Yunhao Yu¹, Boda Zhang¹, Meiling Dizha¹, Ruibin Wen¹, Fuhua Luo¹, Xiang Guo¹, Zhenyong Zhang^2,*

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-19, 2026, DOI:10.32604/cmc.2025.070577 - 09 December 2025

Abstract Load frequency control (LFC) is a critical function to balance the power consumption and generation. The grid frequency is a crucial indicator for maintaining balance. However, the widely used information and communication infrastructure for LFC increases the risk of being attacked by malicious actors. The dynamic load altering attack (DLAA) is a typical attack that can destabilize the power system, causing the grid frequency to deviate from its nominal value. Therefore, in this paper, we mathematically analyze the impact of DLAA on the stability of the grid frequency and propose the network parameter regulation (NPR)… More >

Kirubavathi Ganapathiyappan^1,*, Kiruba Marimuthu Eswaramoorthy¹, Abi Thangamuthu Shanthamani¹, Aksaya Venugopal¹, Asita Pon Bhavya Iyyappan¹, Thilaga Manickam¹, Ateeq Ur Rehman^2,*, Habib Hamam^3,4,5,6

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-31, 2026, DOI:10.32604/cmc.2025.070067 - 09 December 2025

Abstract The growing use of Portable Document Format (PDF) files across various sectors such as education, government, and business has inadvertently turned them into a major target for cyberattacks. Cybercriminals take advantage of the inherent flexibility and layered structure of PDFs to inject malicious content, often employing advanced obfuscation techniques to evade detection by traditional signature-based security systems. These conventional methods are no longer adequate, especially against sophisticated threats like zero-day exploits and polymorphic malware. In response to these challenges, this study introduces a machine learning-based detection framework specifically designed to combat such threats. Central to… More >

Kirubavathi Ganapathiyappan¹, Heba G. Mohamed², Abhishek Yadav¹, Guru Akshya Chinnaswamy¹, Ateeq Ur Rehman^3,*, Habib Hamam^4,5,6,7

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-18, 2026, DOI:10.32604/cmc.2025.069951 - 09 December 2025

Abstract The escalating complexity of modern malware continues to undermine the effectiveness of traditional signature-based detection techniques, which are often unable to adapt to rapidly evolving attack patterns. To address these challenges, this study proposes X-MalNet, a lightweight Convolutional Neural Network (CNN) framework designed for static malware classification through image-based representations of binary executables. By converting malware binaries into grayscale images, the model extracts distinctive structural and texture-level features that signify malicious intent, thereby eliminating the dependence on manual feature engineering or dynamic behavioral analysis. Built upon a modified AlexNet architecture, X-MalNet employs transfer learning to… More >

Abeer Alhuzali^1,*, Qamar Al-Qahtani¹, Asmaa Niyazi¹, Lama Alshehri¹, Fatemah Alharbi²

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-19, 2026, DOI:10.32604/cmc.2025.069491 - 10 November 2025

Abstract The surge in smishing attacks underscores the urgent need for robust, real-time detection systems powered by advanced deep learning models. This paper introduces PhishNet, a novel ensemble learning framework that integrates transformer-based models (RoBERTa) and large language models (LLMs) (GPT-OSS 120B, LLaMA3.3 70B, and Qwen3 32B) to enhance smishing detection performance significantly. To mitigate class imbalance, we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques. Our system employs a dual-layer voting mechanism: weighted majority voting among LLMs and a final ensemble vote to classify messages as ham, spam, or smishing. Experimental More >

Md Shohel Rana^1,2,3,4,*, Tonmoy Ghosh³, Mohammad Nur Nobi⁵, Anichur Rahman^1,6,*, Andrew H. Sung⁴

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-38, 2026, DOI:10.32604/cmc.2025.069212 - 10 November 2025

Abstract Zero-click attacks represent an advanced cybersecurity threat, capable of compromising devices without user interaction. High-profile examples such as Pegasus, Simjacker, Bluebugging, and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access, exfiltrate data, and enable long-term surveillance. Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging. This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework, a widely adopted standard for modeling adversarial behavior. Through this mapping, we categorize real-world attack vectors and better understand how… More >

