Alaa Mahmood, İsa Avcı^*

Computer Systems Science and Engineering, Vol.49, pp. 401-417, 2025, DOI:10.32604/csse.2025.062413 - 25 April 2025

Abstract A Distributed Denial-of-Service (DDoS) attack poses a significant challenge in the digital age, disrupting online services with operational and financial consequences. Detecting such attacks requires innovative and effective solutions. The primary challenge lies in selecting the best among several DDoS detection models. This study presents a framework that combines several DDoS detection models and Multiple-Criteria Decision-Making (MCDM) techniques to compare and select the most effective models. The framework integrates a decision matrix from training several models on the CiC-DDOS2019 dataset with Fuzzy Weighted Zero Inconsistency Criterion (FWZIC) and Multi-Attribute Boundary Approximation Area Comparison (MABAC) methodologies.… More >

Mozhgan Gholami¹, Ali Ghaffari^1,2,3,*, Nahideh Derakhshanfard¹, Nadir iBRAHIMOĞLU⁴, Ali Asghar Pourhaji Kazem²

CMC-Computers, Materials & Continua, Vol.83, No.2, pp. 1561-1605, 2025, DOI:10.32604/cmc.2025.063304 - 16 April 2025

Abstract The Internet has been enhanced recently by blockchain and Internet of Things (IoT) networks. The Internet of Things is a network of various sensor-equipped devices. It gradually integrates the Internet, sensors, and cloud computing. Blockchain is based on encryption algorithms, which are shared database technologies on the Internet. Blockchain technology has grown significantly because of its features, such as flexibility, support for integration, anonymity, decentralization, and independent control. Computational nodes in the blockchain network are used to verify online transactions. However, this integration creates scalability, interoperability, and security challenges. Over the last decade, several advancements… More >

Federica Uccello^1,2, Marek Pawlicki^3,4, Salvatore D'Antonio¹, Rafał Kozik^3,4, Michał Choraś^3,4,*

CMC-Computers, Materials & Continua, Vol.83, No.2, pp. 1607-1621, 2025, DOI:10.32604/cmc.2025.062801 - 16 April 2025

Abstract The growing sophistication of cyberthreats, among others the Distributed Denial of Service attacks, has exposed limitations in traditional rule-based Security Information and Event Management systems. While machine learning–based intrusion detection systems can capture complex network behaviours, their “black-box” nature often limits trust and actionable insight for security operators. This study introduces a novel approach that integrates Explainable Artificial Intelligence—xAI—with the Random Forest classifier to derive human-interpretable rules, thereby enhancing the detection of Distributed Denial of Service (DDoS) attacks. The proposed framework combines traditional static rule formulation with advanced xAI techniques—SHapley Additive exPlanations and Scoped Rules More >

Huiyao Dong¹, Igor Kotenko^2,*

CMC-Computers, Materials & Continua, Vol.82, No.3, pp. 4263-4285, 2025, DOI:10.32604/cmc.2025.062439 - 06 March 2025

Abstract The growing complexity of cyber threats requires innovative machine learning techniques, and image-based malware classification opens up new possibilities. Meanwhile, existing research has largely overlooked the impact of noise and obfuscation techniques commonly employed by malware authors to evade detection, and there is a critical gap in using noise simulation as a means of replicating real-world malware obfuscation techniques and adopting denoising framework to counteract these challenges. This study introduces an image denoising technique based on a U-Net combined with a GAN framework to address noise interference and obfuscation challenges in image-based malware analysis. The… More >

Chin-Shiuh Shieh¹, Thanh-Lam Nguyen¹, Thanh-Tuan Nguyen^2,*, Mong-Fong Horng^1,*

CMC-Computers, Materials & Continua, Vol.82, No.3, pp. 4881-4912, 2025, DOI:10.32604/cmc.2025.061001 - 06 March 2025

Abstract DDoS attacks represent one of the most pervasive and evolving threats in cybersecurity, capable of crippling critical infrastructures and disrupting services globally. As networks continue to expand and threats become more sophisticated, there is an urgent need for Intrusion Detection Systems (IDS) capable of handling these challenges effectively. Traditional IDS models frequently have difficulties in detecting new or changing attack patterns since they heavily depend on existing characteristics. This paper presents a novel approach for detecting unknown Distributed Denial of Service (DDoS) attacks by integrating Sliced Iterative Normalizing Flows (SINF) into IDS. SINF utilizes the… More >

Stefan Ćirković¹, Vladimir Mladenović¹, Siniša Tomić², Dalibor Drljača², Olga Ristić^1,*

