Seungyeon Baek^1,#, Jueun Jeon^2,#, Byeonghui Jeong¹, Young-Sik Jeong^1,*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.1, pp. 1213-1236, 2025, DOI:10.32604/cmes.2025.070679 - 30 October 2025

Abstract With the advent of the sixth-generation wireless technology, the importance of using artificial intelligence of things (AIoT) devices is increasing to enhance efficiency. As massive volumes of data are collected and stored in these AIoT environments, each device becomes a potential attack target, leading to increased security vulnerabilities. Therefore, intrusion detection studies have been conducted to detect malicious network traffic. However, existing studies have been biased toward conducting in-depth analyses of individual packets to improve accuracy or applying flow-based statistical information to ensure real-time performance. Effectively responding to complex and multifaceted threats in large-scale AIoT… More >

Junzhe Cheng^*

Journal of Cyber Security, Vol.7, pp. 343-357, 2025, DOI:10.32604/jcs.2025.067979 - 22 September 2025

Abstract We present a novel Transformer-based network intrusion detection system (IDS) that automatically learns complex feature relationships from raw traffic. Our architecture embeds both categorical (e.g., protocol, flag) and numerical (e.g., packet count, duration) inputs into a unified latent space with positional encodings, and processes them through multi-layer multi-head self-attention blocks. The Transformer’s global attention enables the IDS to capture subtle, long-range correlations in the data (e.g., coordinated multi-step attacks) without manual feature engineering. We complement the model with extensive data augmentation (SMOTE, GANs) to mitigate class imbalance and improve robustness. In evaluation on benchmark datasets… More >

Jianwei Zhang^1,*, Hongying Zhao², Yuan Feng^3,*, Zengyu Cai², Liang Zhu²

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 5279-5298, 2025, DOI:10.32604/cmc.2025.066367 - 30 July 2025

Abstract Network traffic classification is a crucial research area aimed at improving quality of service, simplifying network management, and enhancing network security. To address the growing complexity of cryptography, researchers have proposed various machine learning and deep learning approaches to tackle this challenge. However, existing mainstream methods face several general issues. On one hand, the widely used Transformer architecture exhibits high computational complexity, which negatively impacts its efficiency. On the other hand, traditional methods are often unreliable in traffic representation, frequently losing important byte information while retaining unnecessary biases. To address these problems, this paper introduces More >

Junbin He^1,2, Wuxia Zhang³, Xianyi Liu¹, Jinping Liu^2,*, Guangyi Yang⁴

CMC-Computers, Materials & Continua, Vol.84, No.1, pp. 1227-1252, 2025, DOI:10.32604/cmc.2025.064402 - 09 June 2025

Abstract The integration of cloud computing into traditional industrial control systems is accelerating the evolution of Industrial Cyber-Physical System (ICPS), enhancing intelligence and autonomy. However, this transition also expands the attack surface, introducing critical security vulnerabilities. To address these challenges, this article proposes a hybrid intrusion detection scheme for securing ICPSs that combines system state anomaly and network traffic anomaly detection. Specifically, an improved variation-Bayesian-based noise covariance-adaptive nonlinear Kalman filtering (IVB-NCA-NLKF) method is developed to model nonlinear system dynamics, enabling optimal state estimation in multi-sensor ICPS environments. Intrusions within the physical sensing system are identified by More >

Xiangbin Wang¹, Qingjun Yuan^1,*, Weina Niu², Qianwei Meng¹, Yongjuan Wang¹, Chunxiang Gu¹

CMC-Computers, Materials & Continua, Vol.83, No.2, pp. 2267-2285, 2025, DOI:10.32604/cmc.2025.061767 - 16 April 2025

Abstract With the rise of encrypted traffic, traditional network analysis methods have become less effective, leading to a shift towards deep learning-based approaches. Among these, multimodal learning-based classification methods have gained attention due to their ability to leverage diverse feature sets from encrypted traffic, improving classification accuracy. However, existing research predominantly relies on late fusion techniques, which hinder the full utilization of deep features within the data. To address this limitation, we propose a novel multimodal encrypted traffic classification model that synchronizes modality fusion with multiscale feature extraction. Specifically, our approach performs real-time fusion of modalities More >

