Isam Bahaa Aldallal¹, Abdullahi Abdu Ibrahim^1,*, Saadaldeen Rashid Ahmed^2,3

CMC-Computers, Materials & Continua, Vol.87, No.1, 2026, DOI:10.32604/cmc.2025.075212 - 10 February 2026

Abstract The rapid growth of IoT networks necessitates efficient Intrusion Detection Systems (IDS) capable of addressing dynamic security threats under constrained resource environments. This paper proposes a hybrid IDS for IoT networks, integrating Support Vector Machine (SVM) and Genetic Algorithm (GA) for feature selection and parameter optimization. The GA reduces the feature set from 41 to 7, achieving a 30% reduction in overhead while maintaining an attack detection rate of 98.79%. Evaluated on the NSL-KDD dataset, the system demonstrates an accuracy of 97.36%, a recall of 98.42%, and an F1-score of 96.67%, with a low false More >

Noura Mohammed Alaskar¹, Muzammil Hussain², Saif Jasim Almheiri¹, Atta-ur-Rahman³, Adnan Khan^4,5,6, Khan M. Adnan^7,*

CMC-Computers, Materials & Continua, Vol.87, No.1, 2026, DOI:10.32604/cmc.2025.074041 - 10 February 2026

Abstract The increasing number of interconnected devices and the incorporation of smart technology into contemporary healthcare systems have significantly raised the attack surface of cyber threats. The early detection of threats is both necessary and complex, yet these interconnected healthcare settings generate enormous amounts of heterogeneous data. Traditional Intrusion Detection Systems (IDS), which are generally centralized and machine learning-based, often fail to address the rapidly changing nature of cyberattacks and are challenged by ethical concerns related to patient data privacy. Moreover, traditional AI-driven IDS usually face challenges in handling large-scale, heterogeneous healthcare data while ensuring data… More >

Qasem Abu Al-Haija^1,*, Shahad Al Tamimi²

CMC-Computers, Materials & Continua, Vol.87, No.1, 2026, DOI:10.32604/cmc.2025.073540 - 10 February 2026

Abstract Adversarial Reinforcement Learning (ARL) models for intelligent devices and Network Intrusion Detection Systems (NIDS) improve system resilience against sophisticated cyber-attacks. As a core component of ARL, Adversarial Training (AT) enables NIDS agents to discover and prevent new attack paths by exposing them to competing examples, thereby increasing detection accuracy, reducing False Positives (FPs), and enhancing network security. To develop robust decision-making capabilities for real-world network disruptions and hostile activity, NIDS agents are trained in adversarial scenarios to monitor the current state and notify management of any abnormal or malicious activity. The accuracy and timeliness of… More >

Kirubavathi Ganapathiyappan¹, Chahana Ravikumar¹, Raghul Alagunachimuthu Ranganayaki¹, Ayman Altameem², Ateeq Ur Rehman^3,*, Ahmad Almogren^4,*

CMC-Computers, Materials & Continua, Vol.87, No.1, 2026, DOI:10.32604/cmc.2025.072840 - 10 February 2026

Abstract Android smartphones have become an integral part of our daily lives, becoming targets for ransomware attacks. Such attacks encrypt user information and ask for payment to recover it. Conventional detection mechanisms, such as signature-based and heuristic techniques, often fail to detect new and polymorphic ransomware samples. To address this challenge, we employed various ensemble classifiers, such as Random Forest, Gradient Boosting, Bagging, and AutoML models. We aimed to showcase how AutoML can automate processes such as model selection, feature engineering, and hyperparameter optimization, to minimize manual effort while ensuring or enhancing performance compared to traditional… More >

Tong Wu, Dawei Zhou, Qingyu Ou^*, Fang Luo

CMC-Computers, Materials & Continua, Vol.86, No.3, 2026, DOI:10.32604/cmc.2025.073482 - 12 January 2026

Abstract The increasing interconnection of modern industrial control systems (ICSs) with the Internet has enhanced operational efficiency, but also made these systems more vulnerable to cyberattacks. This heightened exposure has driven a growing need for robust ICS security measures. Among the key defences, intrusion detection technology is critical in identifying threats to ICS networks. This paper provides an overview of the distinctive characteristics of ICS network security, highlighting standard attack methods. It then examines various intrusion detection methods, including those based on misuse detection, anomaly detection, machine learning, and specialised requirements. This paper concludes by exploring More >

