Abeer Alnuaim^*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-33, 2026, DOI:10.32604/cmc.2025.069110 - 10 November 2025

Abstract The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats. In the evolving landscape of cybersecurity, the efficacy of Intrusion Detection Systems (IDS) is increasingly measured by technical performance, operational usability, and adaptability. This study introduces and rigorously evaluates a Human-Computer Interaction (HCI)-Integrated IDS with the utilization of Convolutional Neural Network (CNN), CNN-Long Short Term Memory (LSTM), and Random Forest (RF) against both a Baseline Machine Learning (ML) and a Traditional IDS model, through an extensive experimental framework encompassing many performance metrics, including detection latency, accuracy, alert prioritization, classification… More >

Amjad Rehman^1,*, Tanzila Saba¹, Mona M. Jamjoom², Shaha Al-Otaibi³, Muhammad I. Khan¹

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-15, 2026, DOI:10.32604/cmc.2025.068958 - 10 November 2025

Abstract Modern intrusion detection systems (MIDS) face persistent challenges in coping with the rapid evolution of cyber threats, high-volume network traffic, and imbalanced datasets. Traditional models often lack the robustness and explainability required to detect novel and sophisticated attacks effectively. This study introduces an advanced, explainable machine learning framework for multi-class IDS using the KDD99 and IDS datasets, which reflects real-world network behavior through a blend of normal and diverse attack classes. The methodology begins with sophisticated data preprocessing, incorporating both RobustScaler and QuantileTransformer to address outliers and skewed feature distributions, ensuring standardized and model-ready inputs.… More >

Jaeho Shin¹, Jaekwang Kim^2,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-26, 2026, DOI:10.32604/cmc.2025.068767 - 10 November 2025

Abstract Network attacks have become a critical issue in the internet security domain. Artificial intelligence technology-based detection methodologies have attracted attention; however, recent studies have struggled to adapt to changing attack patterns and complex network environments. In addition, it is difficult to explain the detection results logically using artificial intelligence. We propose a method for classifying network attacks using graph models to explain the detection results. First, we reconstruct the network packet data into a graphical structure. We then use a graph model to predict network attacks using edge classification. To explain the prediction results, we… More >

Misbah Anwer^1,*, Ghufran Ahmed¹, Maha Abdelhaq², Raed Alsaqour³, Shahid Hussain⁴, Adnan Akhunzada^5,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-15, 2026, DOI:10.32604/cmc.2025.068673 - 10 November 2025

Abstract The exponential growth of the Internet of Things (IoT) has introduced significant security challenges, with zero-day attacks emerging as one of the most critical and challenging threats. Traditional Machine Learning (ML) and Deep Learning (DL) techniques have demonstrated promising early detection capabilities. However, their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints, high computational costs, and the costly time-intensive process of data labeling. To address these challenges, this study proposes a Federated Learning (FL) framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in… More >

Wanwei Huang^1,*, Huicong Yu¹, Jiawei Ren², Kun Wang³, Yanbu Guo¹, Lifeng Jin⁴

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-24, 2026, DOI:10.32604/cmc.2025.068493 - 10 November 2025

Abstract Existing feature selection methods for intrusion detection systems in the Industrial Internet of Things often suffer from local optimality and high computational complexity. These challenges hinder traditional IDS from effectively extracting features while maintaining detection accuracy. This paper proposes an industrial Internet of Things intrusion detection feature selection algorithm based on an improved whale optimization algorithm (GSLDWOA). The aim is to address the problems that feature selection algorithms under high-dimensional data are prone to, such as local optimality, long detection time, and reduced accuracy. First, the initial population’s diversity is increased using the Gaussian Mutation More >

Zheng Zhang^1,2, Jie Hao², Liquan Chen^1,*, Tianhao Hou², Yanan Liu²

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-22, 2026, DOI:10.32604/cmc.2025.068372 - 10 November 2025