Ravi Veerabhadrappa^*, Poornima Athikatte Sampigerayappa

Computer Systems Science and Engineering, Vol.49, pp. 333-351, 2025, DOI:10.32604/csse.2025.061285 - 19 March 2025

Abstract In recent years, the analysis of encrypted network traffic has gained momentum due to the widespread use of Transport Layer Security and Quick UDP Internet Connections protocols, which complicate and prolong the analysis process. Classification models face challenges in understanding and classifying unknown traffic because of issues related to interpret ability and the representation of traffic data. To tackle these complexities, multi-modal representation learning can be employed to extract meaningful features and represent them in a lower-dimensional latent space. Recently, auto-encoder-based multi-modal representation techniques have shown superior performance in representing network traffic. By combining the… More >

Yue Yang^1,2, Xiangyan Tang^2,3,*, Zhaowu Liu^2,3,*, Jieren Cheng^2,3, Haozhe Fang³, Cunyi Zhang³

CMC-Computers, Materials & Continua, Vol.82, No.3, pp. 4389-4408, 2025, DOI:10.32604/cmc.2025.060357 - 06 March 2025

Abstract With the rapid development of Internet of Things technology, the sharp increase in network devices and their inherent security vulnerabilities present a stark contrast, bringing unprecedented challenges to the field of network security, especially in identifying malicious attacks. However, due to the uneven distribution of network traffic data, particularly the imbalance between attack traffic and normal traffic, as well as the imbalance between minority class attacks and majority class attacks, traditional machine learning detection algorithms have significant limitations when dealing with sparse network traffic data. To effectively tackle this challenge, we have designed a lightweight… More >

Guorong Qi¹, Jian Mao^1,*, Kai Huang¹, Zhengxian You², Jinliang Lin²

CMC-Computers, Materials & Continua, Vol.82, No.2, pp. 2159-2176, 2025, DOI:10.32604/cmc.2024.058396 - 17 February 2025

Abstract Abnormal network traffic, as a frequent security risk, requires a series of techniques to categorize and detect it. Existing network traffic anomaly detection still faces challenges: the inability to fully extract local and global features, as well as the lack of effective mechanisms to capture complex interactions between features; Additionally, when increasing the receptive field to obtain deeper feature representations, the reliance on increasing network depth leads to a significant increase in computational resource consumption, affecting the efficiency and performance of detection. Based on these issues, firstly, this paper proposes a network traffic anomaly detection… More >

Rongwei Yu, Xiya Guo^*, Peihao Zhang, Kaijuan Zhang

CMC-Computers, Materials & Continua, Vol.81, No.2, pp. 2643-2664, 2024, DOI:10.32604/cmc.2024.056165 - 18 November 2024

Abstract Encrypted traffic plays a crucial role in safeguarding network security and user privacy. However, encrypting malicious traffic can lead to numerous security issues, making the effective classification of encrypted traffic essential. Existing methods for detecting encrypted traffic face two significant challenges. First, relying solely on the original byte information for classification fails to leverage the rich temporal relationships within network traffic. Second, machine learning and convolutional neural network methods lack sufficient network expression capabilities, hindering the full exploration of traffic’s potential characteristics. To address these limitations, this study introduces a traffic classification method that utilizes… More >

Dong-Wook Kim¹, Gun-Yoon Sin², Kwangsoo Kim³, Jaesik Kang³, Sun-Young Im³, Myung-Mook Han^1,*

CMC-Computers, Materials & Continua, Vol.80, No.3, pp. 3637-3653, 2024, DOI:10.32604/cmc.2024.054108 - 12 September 2024

Abstract In the rapidly evolving field of cybersecurity, the challenge of providing realistic exercise scenarios that accurately mimic real-world threats has become increasingly critical. Traditional methods often fall short in capturing the dynamic and complex nature of modern cyber threats. To address this gap, we propose a comprehensive framework designed to create authentic network environments tailored for cybersecurity exercise systems. Our framework leverages advanced simulation techniques to generate scenarios that mirror actual network conditions faced by professionals in the field. The cornerstone of our approach is the use of a conditional tabular generative adversarial network (CTGAN),… More >