Seong-Su Yoon, Dong-Hyuk Shin, Ieck-Chae Euom^*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.2, pp. 2683-2706, 2025, DOI:10.32604/cmes.2025.071577 - 26 November 2025

Abstract With the continuous expansion of digital infrastructures, malicious behaviors in host systems have become increasingly sophisticated, often spanning multiple processes and employing obfuscation techniques to evade detection. Audit logs, such as Sysmon, offer valuable insights; however, existing approaches typically flatten event sequences or rely on generic graph models, thereby discarding the natural parent-child process hierarchy that is critical for analyzing multiprocess attacks. This paper proposes a structure-aware threat detection framework that transforms audit logs into a unified two-dimensional (2D) spatio-temporal representation, where process hierarchy is modeled as the spatial axis and event chronology as the More >

Suhyeon Lee¹, Hwankuk Kim^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.2, pp. 2657-2682, 2025, DOI:10.32604/cmes.2025.070627 - 26 November 2025

Abstract The open nature and heterogeneous architecture of Open Radio Access Network (Open RAN) undermine the consistency of security policies and broaden the attack surface, thereby increasing the risk of security vulnerabilities. The dynamic nature of network performance and traffic patterns in Open RAN necessitates advanced detection models that can overcome the constraints of traditional techniques and adapt to evolving behaviors. This study presents a methodology for effectively detecting malicious traffic in Open RAN by utilizing an Artificial-Intelligence/Machine-Learning (AI/ML) Framework. A hybrid Transformer–Convolutional-Neural-Network (Transformer-CNN) ensemble model is employed for anomaly detection. The proposed model generates final More >

Abdulaziz A. Alsulami¹, Qasem Abu Al-Haija^2,*, Badraddin Alturki³, Ayman Yafoz¹, Ali Alqahtani⁴, Raed Alsini¹, Sami Saeed Binyamin⁵

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.1, pp. 1117-1140, 2025, DOI:10.32604/cmes.2025.070745 - 30 October 2025

Abstract QR codes are widely used in applications such as information sharing, advertising, and digital payments. However, their growing adoption has made them attractive targets for malicious activities, including malware distribution and phishing attacks. Traditional detection approaches rely on URL analysis or image-based feature extraction, which may introduce significant computational overhead and limit real-time applicability, and their performance often depends on the quality of extracted features. Previous studies in malicious detection do not fully focus on QR code security when combining convolutional neural networks (CNNs) with recurrent neural networks (RNNs). This research proposes a deep learning… More >

Binu Sudhakaran Pillai¹, Raghavendra Kulkarni², Venkata Satya Suresh kumar Kondeti², Surendran Rajendran^3,*

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.1, pp. 1141-1166, 2025, DOI:10.32604/cmes.2025.070348 - 30 October 2025

Abstract Future 6G communications will open up opportunities for innovative applications, including Cyber-Physical Systems, edge computing, supporting Industry 5.0, and digital agriculture. While automation is creating efficiencies, it can also create new cyber threats, such as vulnerabilities in trust and malicious node injection. Denial-of-Service (DoS) attacks can stop many forms of operations by overwhelming networks and systems with data noise. Current anomaly detection methods require extensive software changes and only detect static threats. Data collection is important for being accurate, but it is often a slow, tedious, and sometimes inefficient process. This paper proposes a new… More >

Raj Sonani¹, Reham Alhejaili^2,*, Pushpalika Chatterjee³, Khalid Hamad Alnafisah⁴, Jehad Ali^5,*

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.3, pp. 3169-3189, 2025, DOI:10.32604/cmes.2025.070225 - 30 September 2025

Abstract Healthcare networks are transitioning from manual records to electronic health records, but this shift introduces vulnerabilities such as secure communication issues, privacy concerns, and the presence of malicious nodes. Existing machine and deep learning-based anomalies detection methods often rely on centralized training, leading to reduced accuracy and potential privacy breaches. Therefore, this study proposes a Blockchain-based-Federated Learning architecture for Malicious Node Detection (BFL-MND) model. It trains models locally within healthcare clusters, sharing only model updates instead of patient data, preserving privacy and improving accuracy. Cloud and edge computing enhance the model’s scalability, while blockchain ensures More >