Abstract With the increasing severity of network security threats, Network Intrusion Detection (NID) has become a key technology to ensure network security. To address the problem of low detection rate of traditional intrusion detection models, this paper proposes a Dual-Attention model for NID, which combines Convolutional Neural Network (CNN) and Bidirectional Long Short-Term Memory (BiLSTM) to design two modules: the FocusConV and the TempoNet module. The FocusConV module, which automatically adjusts and weights CNN extracted local features, focuses on local features that are more important for intrusion detection. The TempoNet module focuses on global information, identifies… More >

Gan Zhu¹, Yongtao Yu^2,*, Xiaofan Deng¹, Yuanchen Dai³, Zhenyuan Li³

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.3, pp. 4317-4348, 2025, DOI:10.32604/cmes.2025.074349 - 23 December 2025

Abstract Existing deep learning Network Intrusion Detection Systems (NIDS) struggle to simultaneously capture fine-grained, multi-scale features and long-range temporal dependencies. To address this gap, this paper introduces TransNeSt, a hybrid architecture integrating a ResNeSt block (using split-attention for multi-scale feature representation) with a Transformer encoder (using self-attention for global temporal modeling). This integration of multi-scale and temporal attention was validated on four benchmarks: NSL-KDD, UNSW-NB15, CIC-IDS2017, and CICIOT2023. TransNeSt consistently outperformed its individual components and several state-of-the-art models, demonstrating significant quantitative gains. The model achieved high efficacy across all datasets, with F1-Scores of 99.04% (NSL-KDD), 91.92% More >

Muhammad Saad Farooqui¹, Aizaz Ahmad Khattak², Bakri Hossain Awaji³, Nazik Alturki⁴, Noha Alnazzawi⁵, Muhammad Hanif^6,*, Muhammad Shahbaz Khan²

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.3, pp. 4395-4439, 2025, DOI:10.32604/cmes.2025.072023 - 23 December 2025

Abstract Quality of Service (QoS) assurance in programmable IoT and 5G networks is increasingly threatened by cyberattacks such as Distributed Denial of Service (DDoS), spoofing, and botnet intrusions. This paper presents AutoSHARC, a feedback-driven, explainable intrusion detection framework that integrates Boruta and LightGBM–SHAP feature selection with a lightweight CNN–Attention–GRU classifier. AutoSHARC employs a two-stage feature selection pipeline to identify the most informative features from high-dimensional IoT traffic and reduces 46 features to 30 highly informative ones, followed by post-hoc SHAP-guided retraining to refine feature importance, forming a feedback loop where only the most impactful attributes are More >

Chaonan Xin^*, Keqing Xu

Journal of Cyber Security, Vol.7, pp. 483-503, 2025, DOI:10.32604/jcs.2025.071627 - 28 November 2025

Abstract Intrusion Detection Systems (IDS) have achieved high accuracy on benchmark datasets, yet models often fail to generalize across different network environments. In this paper, we propose Transformer-IDS, a transformer-based network intrusion detection model designed for cross-dataset generalization. The model incorporates a classification token, multi-head self-attention, and embedding layers to learn versatile features, and it introduces a calibration module and an AUC-oriented optimization objective to improve reliability and ranking performance. We evaluate Transformer-IDS on three prominent datasets (NSL-KDD, UNSW-NB15, CIC-IDS2017) in both within-dataset and cross-dataset scenarios. Results demonstrate that while conventional deep IDS models (e.g., CNN-LSTM More >

I Wayan Adi Juliawan Pawana^1,2, Vincent Abella², Jhury Kevin Lastre², Yongho Ko², Ilsun You^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.2, pp. 2733-2760, 2025, DOI:10.32604/cmes.2025.072611 - 26 November 2025

Abstract Roaming in 5G networks enables seamless global mobility but also introduces significant security risks due to legacy protocol dependencies, uneven Security Edge Protection Proxy (SEPP) deployment, and the dynamic nature of inter-Public Land Mobile Network (inter-PLMN) signaling. Traditional rule-based defenses are inadequate for protecting cloud-native 5G core networks, particularly as roaming expands into enterprise and Internet of Things (IoT) domains. This work addresses these challenges by designing a scalable 5G Standalone testbed, generating the first intrusion detection dataset specifically tailored to roaming threats, and proposing a deep learning based intrusion detection framework for cloud-native environments.… More > Graphic Abstract