Kirubavathi Ganapathiyappan^1,*, Kiruba Marimuthu Eswaramoorthy¹, Abi Thangamuthu Shanthamani¹, Aksaya Venugopal¹, Asita Pon Bhavya Iyyappan¹, Thilaga Manickam¹, Ateeq Ur Rehman^2,*, Habib Hamam^3,4,5,6

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-31, 2026, DOI:10.32604/cmc.2025.070067 - 09 December 2025

Abstract The growing use of Portable Document Format (PDF) files across various sectors such as education, government, and business has inadvertently turned them into a major target for cyberattacks. Cybercriminals take advantage of the inherent flexibility and layered structure of PDFs to inject malicious content, often employing advanced obfuscation techniques to evade detection by traditional signature-based security systems. These conventional methods are no longer adequate, especially against sophisticated threats like zero-day exploits and polymorphic malware. In response to these challenges, this study introduces a machine learning-based detection framework specifically designed to combat such threats. Central to… More >

Kirubavathi Ganapathiyappan¹, Heba G. Mohamed², Abhishek Yadav¹, Guru Akshya Chinnaswamy¹, Ateeq Ur Rehman^3,*, Habib Hamam^4,5,6,7

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-18, 2026, DOI:10.32604/cmc.2025.069951 - 09 December 2025

Abstract The escalating complexity of modern malware continues to undermine the effectiveness of traditional signature-based detection techniques, which are often unable to adapt to rapidly evolving attack patterns. To address these challenges, this study proposes X-MalNet, a lightweight Convolutional Neural Network (CNN) framework designed for static malware classification through image-based representations of binary executables. By converting malware binaries into grayscale images, the model extracts distinctive structural and texture-level features that signify malicious intent, thereby eliminating the dependence on manual feature engineering or dynamic behavioral analysis. Built upon a modified AlexNet architecture, X-MalNet employs transfer learning to… More >

Boyan Cui^1,2, Huijuan Wang^1,*, Yongjun Qi^1,*, Hongce Chen¹, Quanbo Yuan^1,3, Dongran Liu¹, Xuehua Zhou¹

CMC-Computers, Materials & Continua, Vol.85, No.3, pp. 5531-5553, 2025, DOI:10.32604/cmc.2025.070101 - 23 October 2025

Abstract The proliferation of malware and the emergence of adversarial samples pose severe threats to global cybersecurity, demanding robust detection mechanisms. Traditional malware detection methods suffer from limited feature extraction capabilities, while existing Vision Transformer (ViT)-based approaches face high computational complexity due to global self-attention, hindering their efficiency in handling large-scale image data. To address these issues, this paper proposes a novel hybrid enhanced Vision Transformer architecture, HERL-ViT, tailored for malware detection. The detection framework involves five phases: malware image visualization, image segmentation with patch embedding, regional-local attention-based feature extraction, enhanced feature transformation, and classification. Methodologically,… More >

Madini O. Alassafi, Syed Hamid Hasan^*

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.2, pp. 2627-2645, 2025, DOI:10.32604/cmes.2025.064926 - 31 August 2025

Abstract Over the past few years, Malware attacks have become more and more widespread, posing threats to digital assets throughout the world. Although numerous methods have been developed to detect malicious attacks, these malware detection techniques need to be more efficient in detecting new and progressively sophisticated variants of malware. Therefore, the development of more advanced and accurate techniques is necessary for malware detection. This paper introduces a comprehensive Dual-Channel Attention Deep Bidirectional Long Short-Term Memory (DCA-DBiLSTM) model for malware detection and risk mitigation. The Dual Channel Attention (DCA) mechanism improves the model’s capability to concentrate… More >

Asad Iqbal¹, Mehdi Hussain^1,*, Qaiser Riaz¹, Madiha Khalid¹, Rafia Mumtaz¹, Ki-Hyun Jung^2,*

CMC-Computers, Materials & Continua, Vol.85, No.1, pp. 1693-1714, 2025, DOI:10.32604/cmc.2025.064260 - 29 August 2025

Abstract Ransomware, particularly crypto-ransomware, remains a significant cybersecurity challenge, encrypting victim data and demanding a ransom, often leaving the data irretrievable even if payment is made. This study proposes an early detection approach to mitigate such threats by identifying ransomware activity before the encryption process begins. The approach employs a two-tiered approach: a signature-based method using hashing techniques to match known threats and a dynamic behavior-based analysis leveraging Cuckoo Sandbox and machine learning algorithms. A critical feature is the integration of the most effective Application Programming Interface call monitoring, which analyzes system-level interactions such as file More >

