Abdullah Alshammari^*

CMC-Computers, Materials & Continua, Vol.88, No.1, 2026, DOI:10.32604/cmc.2026.078634 - 08 May 2026

Abstract The proliferation of Internet of Things (IoT) devices in the infrastructure of smart cities has posed cybersecurity risks like never before, which have direct implications on the sustainability and energy consumption of cities. In this paper, a multi-faceted Threat-Resilient Energy-Conscious Security Framework (TRECSF) is introduced that combines intrusion detection methods powered by deep learning, blockchain-driven data integrity verification mechanism, and energy-aware security protocols in smart city ecosystems to achieve their sustainability. The new Hybrid Convolutional Neural Network-Long Short-Term Memory (CNN-LSTM) model is introduced to the proposed architecture, which fulfills the purpose of the study to… More >

Nader Karmous¹, Leila Bousbia¹, Mohamed Ould-Elhassen Aoueileyine¹, Imen Filali^2,*, Ridha Bouallegue¹

CMC-Computers, Materials & Continua, Vol.88, No.1, 2026, DOI:10.32604/cmc.2026.077454 - 08 May 2026

Abstract This study proposes an intelligent Intrusion Detection and Prevention System (IDPS) integrated into a centralized Ryu Software-Defined Networking (SDN) controller to mitigate replay attacks within Internet of Things (IoT) environments. To address the scarcity of specialized datasets, a comprehensive dataset was generated using a real-time SDN-IoT testbed encompassing Mininet, multiple OpenFlow 1.3 switches, and a single Ryu controller. The experimental setup featured the exchange of legitimate and malicious Message Queuing Telemetry Transport (MQTT) traffic between hosts and IoT devices to simulate realistic network behaviors and attack vectors. Our methodology introduces a novel feature engineering framework… More >

Amani Al-Ajlan, Lama Almelaifi, Remas Alharbi, Shahad Al-Hussain, Fay Alfarraj, Najwa Altwaijry, Isra Al-Turaiki^*

CMC-Computers, Materials & Continua, Vol.88, No.1, 2026, DOI:10.32604/cmc.2026.076992 - 08 May 2026

Abstract Phishing emails are an increasing threat to both individuals and organizations, demanding more sophisticated methods of detection beyond traditional blacklisting and heuristic techniques. One of the main challenges in phishing detection is the limited availability of high-quality phishing datasets. To address this issue, we use generative AI to create synthetic emails that help reduce class imbalance, improve model generalization, and overcome data scarcity. We employ a large language model, DeepSeek-7B-Chat, to generate realistic and context-aware phishing and non-phishing emails. Through prompt engineering and fine-tuning, the model produces diverse and modern phishing-style emails that strengthen phishing… More >

Sarmad Dheyaa Azeez¹, Saadaldeen Rashid Ahmed^2,3, Muhammad Ilyas^4,*, Abu Saleh Musa Miah⁵, Fahmid Al Farid^6,7,*, Md. Hezerul Abdul Karim^6,*

CMC-Computers, Materials & Continua, Vol.88, No.1, 2026, DOI:10.32604/cmc.2026.076283 - 08 May 2026

Abstract Traditional Intrusion Detection Systems (IDSs) that rely on fixed signatures or basic machine learning often struggle with sophisticated, multi-stage cyberattacks and previously unknown threats. To fix these problems, this paper introduces IntrusionNet, a mixed deep learning system that combines Convolutional Neural Networks (CNN), Recurrent Neural Networks (RNN), and Autoencoders in a two-part design. Differing from typical stacked models, IntrusionNet works on two levels at the same time. First, a supervised CNN-RNN process pulls spatial-temporal data from traffic flows to sort well-known attack patterns. Second, an unsupervised Autoencoder process spots new anomalies by looking at reconstruction… More >

Hamed Alqahtani¹, Gulshan Kumar^2,*

CMC-Computers, Materials & Continua, Vol.87, No.3, 2026, DOI:10.32604/cmc.2026.077367 - 09 April 2026

Abstract Large Language Models (LLMs) are becoming integral components of modern cybersecurity ecosystems, simultaneously strengthening defensive capabilities while giving rise to a new class of Artificial Intelligence–Generated Content (AIGC)-driven threats. This PRISMA-guided systematic review synthesises 167 peer-reviewed studies published between 2022 and 2025 and proposes a unified threat–defence–evaluation taxonomy as a central analytical framework to consolidate a previously fragmented body of research. Guided by this taxonomy, the review first examines AIGC-enabled threats, including automated and highly personalised phishing, polymorphic malware and exploit generation, jailbreak and adversarial prompting, prompt-injection attack vectors, multimodal deception, persona-steering attacks, and large-scale… More >

