Jaeho Shin¹, Jaekwang Kim^2,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-26, 2026, DOI:10.32604/cmc.2025.068767 - 10 November 2025

Abstract Network attacks have become a critical issue in the internet security domain. Artificial intelligence technology-based detection methodologies have attracted attention; however, recent studies have struggled to adapt to changing attack patterns and complex network environments. In addition, it is difficult to explain the detection results logically using artificial intelligence. We propose a method for classifying network attacks using graph models to explain the detection results. First, we reconstruct the network packet data into a graphical structure. We then use a graph model to predict network attacks using edge classification. To explain the prediction results, we… More >

Shuqin Zhang¹, Zihao Wang^1,*, Xinyu Su²

CMC-Computers, Materials & Continua, Vol.83, No.3, pp. 5781-5809, 2025, DOI:10.32604/cmc.2025.062080 - 19 May 2025

Abstract The methods of network attacks have become increasingly sophisticated, rendering traditional cybersecurity defense mechanisms insufficient to address novel and complex threats effectively. In recent years, artificial intelligence has achieved significant progress in the field of network security. However, many challenges and issues remain, particularly regarding the interpretability of deep learning and ensemble learning algorithms. To address the challenge of enhancing the interpretability of network attack prediction models, this paper proposes a method that combines Light Gradient Boosting Machine (LGBM) and SHapley Additive exPlanations (SHAP). LGBM is employed to model anomalous fluctuations in various network indicators,… More >

Haiyan Sun^1,*, Chenglong Shao¹, Jianwei Zhang¹, Kun Wang², Wanwei Huang¹

CMC-Computers, Materials & Continua, Vol.83, No.1, pp. 1451-1470, 2025, DOI:10.32604/cmc.2025.059724 - 26 March 2025

Abstract To address the problem that existing studies lack analysis of the relationship between attack-defense game behaviors and situation evolution from the game perspective after constructing an attack-defense model, this paper proposes a network attack-defense game model (ADGM). Firstly, based on the assumption of incomplete information between the two sides of the game, the ADGM model is established, and methods of payoff quantification, equilibrium solution, and determination of strategy confrontation results are presented. Then, drawing on infectious disease dynamics, the network attack-defense situation is defined based on the density of nodes in various security states, and… More >

Tao Yi^1,3, Xingshu Chen^1,2,*, Mingdong Yang³, Qindong Li¹, Yi Zhu¹

CMES-Computer Modeling in Engineering & Sciences, Vol.140, No.1, pp. 929-955, 2024, DOI:10.32604/cmes.2024.048793 - 16 April 2024

Abstract Due to the rapid evolution of Advanced Persistent Threats (APTs) attacks, the emergence of new and rare attack samples, and even those never seen before, make it challenging for traditional rule-based detection methods to extract universal rules for effective detection. With the progress in techniques such as transfer learning and meta-learning, few-shot network attack detection has progressed. However, challenges in few-shot network attack detection arise from the inability of time sequence flow features to adapt to the fixed length input requirement of deep learning, difficulties in capturing rich information from original flow in the case… More >

Ehab AlMasri¹, Mouhammd Alkasassbeh¹, Amjad Aldweesh^2,*

Computer Systems Science and Engineering, Vol.47, No.2, pp. 2643-2669, 2023, DOI:10.32604/csse.2023.040626 - 28 July 2023

Abstract Supply chain attacks, exemplified by the SUNBURST attack utilizing SolarWinds Orion updates, pose a growing cybersecurity threat to entities worldwide. However, the need for suitable datasets for detecting and anticipating SUNBURST attacks is a significant challenge. We present a novel dataset collected using a unique network traffic data collection methodology to address this gap. Our study aims to enhance intrusion detection and prevention systems by understanding SUNBURST attack features. We construct realistic attack scenarios by combining relevant data and attack indicators. The dataset is validated with the J48 machine learning algorithm, achieving an average F-Measure More >