Ramadan Abdul-Rashid¹, Mohd Amiruddin Abd Rahman^1,*, Abdulaziz Yagoub Barnawi²

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.3, pp. 3213-3250, 2025, DOI:10.32604/cmes.2025.066589 - 30 September 2025

Abstract Accurate time synchronization is fundamental to the correct and efficient operation of Wireless Sensor Networks (WSNs), especially in security-critical, time-sensitive applications. However, most existing protocols degrade substantially under malicious interference. We introduce iSTSP, an Intelligent and Secure Time Synchronization Protocol that implements a four-stage defense pipeline to ensure robust, precise synchronization even in hostile environments: (1) trust preprocessing that filters node participation using behavioral trust scoring; (2) anomaly isolation employing a lightweight autoencoder to detect and excise malicious nodes in real time; (3) reliability-weighted consensus that prioritizes high-trust nodes during time aggregation; and (4) convergence-optimized synchronization… More >

Xuan Wu¹, Yafei Song¹, Xiaodan Wang^1,*, Peng Wang¹, Qian Xiang²

CMC-Computers, Materials & Continua, Vol.84, No.1, pp. 1279-1305, 2025, DOI:10.32604/cmc.2025.064471 - 09 June 2025

Abstract With the growth of the Internet of Things (IoT) comes a flood of malicious traffic in the IoT, intensifying the challenges of network security. Traditional models operate with independent layers, limiting their effectiveness in addressing these challenges. To address this issue, we propose a cross-layer cooperative Feature Subset-Based Malicious Traffic Detection (FSMMTD) model for detecting malicious traffic. Our approach begins by applying an enhanced random forest method to adaptively filter and retain highly discriminative first-layer features. These processed features are then input into an improved state-space model that integrates the strengths of recurrent neural networks… More >

Rongwei Yu¹, Jie Yin^1,*, Jingyi Xiang¹, Qiyun Shao², Lina Wang¹

CMC-Computers, Materials & Continua, Vol.84, No.1, pp. 365-391, 2025, DOI:10.32604/cmc.2025.064438 - 09 June 2025

Abstract With the emergence of new attack techniques, traffic classifiers usually fail to maintain the expected performance in real-world network environments. In order to have sufficient generalizability to deal with unknown malicious samples, they require a large number of new samples for retraining. Considering the cost of data collection and labeling, data augmentation is an ideal solution. We propose an optimized noise-based traffic data augmentation system, ONTDAS. The system uses a gradient-based searching algorithm and an improved Bayesian optimizer to obtain optimized noise. The noise is injected into the original samples for data augmentation. Then, an More >

Long Cai, Ke Gu^*, Jiaqi Lei

CMC-Computers, Materials & Continua, Vol.83, No.1, pp. 239-258, 2025, DOI:10.32604/cmc.2025.061377 - 26 March 2025

Abstract Large-scale neural networks-based federated learning (FL) has gained public recognition for its effective capabilities in distributed training. Nonetheless, the open system architecture inherent to federated learning systems raises concerns regarding their vulnerability to potential attacks. Poisoning attacks turn into a major menace to federated learning on account of their concealed property and potent destructive force. By altering the local model during routine machine learning training, attackers can easily contaminate the global model. Traditional detection and aggregation solutions mitigate certain threats, but they are still insufficient to completely eliminate the influence generated by attackers. Therefore, federated… More >

Ming Liu, Qichao Yang, Wenqing Wang, Shengli Liu^*

CMC-Computers, Materials & Continua, Vol.82, No.2, pp. 2985-3004, 2025, DOI:10.32604/cmc.2024.059417 - 17 February 2025

Abstract The proliferation of internet traffic encryption has become a double-edged sword. While it significantly enhances user privacy, it also inadvertently shields cyber-attacks from detection, presenting a formidable challenge to cybersecurity. Traditional machine learning and deep learning techniques often fall short in identifying encrypted malicious traffic due to their inability to fully extract and utilize the implicit relational and positional information embedded within data packets. This limitation has led to an unresolved challenge in the cybersecurity community: how to effectively extract valuable insights from the complex patterns of traffic packet transmission. Consequently, this paper introduces the… More >