Khaled Soliman^1,*, Mohamed Sobh², Ayman M. Bahaa-Eldin²

CMC-Computers, Materials & Continua, Vol.79, No.1, pp. 1419-1439, 2024, DOI:10.32604/cmc.2024.048883

Abstract The continuous development of cyberattacks is threatening digital transformation endeavors worldwide and leads to wide losses for various organizations. These dangers have proven that signature-based approaches are insufficient to prevent emerging and polymorphic attacks. Therefore, this paper is proposing a Robust Malicious Executable Detection (RMED) using Host-based Machine Learning Classifier to discover malicious Portable Executable (PE) files in hosts using Windows operating systems through collecting PE headers and applying machine learning mechanisms to detect unknown infected files. The authors have collected a novel reliable dataset containing 116,031 benign files and 179,071 malware samples from diverse sources to ensure the efficiency… More >

Hong Huang¹, Xingxing Zhang^1,*, Ye Lu¹, Ze Li¹, Shaohua Zhou²

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 3929-3951, 2024, DOI:10.32604/cmc.2024.047918

Abstract While encryption technology safeguards the security of network communications, malicious traffic also uses encryption protocols to obscure its malicious behavior. To address the issues of traditional machine learning methods relying on expert experience and the insufficient representation capabilities of existing deep learning methods for encrypted malicious traffic, we propose an encrypted malicious traffic classification method that integrates global semantic features with local spatiotemporal features, called BERT-based Spatio-Temporal Features Network (BSTFNet). At the packet-level granularity, the model captures the global semantic features of packets through the attention mechanism of the Bidirectional Encoder Representations from Transformers (BERT) model. At the byte-level granularity,… More >

Li Li^*, Youran Kong, Qing Zhang

CMC-Computers, Materials & Continua, Vol.78, No.1, pp. 551-567, 2024, DOI:10.32604/cmc.2023.045512

Abstract With the growth of the Internet, more and more business is being done online, for example, online offices, online education and so on. While this makes people’s lives more convenient, it also increases the risk of the network being attacked by malicious code. Therefore, it is important to identify malicious codes on computer systems efficiently. However, most of the existing malicious code detection methods have two problems: (1) The ability of the model to extract features is weak, resulting in poor model performance. (2) The large scale of model data leads to difficulties deploying on devices with limited resources. Therefore,… More >

Yang Liu^1,2,*, Zhiyuan Lin¹, Yuxi Zhang¹, Lin Jiang^1,*, Xuan Wang^1,3

CMES-Computer Modeling in Engineering & Sciences, Vol.138, No.2, pp. 1713-1729, 2024, DOI:10.32604/cmes.2023.030468

Abstract Ethereum, currently the most widely utilized smart contracts platform, anchors the security of myriad smart contracts upon its own robustness. Its foundational peer-to-peer network facilitates a dependable node connection mechanism, whereas an efficient data-sharing protocol constitutes as the bedrock of Blockchain network security. In this paper, we propose NodeHunter, an Ethereum network detector implemented through the application of simulation technology, which is capable of aggregating all node records within the network and the interconnectedness between them. Utilizing this connection information, NodeHunter can procure more comprehensive insights for network status analysis compared to preceding detection methodologies. Throughout a three-month period of… More >

Yu-Rim Lee¹, Na-Eun Park¹, Seo-Yi Kim², Il-Gu Lee^1,2,*

CMC-Computers, Materials & Continua, Vol.76, No.3, pp. 3465-3482, 2023, DOI:10.32604/cmc.2023.041196

Abstract With the introduction of 5G technology, the application of Internet of Things (IoT) devices is expanding to various industrial fields. However, introducing a robust, lightweight, low-cost, and low-power security solution to the IoT environment is challenging. Therefore, this study proposes two methods using a data compression technique to detect malicious traffic efficiently and accurately for a secure IoT environment. The first method, compressed sensing and learning (CSL), compresses an event log in a bitmap format to quickly detect attacks. Then, the attack log is detected using a machine-learning classification model. The second method, precise re-learning after CSL (Ra-CSL), comprises a… More >

