Bordel Sánchez^1,*, Ramón Alcarria², Tomás Robles¹

CMC-Computers, Materials & Continua, Vol.76, No.3, pp. 3189-3218, 2023, DOI:10.32604/cmc.2023.039466

Abstract Cyber-Physical Systems are very vulnerable to sparse sensor attacks. But current protection mechanisms employ linear and deterministic models which cannot detect attacks precisely. Therefore, in this paper, we propose a new non-linear generalized model to describe Cyber-Physical Systems. This model includes unknown multivariable discrete and continuous-time functions and different multiplicative noises to represent the evolution of physical processes and random effects in the physical and computational worlds. Besides, the digitalization stage in hardware devices is represented too. Attackers and most critical sparse sensor attacks are described through a stochastic process. The reconstruction and protection mechanisms are based on a weighted… More >

Awny Sayed¹, Sohair Kinlany², Alaa Zaki², Ahmed Mahfouz^2,3,*

CMC-Computers, Materials & Continua, Vol.76, No.3, pp. 3151-3166, 2023, DOI:10.32604/cmc.2023.040256

Abstract Face verification systems are critical in a wide range of applications, such as security systems and biometric authentication. However, these systems are vulnerable to adversarial attacks, which can significantly compromise their accuracy and reliability. Adversarial attacks are designed to deceive the face verification system by adding subtle perturbations to the input images. These perturbations can be imperceptible to the human eye but can cause the system to misclassify or fail to recognize the person in the image. To address this issue, we propose a novel system called VeriFace that comprises two defense mechanisms, adversarial detection, and adversarial removal. The first… More >

Ali Ahmadi Shahrakht¹, Parisa Hajirahimi², Omid Rostami³, Diego Martín^4,*

Intelligent Automation & Soft Computing, Vol.37, No.3, pp. 3059-3081, 2023, DOI:10.32604/iasc.2023.040502

Abstract As the internet of things (IoT) continues to expand rapidly, the significance of its security concerns has grown in recent years. To address these concerns, physical unclonable functions (PUFs) have emerged as valuable tools for enhancing IoT security. PUFs leverage the inherent randomness found in the embedded hardware of IoT devices. However, it has been shown that some PUFs can be modeled by attackers using machine-learning-based approaches. In this paper, a new deep learning (DL)-based modeling attack is introduced to break the resistance of complex XAPUFs. Because training DL models is a problem that falls under the category of NP-hard… More >

Kofi Sarpong Adu-Manu^*, Richard Kwasi Ahiable, Justice Kwame Appati, Ebenezer Essel Mensah

Journal of Cyber Security, Vol.4, No.4, pp. 239-267, 2022, DOI:10.32604/jcs.2023.041095

Abstract Organisations closed their offices and began working from home online to prevent the spread of the COVID-19 virus. This shift in work culture coincided with increased online use during the same period. As a result, the rate of cybercrime has skyrocketed. This study examines the approaches, techniques, and countermeasures of Social Engineering and phishing in this context. The study discusses recent trends in the existing approaches for identifying phishing assaults. We explore social engineering attacks, categorise them into types, and offer both technical and social solutions for countering phishing attacks which makes this paper different from similar works that mainly… More >

Abid Mahboob¹, Muhammad Asif², Rana Muhammad Zulqarnain^3,*, Imran Siddique⁴, Hijaz Ahmad⁵, Sameh Askar⁶, Giovanni Pau⁷

Computer Systems Science and Engineering, Vol.47, No.2, pp. 2547-2562, 2023, DOI:10.32604/csse.2023.040855

Abstract The rapid advancement of data in web-based communication has created one of the biggest issues concerning the security of data carried over the internet from unauthorized access. To improve data security, modern cryptosystems use substitution-boxes. Nowadays, data privacy has become a key concern for consumers who transfer sensitive data from one place to another. To address these problems, many companies rely on cryptographic techniques to secure data from illegal activities and assaults. Among these cryptographic approaches, AES is a well-known algorithm that transforms plain text into cipher text by employing substitution box (S-box). The S-box disguises the relationship between cipher… More >

