Jay Barach^*

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-23, 2026, DOI:10.32604/cmc.2025.071705 - 09 December 2025

Abstract Human Resource (HR) operations increasingly rely on cloud-based platforms that provide hiring, payroll, employee management, and compliance services. These systems, typically built on multi-tenant microservice architectures, offer scalability and efficiency but also expand the attack surface for adversaries. Ransomware has emerged as a leading threat in this domain, capable of halting workflows and exposing sensitive employee records. Traditional defenses such as static hardening and signature-based detection often fail to address the dynamic requirements of HR Software as a Service (SaaS), where continuous availability and privacy compliance are critical. This paper presents a Moving Target Defense… More >

Eman Alsalmi, Abeer Alhuzali^*, Areej Alhothali

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-20, 2026, DOI:10.32604/cmc.2025.071012 - 09 December 2025

Abstract Log anomaly detection is essential for maintaining the reliability and security of large-scale networked systems. Most traditional techniques rely on log parsing in the reprocessing stage and utilize handcrafted features that limit their adaptability across various systems. In this study, we propose a hybrid model, BertGCN, that integrates BERT-based contextual embedding with Graph Convolutional Networks (GCNs) to identify anomalies in raw system logs, thereby eliminating the need for log parsing. The BERT module captures semantic representations of log messages, while the GCN models the structural relationships among log entries through a text-based graph. This combination More >

Bing Zhang, Wenqi Shi^*

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-19, 2026, DOI:10.32604/cmc.2025.067470 - 09 December 2025

Abstract To address the challenge of low survival rates and limited data collection efficiency in current virtual probe deployments, which results from anomaly detection mechanisms in location-based service (LBS) applications, this paper proposes a novel virtual probe deployment method based on user behavioral feature analysis. The core idea is to circumvent LBS anomaly detection by mimicking real-user behavior patterns. First, we design an automated data extraction algorithm that recognizes graphical user interface (GUI) elements to collect spatio-temporal behavior data. Then, by analyzing the automatically collected user data, we identify normal users’ spatio-temporal patterns and extract their… More >

Nur Syaiful Afrizal¹, Khairul Adib Yusof^1,2,*, Lokman Hakim Muhamad¹, Nurul Shazana Abdul Hamid^2,3, Mardina Abdullah^2,4, Mohd Amiruddin Abd Rahman¹, Syamsiah Mashohor⁵, Masashi Hayakawa^6,7

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-16, 2026, DOI:10.32604/cmc.2025.066421 - 09 December 2025

Abstract Detecting geomagnetic anomalies preceding earthquakes is a challenging yet promising area of research that has gained increasing attention in recent years. This study introduces a novel reconstruction-based modeling approach enhanced by negative learning, employing a Bidirectional Long Short-Term Memory (BiLSTM) network explicitly trained to accurately reconstruct non-seismic geomagnetic signals while intentionally amplifying reconstruction errors for seismic signals. By penalizing the model for accurately reconstructing seismic anomalies, the negative learning approach effectively magnifies the differences between normal and anomalous data. This strategic differentiation enhances the sensitivity of the BiLSTM network, enabling improved detection of subtle geomagnetic More >

Abeer Alnuaim^*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-33, 2026, DOI:10.32604/cmc.2025.069110 - 10 November 2025

Abstract The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats. In the evolving landscape of cybersecurity, the efficacy of Intrusion Detection Systems (IDS) is increasingly measured by technical performance, operational usability, and adaptability. This study introduces and rigorously evaluates a Human-Computer Interaction (HCI)-Integrated IDS with the utilization of Convolutional Neural Network (CNN), CNN-Long Short Term Memory (LSTM), and Random Forest (RF) against both a Baseline Machine Learning (ML) and a Traditional IDS model, through an extensive experimental framework encompassing many performance metrics, including detection latency, accuracy, alert prioritization, classification… More >

Chunyong Yin, Williams Kyei^*

Journal of Cyber Security, Vol.7, pp. 615-635, 2025, DOI:10.32604/jcs.2025.072740 - 24 December 2025