Ouyang Liu, Kun Li^*, Ziwei Yin, Deyun Gao, Huachun Zhou

Intelligent Automation & Soft Computing, Vol.37, No.3, pp. 2955-2977, 2023, DOI:10.32604/iasc.2023.039995

Abstract Due to the many types of distributed denial-of-service attacks (DDoS) attacks and the large amount of data generated, it becomes a challenge to manage and apply the malicious behavior knowledge generated by DDoS attacks. We propose a malicious behavior knowledge base framework for DDoS attacks, which completes the construction and application of a multi-domain malicious behavior knowledge base. First, we collected malicious behavior traffic generated by five mainstream DDoS attacks. At the same time, we completed the knowledge collection mechanism through data pre-processing and dataset design. Then, we designed a malicious behavior category graph and malicious behavior structure graph for… More >

M. V. Narayana¹, Vadla Pradeep Kumar², Ashok Kumar Nanda^2,*, Hanumantha Rao Jalla³, Subba Reddy Chavva⁴

CMC-Computers, Materials & Continua, Vol.75, No.1, pp. 587-607, 2023, DOI:10.32604/cmc.2023.034773

Abstract Mobile ad hoc networks (MANETs) are subjected to attack detection for transmitting and creating new messages or existing message modifications. The attacker on another node evaluates the forging activity in the message directly or indirectly. Every node sends short packets in a MANET environment with its identifier, location on the map, and time through beacons. The attackers on the network broadcast the warning message using faked coordinates, providing the appearance of a network collision. Similarly, MANET degrades the channel utilization performance. Performance highly affects network performance through security algorithms. This paper developed a trust management technique called Enhanced Beacon Trust… More >

Abdllkader Esaid^1,*, Mary Agoyi²

Computer Systems Science and Engineering, Vol.45, No.2, pp. 1901-1915, 2023, DOI:10.32604/csse.2023.027819

Abstract Mobile Ad hoc Network (MANET) is decentralized wireless network and can communicate without existing infrastructure in many areas. MANET is vulnerable to various attacks that affect its performance such as blackhole attack. Blackhole attacker, inject fault routing information to persuade the source node to select the path with malicious node as the shortest path. To eliminate malicious nodes from launching any collaborative attack. A cooperative Trapping Approach (CTA) was proposed based on modifying Ad-hoc On-demand Distance Vector (AODV) routing protocol and trapping the malicious nodes by responding to the trap request message. The approach aims to eliminate and rule out… More >

Saqib Ali^1,*, Raja Waseem Anwar²

CMC-Computers, Materials & Continua, Vol.74, No.2, pp. 4381-4398, 2023, DOI:10.32604/cmc.2023.031472

Abstract Distributed control systems (DCS) have revolutionized the communication process and attracted more interest due to their pervasive computing nature (cyber/physical), their monitoring capabilities and the benefits they offer. However, due to distributed communication, flexible network topologies and lack of central control, the traditional security strategies are inadequate for meeting the unique characteristics of DCS. Moreover, malicious and untrustworthy nodes pose a significant threat during the formation of a DCS network. Trust-based secure systems not only monitor and track the behavior of the nodes but also enhance the security by identifying and isolating the malicious node, which reduces the risk and… More >

S. Sadhasivam¹, P. Valarmathie², K. Dinakaran^3,*

Intelligent Automation & Soft Computing, Vol.36, No.1, pp. 461-479, 2023, DOI:10.32604/iasc.2023.028650

Abstract With the vast advancements in Information Technology, the emergence of Online Social Networking (OSN) has also hit its peak and captured the attention of the young generation people. The clone intends to replicate the users and inject massive malicious activities that pose a crucial security threat to the original user. However, the attackers also target this height of OSN utilization, explicitly creating the clones of the user’s account. Various clone detection mechanisms are designed based on social-network activities. For instance, monitoring the occurrence of clone edges is done to restrict the generation of clone activities. However, this assumption is unsuitable… More >