Fatima Al-Quayed^*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-16, 2026, DOI:10.32604/cmc.2025.069102 - 10 November 2025

Abstract Due to the growth of smart cities, many real-time systems have been developed to support smart cities using Internet of Things (IoT) and emerging technologies. They are formulated to collect the data for environment monitoring and automate the communication process. In recent decades, researchers have made many efforts to propose autonomous systems for manipulating network data and providing on-time responses in critical operations. However, the widespread use of IoT devices in resource-constrained applications and mobile sensor networks introduces significant research challenges for cybersecurity. These systems are vulnerable to a variety of cyberattacks, including unauthorized access,… More >

Amjad Rehman^1,*, Tanzila Saba¹, Mona M. Jamjoom², Shaha Al-Otaibi³, Muhammad I. Khan¹

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-15, 2026, DOI:10.32604/cmc.2025.068958 - 10 November 2025

Abstract Modern intrusion detection systems (MIDS) face persistent challenges in coping with the rapid evolution of cyber threats, high-volume network traffic, and imbalanced datasets. Traditional models often lack the robustness and explainability required to detect novel and sophisticated attacks effectively. This study introduces an advanced, explainable machine learning framework for multi-class IDS using the KDD99 and IDS datasets, which reflects real-world network behavior through a blend of normal and diverse attack classes. The methodology begins with sophisticated data preprocessing, incorporating both RobustScaler and QuantileTransformer to address outliers and skewed feature distributions, ensuring standardized and model-ready inputs.… More >

Omar Darwish¹, Shorouq Al-Eidi², Abdallah Al-Shorman¹, Majdi Maabreh³, Anas Alsobeh⁴, Plamen Zahariev⁵, Yahya Tashtoush^6,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-21, 2026, DOI:10.32604/cmc.2025.068266 - 10 November 2025

Abstract Covert timing channels (CTC) exploit network resources to establish hidden communication pathways, posing significant risks to data security and policy compliance. Therefore, detecting such hidden and dangerous threats remains one of the security challenges. This paper proposes LinguTimeX, a new framework that combines natural language processing with artificial intelligence, along with explainable Artificial Intelligence (AI) not only to detect CTC but also to provide insights into the decision process. LinguTimeX performs multidimensional feature extraction by fusing linguistic attributes with temporal network patterns to identify covert channels precisely. LinguTimeX demonstrates strong effectiveness in detecting CTC across… More >

MD Hamid Borkot Tulla^1,*, MD Moniur Rahman Ratan², Rashid MD Mamunur³, Abdullah Hil Safi Sohan⁴, MD Matiur Rahman⁵

Journal of Cyber Security, Vol.7, pp. 675-691, 2025, DOI:10.32604/jcs.2025.074737 - 24 December 2025

Abstract Phishing is considered one of the most widespread cybercrimes due to the fact that it combines both technical and human vulnerabilities with the intention of stealing sensitive information. Traditional blacklist and heuristic-based defenses fail to detect such emerging attack patterns; hence, intelligent and transparent detection systems are needed. This paper proposes an explainable machine learning framework that integrates predictive performance with regulatory accountability. Four models were trained and tested on a balanced dataset of 10,000 URLs, comprising 5000 phishing and 5000 legitimate samples, each characterized by 48 lexical and content-based features: Decision Tree, XGBoost, Logistic… More >

Chunyong Yin, Williams Kyei^*

Journal of Cyber Security, Vol.7, pp. 615-635, 2025, DOI:10.32604/jcs.2025.072740 - 24 December 2025

Abstract The evolving sophistication of network threats demands anomaly detection methods that are both robust and adaptive. While autoencoders excel at learning normal traffic patterns, they struggle with complex feature interactions and require manual tuning for different environments. We introduce the Adaptive Robust AutoEncoder (ARAE), a novel framework that dynamically balances reconstruction fidelity with latent space regularization through learnable loss weighting. ARAE incorporates multi-head attention to model feature dependencies and fuses multiple anomaly indicators into an adaptive scoring mechanism. Extensive evaluation on four benchmark datasets demonstrates that ARAE significantly outperforms existing autoencoder variants and classical methods, More >