Samia Allaoua Chelloug^*

CMC-Computers, Materials & Continua, Vol.79, No.3, pp. 4845-4861, 2024, DOI:10.32604/cmc.2024.051539

Abstract Intrusion detection is a predominant task that monitors and protects the network infrastructure. Therefore, many datasets have been published and investigated by researchers to analyze and understand the problem of intrusion prediction and detection. In particular, the Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) is an extensively used benchmark dataset for evaluating intrusion detection systems (IDSs) as it incorporates various network traffic attacks. It is worth mentioning that a large number of studies have tackled the problem of intrusion detection using machine learning models, but the performance of these models often decreases when evaluated on… More >

Fatma S. Alrayes¹, Mohammed Zakariah², Syed Umar Amin^3,*, Zafar Iqbal Khan³, Jehad Saad Alqurni⁴

CMC-Computers, Materials & Continua, Vol.79, No.3, pp. 4319-4347, 2024, DOI:10.32604/cmc.2024.050586

Abstract Intrusion detection systems (IDS) are essential in the field of cybersecurity because they protect networks from a wide range of online threats. The goal of this research is to meet the urgent need for small-footprint, highly-adaptable Network Intrusion Detection Systems (NIDS) that can identify anomalies. The NSL-KDD dataset is used in the study; it is a sizable collection comprising 43 variables with the label’s “attack” and “level.” It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks (CNN). Furthermore, this dataset makes it easier to conduct… More >

Jun Wang, Changfu Si, Zhen Wang, Qiang Fu^*

CMC-Computers, Materials & Continua, Vol.79, No.3, pp. 4297-4318, 2024, DOI:10.32604/cmc.2024.050223

Abstract Nowadays, with the rapid development of industrial Internet technology, on the one hand, advanced industrial control systems (ICS) have improved industrial production efficiency. However, there are more and more cyber-attacks targeting industrial control systems. To ensure the security of industrial networks, intrusion detection systems have been widely used in industrial control systems, and deep neural networks have always been an effective method for identifying cyber attacks. Current intrusion detection methods still suffer from low accuracy and a high false alarm rate. Therefore, it is important to build a more efficient intrusion detection model. This paper… More >

Amerah Alabrah^*

CMC-Computers, Materials & Continua, Vol.79, No.3, pp. 3897-3912, 2024, DOI:10.32604/cmc.2024.048528

Abstract The emergence of digital networks and the wide adoption of information on internet platforms have given rise to threats against users’ private information. Many intruders actively seek such private data either for sale or other inappropriate purposes. Similarly, national and international organizations have country-level and company-level private information that could be accessed by different network attacks. Therefore, the need for a Network Intruder Detection System (NIDS) becomes essential for protecting these networks and organizations. In the evolution of NIDS, Artificial Intelligence (AI) assisted tools and methods have been widely adopted to provide effective solutions. However,… More >

Chunhui Li^1,*, Hua Jiang²

CMC-Computers, Materials & Continua, Vol.79, No.3, pp. 4491-4512, 2024, DOI:10.32604/cmc.2024.048431

Abstract In the context of enterprise systems, intrusion detection (ID) emerges as a critical element driving the digital transformation of enterprises. With systems spanning various sectors of enterprises geographically dispersed, the necessity for seamless information exchange has surged significantly. The existing cross-domain solutions are challenged by such issues as insufficient security, high communication overhead, and a lack of effective update mechanisms, rendering them less feasible for prolonged application on resource-limited devices. This study proposes a new cross-domain collaboration scheme based on federated chains to streamline the server-side workload. Within this framework, individual nodes solely engage in… More >

Widad Elbakri¹, Maheyzah Md. Siraj^1,*, Bander Ali Saleh Al-rimy¹, Sultan Noman Qasem², Tawfik Al-Hadhrami³

CMC-Computers, Materials & Continua, Vol.79, No.3, pp. 3725-3756, 2024, DOI:10.32604/cmc.2024.048105

Abstract Cloud computing environments, characterized by dynamic scaling, distributed architectures, and complex workloads, are increasingly targeted by malicious actors. These threats encompass unauthorized access, data breaches, denial-of-service attacks, and evolving malware variants. Traditional security solutions often struggle with the dynamic nature of cloud environments, highlighting the need for robust Adaptive Cloud Intrusion Detection Systems (CIDS). Existing adaptive CIDS solutions, while offering improved detection capabilities, often face limitations such as reliance on approximations for change point detection, hindering their precision in identifying anomalies. This can lead to missed attacks or an abundance of false alarms, impacting overall… More >

Jian Yu^1,2,*, Gaofeng Yu³, Xiangmei Xiao^1,2, Zhixing Lin^1,2

Journal of Cyber Security, Vol.6, pp. 41-68, 2024, DOI:10.32604/jcs.2024.049658

Abstract With the rapid advancement of the Internet, network attack methods are constantly evolving and adapting. To better identify the network attack behavior, a universal gravitation clustering algorithm was proposed by analyzing the dissimilarities and similarities of the clustering algorithms. First, the algorithm designated the cluster set as vacant, with the introduction of a new object. Subsequently, a new cluster based on the given object was constructed. The dissimilarities between it and each existing cluster were calculated using a defined difference measure. The minimum dissimilarity was selected. Through comparing the proposed algorithm with the traditional Back More >

Fatimah Mudhhi Alanazi^*, Bothina Abdelmeneem Elsobky, Shaimaa Aly Elmorsy

Computer Systems Science and Engineering, Vol.48, No.3, pp. 835-851, 2024, DOI:10.32604/csse.2024.042401

Abstract Proliferation of technology, coupled with networking growth, has catapulted cybersecurity to the forefront of modern security concerns. In this landscape, the precise detection of cyberattacks and anomalies within networks is crucial, necessitating the development of efficient intrusion detection systems (IDS). This article introduces a framework utilizing the fusion of fuzzy sets with support vector machines (SVM), named FSVM. The core strategy of FSVM lies in calculating the significance of network features to determine their relative importance. Features with minimal significance are prudently disregarded, a method akin to feature selection. This process not only curtails the… More >

Fei Wang, Zhen Dong^*

CMC-Computers, Materials & Continua, Vol.79, No.2, pp. 2315-2329, 2024, DOI:10.32604/cmc.2024.048443

Abstract Aiming at the problems of low accuracy and slow convergence speed of current intrusion detection models, SpiralConvolution is combined with Long Short-Term Memory Network to construct a new intrusion detection model. The dataset is first preprocessed using solo thermal encoding and normalization functions. Then the spiral convolution-Long Short-Term Memory Network model is constructed, which consists of spiral convolution, a two-layer long short-term memory network, and a classifier. It is shown through experiments that the model is characterized by high accuracy, small model computation, and fast convergence speed relative to previous deep learning models. The model More >

Khaled Soliman^1,*, Mohamed Sobh², Ayman M. Bahaa-Eldin²

CMC-Computers, Materials & Continua, Vol.79, No.1, pp. 1419-1439, 2024, DOI:10.32604/cmc.2024.048883

Abstract The continuous development of cyberattacks is threatening digital transformation endeavors worldwide and leads to wide losses for various organizations. These dangers have proven that signature-based approaches are insufficient to prevent emerging and polymorphic attacks. Therefore, this paper is proposing a Robust Malicious Executable Detection (RMED) using Host-based Machine Learning Classifier to discover malicious Portable Executable (PE) files in hosts using Windows operating systems through collecting PE headers and applying machine learning mechanisms to detect unknown infected files. The authors have collected a novel reliable dataset containing 116,031 benign files and 179,071 malware samples from diverse… More >