CMC-Computers, Materials & Continua, Vol.82, No.3, pp. 4409-4430, 2025, DOI:10.32604/cmc.2025.059696 - 06 March 2025

Abstract With the increasing use of web applications, challenges in the field of cybersecurity are becoming more complex. This paper explores the application of fine-tuned large language models (LLMs) for the automatic generation of synthetic attacks, including XSS (Cross-Site Scripting), SQL Injections, and Command Injections. A web application has been developed that allows penetration testers to quickly generate high-quality payloads without the need for in-depth knowledge of artificial intelligence. The fine-tuned language model demonstrates the capability to produce synthetic payloads that closely resemble real-world attacks. This approach not only improves the model’s precision and dependability but… More >

Yongjun Ren¹, Zhiming Wang¹, Pradip Kumar Sharma², Fayez Alqahtani³, Amr Tolba⁴, Jin Wang^5,*

CMC-Computers, Materials & Continua, Vol.82, No.2, pp. 1593-1613, 2025, DOI:10.32604/cmc.2025.059170 - 17 February 2025

Abstract In the context of an increasingly severe cybersecurity landscape and the growing complexity of offensive and defensive techniques, Zero Trust Networks (ZTN) have emerged as a widely recognized technology. Zero Trust not only addresses the shortcomings of traditional perimeter security models but also consistently follows the fundamental principle of “never trust, always verify.” Initially proposed by John Cortez in 2010 and subsequently promoted by Google, the Zero Trust model has become a key approach to addressing the ever-growing security threats in complex network environments. This paper systematically compares the current mainstream cybersecurity models, thoroughly explores More >

Reshma Siyal¹, Muhammad Asim^2,*, Long Jun¹, Mohammed Elaffendi², Sundas Iftikhar³, Rana Alnashwan⁴, Samia Allaoua Chelloug^4,*

CMC-Computers, Materials & Continua, Vol.82, No.2, pp. 2637-2664, 2025, DOI:10.32604/cmc.2025.058717 - 17 February 2025

Abstract A basic procedure for transforming readable data into encoded forms is encryption, which ensures security when the right decryption keys are used. Hadoop is susceptible to possible cyber-attacks because it lacks built-in security measures, even though it can effectively handle and store enormous datasets using the Hadoop Distributed File System (HDFS). The increasing number of data breaches emphasizes how urgently creative encryption techniques are needed in cloud-based big data settings. This paper presents Adaptive Attribute-Based Honey Encryption (AABHE), a state-of-the-art technique that combines honey encryption with Ciphertext-Policy Attribute-Based Encryption (CP-ABE) to provide improved data security. More >

Muhammad Armghan Latif¹, Zohaib Mushtaq^2,*, Saifur Rahman³, Saad Arif⁴, Salim Nasar Faraj Mursal³, Muhammad Irfan³, Haris Aziz⁵

CMES-Computer Modeling in Engineering & Sciences, Vol.142, No.2, pp. 1667-1695, 2025, DOI:10.32604/cmes.2024.056850 - 27 January 2025

Abstract Ransomware attacks pose a significant threat to critical infrastructures, demanding robust detection mechanisms. This study introduces a hybrid model that combines vision transformer (ViT) and one-dimensional convolutional neural network (1DCNN) architectures to enhance ransomware detection capabilities. Addressing common challenges in ransomware detection, particularly dataset class imbalance, the synthetic minority oversampling technique (SMOTE) is employed to generate synthetic samples for minority class, thereby improving detection accuracy. The integration of ViT and 1DCNN through feature fusion enables the model to capture both global contextual and local sequential features, resulting in comprehensive ransomware classification. Tested on the UNSW-NB15 More >

Saad Awadh Alanazi^*

CMC-Computers, Materials & Continua, Vol.81, No.3, pp. 4049-4080, 2024, DOI:10.32604/cmc.2024.057211 - 19 December 2024

Abstract Spear Phishing Attacks (SPAs) pose a significant threat to the healthcare sector, resulting in data breaches, financial losses, and compromised patient confidentiality. Traditional defenses, such as firewalls and antivirus software, often fail to counter these sophisticated attacks, which target human vulnerabilities. To strengthen defenses, healthcare organizations are increasingly adopting Machine Learning (ML) techniques. ML-based SPA defenses use advanced algorithms to analyze various features, including email content, sender behavior, and attachments, to detect potential threats. This capability enables proactive security measures that address risks in real-time. The interpretability of ML models fosters trust and allows security… More >