Muhammad Adil^1,*, Mona M. Jamjoom², Zahid Ullah³

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 4363-4380, 2025, DOI:10.32604/cmc.2025.066551 - 30 July 2025

Abstract In today’s digital world, the Internet of Things (IoT) plays an important role in both local and global economies due to its widespread adoption in different applications. This technology has the potential to offer several advantages over conventional technologies in the near future. However, the potential growth of this technology also attracts attention from hackers, which introduces new challenges for the research community that range from hardware and software security to user privacy and authentication. Therefore, we focus on a particular security concern that is associated with malware detection. The literature presents many countermeasures, but… More >

Brij B. Gupta^1,2,3,4,*, Akshat Gaurav⁵, Wadee Alhalabi⁶, Varsha Arya^7,8, Shavi Bansal^9,10, Ching-Hsien Hsu¹

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 4755-4772, 2025, DOI:10.32604/cmc.2025.064053 - 30 July 2025

Abstract Detecting cyber attacks in networks connected to the Internet of Things (IoT) is of utmost importance because of the growing vulnerabilities in the smart environment. Conventional models, such as Naive Bayes and support vector machine (SVM), as well as ensemble methods, such as Gradient Boosting and eXtreme gradient boosting (XGBoost), are often plagued by high computational costs, which makes it challenging for them to perform real-time detection. In this regard, we suggested an attack detection approach that integrates Visual Geometry Group 16 (VGG16), Artificial Rabbits Optimizer (ARO), and Random Forest Model to increase detection accuracy… More >

Farah Mohammad^1,2,*, Saad Al-Ahmadi^1,3, Jalal Al-Muhtadi^1,3

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 5995-6014, 2025, DOI:10.32604/cmc.2025.063046 - 30 July 2025

Abstract Malware continues to pose a significant threat to cybersecurity, with new advanced infections that go beyond traditional detection. Limitations in existing systems include high false-positive rates, slow system response times, and inability to respond quickly to new malware forms. To overcome these challenges, this paper proposes OMD-RAS: Implementing Malware Detection in an Optimized Way through Real-Time and Adaptive Security as an extensive approach, hoping to get good results towards better malware threat detection and remediation. The significant steps in the model are data collection followed by comprehensive preprocessing consisting of feature engineering and normalization. Static… More >

Atif Raza Zaidi¹, Tahir Abbas^1,*, Ali Daud^2,*, Omar Alghushairy³, Hussain Dawood⁴, Nadeem Sarwar⁵

CMC-Computers, Materials & Continua, Vol.84, No.2, pp. 3281-3304, 2025, DOI:10.32604/cmc.2025.063646 - 03 July 2025

Abstract Safeguarding against malware requires precise machine-learning algorithms to classify harmful apps. The Drebin dataset of 15,036 samples and 215 features yielded significant and reliable results for two hybrid models, CNN + XGBoost and KNN + XGBoost. To address the class imbalance issue, SMOTE (Synthetic Minority Over-sampling Technique) was used to preprocess the dataset, creating synthetic samples of the minority class (malware) to balance the training set. XGBoost was then used to choose the most essential features for separating malware from benign programs. The models were trained and tested using 6-fold cross-validation, measuring accuracy, precision, recall,… More >

Jong-Yih Kuo¹, Ping-Feng Wang^2,*, Ti-Feng Hsieh^1,*, Cheng-Hsuan Kuo¹

CMES-Computer Modeling in Engineering & Sciences, Vol.143, No.3, pp. 3133-3166, 2025, DOI:10.32604/cmes.2025.064104 - 30 June 2025

Abstract In recent years, cyber threats have escalated across diverse sectors, with cybercrime syndicates increasingly exploiting system vulnerabilities. Traditional passive defense mechanisms have proven insufficient, particularly as Linux platforms—historically overlooked in favor of Windows—have emerged as frequent targets. According to Trend Micro, there has been a substantial increase in Linux-targeted malware, with ransomware attacks on Linux surpassing those on macOS. This alarming trend underscores the need for detection strategies specifically designed for Linux environments. To address this challenge, this study proposes a comprehensive malware detection framework tailored for Linux systems, integrating dynamic behavioral analysis with the… More >