Misbah Anwer^1,*, Ghufran Ahmed¹, Maha Abdelhaq², Raed Alsaqour³, Shahid Hussain⁴, Adnan Akhunzada^5,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-15, 2026, DOI:10.32604/cmc.2025.068673 - 10 November 2025

Abstract The exponential growth of the Internet of Things (IoT) has introduced significant security challenges, with zero-day attacks emerging as one of the most critical and challenging threats. Traditional Machine Learning (ML) and Deep Learning (DL) techniques have demonstrated promising early detection capabilities. However, their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints, high computational costs, and the costly time-intensive process of data labeling. To address these challenges, this study proposes a Federated Learning (FL) framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in… More >

Wanwei Huang^1,*, Huicong Yu¹, Jiawei Ren², Kun Wang³, Yanbu Guo¹, Lifeng Jin⁴

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-24, 2026, DOI:10.32604/cmc.2025.068493 - 10 November 2025

Abstract Existing feature selection methods for intrusion detection systems in the Industrial Internet of Things often suffer from local optimality and high computational complexity. These challenges hinder traditional IDS from effectively extracting features while maintaining detection accuracy. This paper proposes an industrial Internet of Things intrusion detection feature selection algorithm based on an improved whale optimization algorithm (GSLDWOA). The aim is to address the problems that feature selection algorithms under high-dimensional data are prone to, such as local optimality, long detection time, and reduced accuracy. First, the initial population’s diversity is increased using the Gaussian Mutation More >

Chaonan Xin^*, Keqing Xu

Journal of Cyber Security, Vol.7, pp. 483-503, 2025, DOI:10.32604/jcs.2025.071627 - 28 November 2025

Abstract Intrusion Detection Systems (IDS) have achieved high accuracy on benchmark datasets, yet models often fail to generalize across different network environments. In this paper, we propose Transformer-IDS, a transformer-based network intrusion detection model designed for cross-dataset generalization. The model incorporates a classification token, multi-head self-attention, and embedding layers to learn versatile features, and it introduces a calibration module and an AUC-oriented optimization objective to improve reliability and ranking performance. We evaluate Transformer-IDS on three prominent datasets (NSL-KDD, UNSW-NB15, CIC-IDS2017) in both within-dataset and cross-dataset scenarios. Results demonstrate that while conventional deep IDS models (e.g., CNN-LSTM More >

I Wayan Adi Juliawan Pawana^1,2, Vincent Abella², Jhury Kevin Lastre², Yongho Ko², Ilsun You^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.2, pp. 2733-2760, 2025, DOI:10.32604/cmes.2025.072611 - 26 November 2025

Abstract Roaming in 5G networks enables seamless global mobility but also introduces significant security risks due to legacy protocol dependencies, uneven Security Edge Protection Proxy (SEPP) deployment, and the dynamic nature of inter-Public Land Mobile Network (inter-PLMN) signaling. Traditional rule-based defenses are inadequate for protecting cloud-native 5G core networks, particularly as roaming expands into enterprise and Internet of Things (IoT) domains. This work addresses these challenges by designing a scalable 5G Standalone testbed, generating the first intrusion detection dataset specifically tailored to roaming threats, and proposing a deep learning based intrusion detection framework for cloud-native environments.… More > Graphic Abstract

Mona Almofarreh¹, Amnah Alshahrani², Nouf Helal Alharbi³, Ahmed Omer Ahmed⁴, Hussain Alshahrani⁵, Abdulrahman Alzahrani^6,*, Mohammed Mujib Alshahrani⁷, Asma A. Alhashmi⁸

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.2, pp. 2631-2656, 2025, DOI:10.32604/cmes.2025.070545 - 26 November 2025

Abstract Zero-day attacks use unknown vulnerabilities that prevent being identified by cybersecurity detection tools. This study indicates that zero-day attacks have a significant impact on computer security. A conventional signature-based detection algorithm is not efficient at recognizing zero-day attacks, as the signatures of zero-day attacks are usually not previously accessible. A machine learning (ML)-based detection algorithm is proficient in capturing statistical features of attacks and, therefore, optimistic for zero-day attack detection. ML and deep learning (DL) are employed for designing intrusion detection systems. The improvement of absolute varieties of novel cyberattacks poses significant challenges for IDS… More >