Hasan Dalmaz^*, Erdal Erdal, Halil Murat Ünver

CMES-Computer Modeling in Engineering & Sciences, Vol.136, No.2, pp. 1277-1314, 2023, DOI:10.32604/cmes.2023.025212 - 06 February 2023

Abstract This paper addresses the urgent need to detect network security attacks, which have increased significantly in recent years, with high accuracy and avoid the adverse effects of these attacks. The intrusion detection system should respond seamlessly to attack patterns and approaches. The use of metaheuristic algorithms in attack detection can produce near-optimal solutions with low computational costs. To achieve better performance of these algorithms and further improve the results, hybridization of algorithms can be used, which leads to more successful results. Nowadays, many studies are conducted on this topic. In this study, a new hybrid… More >

Gürcan Çetin^*

CMC-Computers, Materials & Continua, Vol.73, No.3, pp. 4519-4539, 2022, DOI:10.32604/cmc.2022.031734 - 28 July 2022

Abstract Recently, machine learning algorithms have been used in the detection and classification of network attacks. The performance of the algorithms has been evaluated by using benchmark network intrusion datasets such as DARPA98, KDD’99, NSL-KDD, UNSW-NB15, and Caida DDoS. However, these datasets have two major challenges: imbalanced data and high-dimensional data. Obtaining high accuracy for all attack types in the dataset allows for high accuracy in imbalanced datasets. On the other hand, having a large number of features increases the runtime load on the algorithms. A novel model is proposed in this paper to overcome these… More >

Peng Hui Li¹, Jie Xu^1,*, Zhong Yi Xu¹, Su Chen¹, Bo Wei Niu², Jie Yin¹, Xiao Feng Sun¹, Hao Liang Lan¹, Lu Lu Chen³

CMC-Computers, Materials & Continua, Vol.73, No.2, pp. 3847-3860, 2022, DOI:10.32604/cmc.2022.029969 - 16 June 2022

Abstract At present, the severe network security situation has put forward high requirements for network security defense technology. In order to automate botnet threat warning, this paper researches the types and characteristics of Botnet. Botnet has special characteristics in attributes such as packets, attack time interval, and packet size. In this paper, the attack data is annotated by means of string recognition and expert screening. The attack features are extracted from the labeled attack data, and then use K-means for cluster analysis. The clustering results show that the same attack data has its unique characteristics, and… More >

Hui Wang¹, Chuanhan Zhu¹, Zihao Shen^1,*, Dengwei Lin², Kun Liu¹, MengYao Zhao³

Computer Systems Science and Engineering, Vol.38, No.1, pp. 103-117, 2021, DOI:10.32604/csse.2021.014680 - 01 April 2021

Abstract Computer networks face a variety of cyberattacks. Most network attacks are contagious and destructive, and these types of attacks can be harmful to society and computer network security. Security evaluation is an effective method to solve network security problems. For accurate assessment of the vulnerabilities of computer networks, this paper proposes a network security risk assessment method based on a Bayesian network attack graph (B_NAG) model. First, a new resource attack graph (RAG) and the algorithm E-Loop, which is applied to eliminate loops in the B_NAG, are proposed. Second, to distinguish the confusing relationships between… More >

Zihao Shen^1,2, Hui Wang^1,*, Kun Liu¹, Peiqian Liu¹, Menglong Ba¹, MengYao Zhao³

Computer Systems Science and Engineering, Vol.37, No.1, pp. 121-133, 2021, DOI:10.32604/csse.2021.014988 - 05 February 2021

Abstract The rapid progress of the Internet has exposed networks to an increased number of threats. Intrusion detection technology can effectively protect network security against malicious attacks. In this paper, we propose a ReliefF-P-Naive Bayes and softmax regression (RP-NBSR) model based on machine learning for network attack detection to improve the false detection rate and F1 score of unknown intrusion behavior. In the proposed model, the Pearson correlation coefficient is introduced to compensate for deficiencies in correlation analysis between features by the ReliefF feature selection algorithm, and a ReliefF-Pearson correlation coefficient (ReliefF-P) algorithm is proposed. Then, More >