Bhawna Goyal^1,*, Ayush Dogra², Rahul Khoond¹, Dawa Chyophel Lepcha¹, Vishal Goyal³, Steven L. Fernandes⁴

CMC-Computers, Materials & Continua, Vol.76, No.1, pp. 311-327, 2023, DOI:10.32604/cmc.2023.038398

Abstract The synthesis of visual information from multiple medical imaging inputs to a single fused image without any loss of detail and distortion is known as multimodal medical image fusion. It improves the quality of biomedical images by preserving detailed features to advance the clinical utility of medical imaging meant for the analysis and treatment of medical disorders. This study develops a novel approach to fuse multimodal medical images utilizing anisotropic diffusion (AD) and non-subsampled contourlet transform (NSCT). First, the method employs anisotropic diffusion for decomposing input images to their base and detail layers to coarsely split two features of input… More >

Ouail Mjahed^1,*, Salah El Hadaj¹, El Mahdi El Guarmah^1,2, Soukaina Mjahed¹

Computer Systems Science and Engineering, Vol.47, No.1, pp. 757-775, 2023, DOI:10.32604/csse.2023.039111

Abstract Denial of Service (DoS/DDoS) intrusions are damaging cyber-attacks, and their identification is of great interest to the Intrusion Detection System (IDS). Existing IDS are mainly based on Machine Learning (ML) methods including Deep Neural Networks (DNN), but which are rarely hybridized with other techniques. The intrusion data used are generally imbalanced and contain multiple features. Thus, the proposed approach aims to use a DNN-based method to detect DoS/DDoS attacks using CICIDS2017, CSE-CICIDS2018 and CICDDoS 2019 datasets, according to the following key points. a) Three imbalanced CICIDS2017-2018-2019 datasets, including Benign and DoS/DDoS attack classes, are used. b) A new technique based… More >

Adnan Hasan Bdair Aighuraibawi^1,2, Selvakumar Manickam^1,*, Rosni Abdullah³, Zaid Abdi Alkareem Alyasseri^4,5, Ayman Khallel⁶, Dilovan Asaad Zebari⁹, Hussam Mohammed Jasim⁷, Mazin Mohammed Abed⁸, Zainb Hussein Arif⁷

Computer Systems Science and Engineering, Vol.47, No.1, pp. 553-574, 2023, DOI:10.32604/csse.2023.037948

Abstract Internet Protocol version 6 (IPv6) is the latest version of IP that goal to host 3.4 × 10³⁸ unique IP addresses of devices in the network. IPv6 has introduced new features like Neighbour Discovery Protocol (NDP) and Address Auto-configuration Scheme. IPv6 needed several protocols like the Address Auto-configuration Scheme and Internet Control Message Protocol (ICMPv6). IPv6 is vulnerable to numerous attacks like Denial of Service (DoS) and Distributed Denial of Service (DDoS) which is one of the most dangerous attacks executed through ICMPv6 messages that impose security and financial implications. Therefore, an Intrusion Detection System (IDS) is a monitoring system… More >

S. Sureshkumar^1,*, G .K. D. Prasanna Venkatesan², R. Santhosh³

Computer Systems Science and Engineering, Vol.47, No.1, pp. 1109-1123, 2023, DOI:10.32604/csse.2023.036267

Abstract Cloud computing technology provides flexible, on-demand, and completely controlled computing resources and services are highly desirable. Despite this, with its distributed and dynamic nature and shortcomings in virtualization deployment, the cloud environment is exposed to a wide variety of cyber-attacks and security difficulties. The Intrusion Detection System (IDS) is a specialized security tool that network professionals use for the safety and security of the networks against attacks launched from various sources. DDoS attacks are becoming more frequent and powerful, and their attack pathways are continually changing, which requiring the development of new detection methods. Here the purpose of the study… More >