Fatima Al-Quayed^*

CMES-Computer Modeling in Engineering & Sciences, Vol.146, No.1, 2026, DOI:10.32604/cmes.2025.074799 - 29 January 2026

Abstract The rapid proliferation of Internet of Things (IoT) devices in critical healthcare infrastructure has introduced significant security and privacy challenges that demand innovative, distributed architectural solutions. This paper proposes FE-ACS (Fog-Edge Adaptive Cybersecurity System), a novel hierarchical security framework that intelligently distributes AI-powered anomaly detection algorithms across edge, fog, and cloud layers to optimize security efficacy, latency, and privacy. Our comprehensive evaluation demonstrates that FE-ACS achieves superior detection performance with an AUC-ROC of 0.985 and an F1-score of 0.923, while maintaining significantly lower end-to-end latency (18.7 ms) compared to cloud-centric (152.3 ms) and fog-only (34.5… More >

Haoxiang Wen¹, Zhaoyang Wang¹, Zhonglin Ye^1,*, Haixing Zhao¹, Maosong Sun²

CMES-Computer Modeling in Engineering & Sciences, Vol.146, No.1, 2026, DOI:10.32604/cmes.2025.074410 - 29 January 2026

Abstract Multivariate anomaly detection plays a critical role in maintaining the stable operation of information systems. However, in existing research, multivariate data are often influenced by various factors during the data collection process, resulting in temporal misalignment or displacement. Due to these factors, the node representations carry substantial noise, which reduces the adaptability of the multivariate coupled network structure and subsequently degrades anomaly detection performance. Accordingly, this study proposes a novel multivariate anomaly detection model grounded in graph structure learning. Firstly, a recommendation strategy is employed to identify strongly coupled variable pairs, which are then used More >

Jeongeun Ryu¹, Riyeong Kim², Soomin Lee¹, Sumin Kim¹, Hyunwoo Choi^1,2, Seongmin Kim^1,2,*

CMC-Computers, Materials & Continua, Vol.86, No.3, 2026, DOI:10.32604/cmc.2025.074871 - 12 January 2026

Abstract As containerized environments become increasingly prevalent in cloud-native infrastructures, the need for effective monitoring and detection of malicious behaviors has become critical. Malicious containers pose significant risks by exploiting shared host resources, enabling privilege escalation, or launching large-scale attacks such as cryptomining and botnet activities. Therefore, developing accurate and efficient detection mechanisms is essential for ensuring the security and stability of containerized systems. To this end, we propose a hybrid detection framework that leverages the extended Berkeley Packet Filter (eBPF) to monitor container activities directly within the Linux kernel. The framework simultaneously collects flow-based network… More >

Weishan Gao^1,2, Ye Wang^1,2, Xiaoyin Wang^1,2, Xiaochuan Jing^1,2,*

CMC-Computers, Materials & Continua, Vol.86, No.3, 2026, DOI:10.32604/cmc.2025.073850 - 12 January 2026

Abstract In the field of intelligent surveillance, weakly supervised video anomaly detection (WSVAD) has garnered widespread attention as a key technology that identifies anomalous events using only video-level labels. Although multiple instance learning (MIL) has dominated the WSVAD for a long time, its reliance solely on video-level labels without semantic grounding hinders a fine-grained understanding of visually similar yet semantically distinct events. In addition, insufficient temporal modeling obscures causal relationships between events, making anomaly decisions reactive rather than reasoning-based. To overcome the limitations above, this paper proposes an adaptive knowledge-based guidance method that integrates external structured… More >

Jay Barach^*

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-23, 2026, DOI:10.32604/cmc.2025.071705 - 09 December 2025

Abstract Human Resource (HR) operations increasingly rely on cloud-based platforms that provide hiring, payroll, employee management, and compliance services. These systems, typically built on multi-tenant microservice architectures, offer scalability and efficiency but also expand the attack surface for adversaries. Ransomware has emerged as a leading threat in this domain, capable of halting workflows and exposing sensitive employee records. Traditional defenses such as static hardening and signature-based detection often fail to address the dynamic requirements of HR Software as a Service (SaaS), where continuous availability and privacy compliance are critical. This paper presents a Moving Target Defense… More >