Abstract The evolving sophistication of network threats demands anomaly detection methods that are both robust and adaptive. While autoencoders excel at learning normal traffic patterns, they struggle with complex feature interactions and require manual tuning for different environments. We introduce the Adaptive Robust AutoEncoder (ARAE), a novel framework that dynamically balances reconstruction fidelity with latent space regularization through learnable loss weighting. ARAE incorporates multi-head attention to model feature dependencies and fuses multiple anomaly indicators into an adaptive scoring mechanism. Extensive evaluation on four benchmark datasets demonstrates that ARAE significantly outperforms existing autoencoder variants and classical methods, More >

Jeongsu Park¹, Moohong Min^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.3, pp. 3913-3948, 2025, DOI:10.32604/cmes.2025.072261 - 23 December 2025

Abstract Time series anomaly detection is critical in domains such as manufacturing, finance, and cybersecurity. Recent generative AI models, particularly Transformer- and Autoencoder-based architectures, show strong accuracy but their robustness under noisy conditions is less understood. This study evaluates three representative models—AnomalyTransformer, TranAD, and USAD—on the Server Machine Dataset (SMD) and cross-domain benchmarks including the Soil Moisture Active Passive (SMAP) dataset, the Mars Science Laboratory (MSL) dataset, and the Secure Water Treatment (SWaT) testbed. Seven noise settings (five canonical, two mixed) at multiple intensities are tested under fixed clean-data training, with variations in window, stride, and More > Graphic Abstract

Abd Rahman Wahid^*

Journal of Cyber Security, Vol.7, pp. 589-614, 2025, DOI:10.32604/jcs.2025.071622 - 11 December 2025

Abstract The rapid increase in cyber attacks requires accurate, adaptive, and interpretable detection and response mechanisms. Conventional security solutions remain fragmented, leaving gaps that attackers can exploit. This study introduces the HI-XDR (Hybrid Intelligent Extended Detection and Response) framework, which combines network-based Suricata rules and endpoint-based Wazuh rules into a unified dataset containing 45,705 entries encoded into 1058 features. A semantic-aware autoencoder-based anomaly detection module is trained and strengthened through adversarial learning using Projected Gradient Descent, achieving a minimum mean squared error of 0.0015 and detecting 458 anomaly rules at the 99th percentile threshold. A comparative… More >

Seong-Su Yoon, Dong-Hyuk Shin, Ieck-Chae Euom^*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.2, pp. 2683-2706, 2025, DOI:10.32604/cmes.2025.071577 - 26 November 2025

Abstract With the continuous expansion of digital infrastructures, malicious behaviors in host systems have become increasingly sophisticated, often spanning multiple processes and employing obfuscation techniques to evade detection. Audit logs, such as Sysmon, offer valuable insights; however, existing approaches typically flatten event sequences or rely on generic graph models, thereby discarding the natural parent-child process hierarchy that is critical for analyzing multiprocess attacks. This paper proposes a structure-aware threat detection framework that transforms audit logs into a unified two-dimensional (2D) spatio-temporal representation, where process hierarchy is modeled as the spatial axis and event chronology as the More >

Lincong Zhao¹, Liandong Chen¹, Peipei Shen¹, Zizhou Liu¹, Chengzhu Li¹, Fanqin Zhou^2,*

CMC-Computers, Materials & Continua, Vol.85, No.3, pp. 5057-5071, 2025, DOI:10.32604/cmc.2025.067521 - 23 October 2025

Abstract The rapid growth of Internet of things devices and the emergence of rapidly evolving network threats have made traditional security assessment methods inadequate. Federated learning offers a promising solution to expedite the training of security assessment models. However, ensuring the trustworthiness and robustness of federated learning under multi-party collaboration scenarios remains a challenge. To address these issues, this study proposes a shard aggregation network structure and a malicious node detection mechanism, along with improvements to the federated learning training process. First, we extract the data features of the participants by using spectral clustering methods combined… More >