Jaeho Hwang¹, Moohong Min^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.146, No.3, 2026, DOI:10.32604/cmes.2026.078940 - 30 March 2026

Abstract Illicit web ecosystems, encompassing phishing, illegal online gambling, scam platforms, and malicious advertising, have rapidly expanded in scale and complexity, creating severe social, financial, and cybersecurity risks. Traditional rule-based and blacklist-driven detection approaches struggle to cope with polymorphic, multilingual, and adversarially manipulated threats, resulting in increasing demand for Artificial Intelligence (AI)-based solutions. This review provides a comprehensive synthesis of research on AI-driven threat detection for illicit web environments. It surveys detection models across multiple modalities, including text-based analysis of Uniform Resource Locator (URL) and HyperText Markup Language (HTML), vision-based recognition of webpage layouts and logos,… More >

M. Mohsin Raza^1,#, Muhammad Umair^1,#, Imran Arshad Choudhry¹, Muhammad Qasim¹, Muhammad Tahir Naseem^2,*, Mamoona Naveed Asghar³, Daniel Gavilanes^4,5,6,7, Manuel Masias Vergara^4,8,9, Imran Ashraf^10,*

CMES-Computer Modeling in Engineering & Sciences, Vol.146, No.3, 2026, DOI:10.32604/cmes.2025.074164 - 30 March 2026

Abstract Over the past decade, the landscape of cybersecurity has been increasingly shaped by the growing sophistication and frequency of malware attacks. Traditional detection techniques, while still in use, often fall short when confronted with modern threats that use advanced evasion strategies. This systematic review critically examines recent developments in malware detection, with a particular emphasis on the role of artificial intelligence (AI) and machine learning (ML) in enhancing detection capabilities. Drawing on literature published between 2019 and 2025, this study reviews 105 peer-reviewed contributions from prominent digital libraries including IEEE Xplore, SpringerLink, ScienceDirect, and ACM… More >

Faisal Albalwy^1,*, Muhannad Almohaimeed²

CMC-Computers, Materials & Continua, Vol.87, No.2, 2026, DOI:10.32604/cmc.2025.075098 - 12 March 2026

Abstract Intrusion detection in Internet of Things (IoT) environments presents challenges due to heterogeneous devices, diverse attack vectors, and highly imbalanced datasets. Existing research on the ToN-IoT dataset has largely emphasized binary classification and single-model pipelines, which often show strong performance but limited generalizability, probabilistic reliability, and operational interpretability. This study proposes a stacked ensemble deep learning framework that integrates random forest, extreme gradient boosting, and a deep neural network as base learners, with CatBoost as the meta-learner. On the ToN-IoT Linux process dataset, the model achieved near-perfect discrimination (macro area under the curve = 0.998),… More >

Wajdan Al Malwi¹, Fatima Asiri¹, Nazik Alturki², Noha Alnazzawi³, Dimitrios Kasimatis⁴, Nikolaos Pitropakis^5,*

CMC-Computers, Materials & Continua, Vol.87, No.2, 2026, DOI:10.32604/cmc.2026.074274 - 12 March 2026

Abstract The expansion of 5G-enabled Internet of Things (IoT) networks, while enabling transformative applications, significantly increases the attack surface and necessitates security solutions that extend beyond traditional intrusion detection. Existing intrusion detection systems (IDSs) mainly operate in an open-loop manner, excelling at classification but lacking the ability for autonomous, safety-aware remediation. This gap is particularly critical in 5G environments, where manual intervention is too slow and naive automation can lead to severe service disruptions. To address this issue, we propose a novel Self-Healing Intrusion Detection System (SH-IDS) framework that develops a closed-loop cyber defense mechanism. The… More >

Anfeng Yang, Fei Kang, Wenjuan Bu^*

CMC-Computers, Materials & Continua, Vol.87, No.2, 2026, DOI:10.32604/cmc.2025.073979 - 12 March 2026

Abstract Large language models (LLMs) have demonstrated significant capabilities in semantic understanding and code generation. However, cybersecurity tasks often require prompting the adaptation of open-source models to this domain. Despite their effectiveness, large-parameter LLMs incur substantial memory usage and runtime costs during task inference and downstream fine-tuning for cybersecurity applications. In this study, we fine-tuned six LLMs with parameters under 4 billion using LoRA (Low-Rank Adaptation) on specific cybersecurity instruction datasets, employing evaluation metrics similar to Hackmentor. Results indicate that post-fine-tuning, smaller models achieved victory or parity rates up to 85% against larger models like Qwen-1.5-14B… More >