Eman Alsalmi, Abeer Alhuzali^*, Areej Alhothali

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-20, 2026, DOI:10.32604/cmc.2025.071012 - 09 December 2025

Abstract Log anomaly detection is essential for maintaining the reliability and security of large-scale networked systems. Most traditional techniques rely on log parsing in the reprocessing stage and utilize handcrafted features that limit their adaptability across various systems. In this study, we propose a hybrid model, BertGCN, that integrates BERT-based contextual embedding with Graph Convolutional Networks (GCNs) to identify anomalies in raw system logs, thereby eliminating the need for log parsing. The BERT module captures semantic representations of log messages, while the GCN models the structural relationships among log entries through a text-based graph. This combination More >

Bing Zhang, Wenqi Shi^*

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-19, 2026, DOI:10.32604/cmc.2025.067470 - 09 December 2025

Abstract To address the challenge of low survival rates and limited data collection efficiency in current virtual probe deployments, which results from anomaly detection mechanisms in location-based service (LBS) applications, this paper proposes a novel virtual probe deployment method based on user behavioral feature analysis. The core idea is to circumvent LBS anomaly detection by mimicking real-user behavior patterns. First, we design an automated data extraction algorithm that recognizes graphical user interface (GUI) elements to collect spatio-temporal behavior data. Then, by analyzing the automatically collected user data, we identify normal users’ spatio-temporal patterns and extract their… More >

Nur Syaiful Afrizal¹, Khairul Adib Yusof^1,2,*, Lokman Hakim Muhamad¹, Nurul Shazana Abdul Hamid^2,3, Mardina Abdullah^2,4, Mohd Amiruddin Abd Rahman¹, Syamsiah Mashohor⁵, Masashi Hayakawa^6,7

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-16, 2026, DOI:10.32604/cmc.2025.066421 - 09 December 2025

Abstract Detecting geomagnetic anomalies preceding earthquakes is a challenging yet promising area of research that has gained increasing attention in recent years. This study introduces a novel reconstruction-based modeling approach enhanced by negative learning, employing a Bidirectional Long Short-Term Memory (BiLSTM) network explicitly trained to accurately reconstruct non-seismic geomagnetic signals while intentionally amplifying reconstruction errors for seismic signals. By penalizing the model for accurately reconstructing seismic anomalies, the negative learning approach effectively magnifies the differences between normal and anomalous data. This strategic differentiation enhances the sensitivity of the BiLSTM network, enabling improved detection of subtle geomagnetic More >

Abeer Alnuaim^*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-33, 2026, DOI:10.32604/cmc.2025.069110 - 10 November 2025

Abstract The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats. In the evolving landscape of cybersecurity, the efficacy of Intrusion Detection Systems (IDS) is increasingly measured by technical performance, operational usability, and adaptability. This study introduces and rigorously evaluates a Human-Computer Interaction (HCI)-Integrated IDS with the utilization of Convolutional Neural Network (CNN), CNN-Long Short Term Memory (LSTM), and Random Forest (RF) against both a Baseline Machine Learning (ML) and a Traditional IDS model, through an extensive experimental framework encompassing many performance metrics, including detection latency, accuracy, alert prioritization, classification… More >

Chunyong Yin, Williams Kyei^*

Journal of Cyber Security, Vol.7, pp. 615-635, 2025, DOI:10.32604/jcs.2025.072740 - 24 December 2025

Abstract The evolving sophistication of network threats demands anomaly detection methods that are both robust and adaptive. While autoencoders excel at learning normal traffic patterns, they struggle with complex feature interactions and require manual tuning for different environments. We introduce the Adaptive Robust AutoEncoder (ARAE), a novel framework that dynamically balances reconstruction fidelity with latent space regularization through learnable loss weighting. ARAE incorporates multi-head attention to model feature dependencies and fuses multiple anomaly indicators into an adaptive scoring mechanism. Extensive evaluation on four benchmark datasets demonstrates that ARAE significantly outperforms existing autoencoder variants and classical methods, More >