Zheng Zhang^1,2, Jie Hao², Liquan Chen^1,*, Tianhao Hou², Yanan Liu²

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-22, 2026, DOI:10.32604/cmc.2025.068372 - 10 November 2025

Abstract With the increasing severity of network security threats, Network Intrusion Detection (NID) has become a key technology to ensure network security. To address the problem of low detection rate of traditional intrusion detection models, this paper proposes a Dual-Attention model for NID, which combines Convolutional Neural Network (CNN) and Bidirectional Long Short-Term Memory (BiLSTM) to design two modules: the FocusConV and the TempoNet module. The FocusConV module, which automatically adjusts and weights CNN extracted local features, focuses on local features that are more important for intrusion detection. The TempoNet module focuses on global information, identifies… More >

Gan Zhu¹, Yongtao Yu^2,*, Xiaofan Deng¹, Yuanchen Dai³, Zhenyuan Li³

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.3, pp. 4317-4348, 2025, DOI:10.32604/cmes.2025.074349 - 23 December 2025

Abstract Existing deep learning Network Intrusion Detection Systems (NIDS) struggle to simultaneously capture fine-grained, multi-scale features and long-range temporal dependencies. To address this gap, this paper introduces TransNeSt, a hybrid architecture integrating a ResNeSt block (using split-attention for multi-scale feature representation) with a Transformer encoder (using self-attention for global temporal modeling). This integration of multi-scale and temporal attention was validated on four benchmarks: NSL-KDD, UNSW-NB15, CIC-IDS2017, and CICIOT2023. TransNeSt consistently outperformed its individual components and several state-of-the-art models, demonstrating significant quantitative gains. The model achieved high efficacy across all datasets, with F1-Scores of 99.04% (NSL-KDD), 91.92% More >

Shengjia Chang, Baojiang Cui^*, Shaocong Feng

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.3, pp. 3805-3827, 2025, DOI:10.32604/cmes.2025.067756 - 30 September 2025

Abstract With the rapid advancement of mobile communication networks, key technologies such as Multi-access Edge Computing (MEC) and Network Function Virtualization (NFV) have enhanced the quality of service for 5G users but have also significantly increased the complexity of network threats. Traditional static defense mechanisms are inadequate for addressing the dynamic and heterogeneous nature of modern attack vectors. To overcome these challenges, this paper presents a novel algorithmic framework, SD-5G, designed for high-precision intrusion detection in 5G environments. SD-5G adopts a three-stage architecture comprising traffic feature extraction, elastic representation, and adaptive classification. Specifically, an enhanced Concrete… More >

Hoon Ko¹, Marek R. Ogiela², Libor Mesicek³, Sangheon Kim^4,*

CMC-Computers, Materials & Continua, Vol.85, No.2, pp. 2985-2997, 2025, DOI:10.32604/cmc.2025.065885 - 23 September 2025

Abstract The rapid evolution of AI-driven cybersecurity solutions has led to increasingly complex network infrastructures, which in turn increases their exposure to sophisticated threats. This study proposes a Graph Neural Network (GNN)-based feature selection strategy specifically tailored for Network Intrusion Detection Systems (NIDS). By modeling feature correlations and leveraging their topological relationships, this method addresses challenges such as feature redundancy and class imbalance. Experimental analysis using the KDDTest+ dataset demonstrates that the proposed model achieves 98.5% detection accuracy, showing notable gains in both computational efficiency and minority class detection. Compared to conventional machine learning methods, the More >

Manzheng Yuan^1,2, Kai Yang^2,*

Journal of Cyber Security, Vol.7, pp. 197-219, 2025, DOI:10.32604/jcs.2025.066089 - 07 July 2025

Abstract Currently, network intrusion detection systems (NIDS) face significant challenges in feature redundancy and high computational complexity, which hinder the improvement of detection performance and significantly reduce operational efficiency. To address these issues, this paper proposes an innovative weighted feature selection method combining mutual information and Extreme Gradient Boosting (XGBoost). This method aims to leverage their strengths to identify crucial feature subsets for intrusion detection accurately. Specifically, it first calculates the mutual information scores between features and target variables to evaluate individual discriminatory capabilities of features and uses XGBoost to obtain feature importance scores reflecting their… More >

Khadija Bouzaachane^1,*, El Mahdi El Guarmah², Abdullah M. Alnajim³, Sheroz Khan⁴

CMC-Computers, Materials & Continua, Vol.84, No.2, pp. 2391-2410, 2025, DOI:10.32604/cmc.2025.065031 - 03 July 2025

Abstract The rapid increase in the number of Internet of Things (IoT) devices, coupled with a rise in sophisticated cyberattacks, demands robust intrusion detection systems. This study presents a holistic, intelligent intrusion detection system. It uses a combined method that integrates machine learning (ML) and deep learning (DL) techniques to improve the protection of contemporary information technology (IT) systems. Unlike traditional signature-based or single-model methods, this system integrates the strengths of ensemble learning for binary classification and deep learning for multi-class classification. This combination provides a more nuanced and adaptable defense. The research utilizes the NF-UQ-NIDS-v2… More >

Junbin He^1,2, Wuxia Zhang³, Xianyi Liu¹, Jinping Liu^2,*, Guangyi Yang⁴

CMC-Computers, Materials & Continua, Vol.84, No.1, pp. 1227-1252, 2025, DOI:10.32604/cmc.2025.064402 - 09 June 2025

Abstract The integration of cloud computing into traditional industrial control systems is accelerating the evolution of Industrial Cyber-Physical System (ICPS), enhancing intelligence and autonomy. However, this transition also expands the attack surface, introducing critical security vulnerabilities. To address these challenges, this article proposes a hybrid intrusion detection scheme for securing ICPSs that combines system state anomaly and network traffic anomaly detection. Specifically, an improved variation-Bayesian-based noise covariance-adaptive nonlinear Kalman filtering (IVB-NCA-NLKF) method is developed to model nonlinear system dynamics, enabling optimal state estimation in multi-sensor ICPS environments. Intrusions within the physical sensing system are identified by More >

Jun Wang^1,2, Chaoren Ge^1,2, Yihong Li^1,2, Huimin Zhao^1,2, Qiang Fu^1,2,*, Kerang Cao^1,2, Hoekyung Jung^3,*

CMC-Computers, Materials & Continua, Vol.83, No.3, pp. 5129-5153, 2025, DOI:10.32604/cmc.2025.062094 - 19 May 2025

Abstract Network Intrusion Detection System (NIDS) detection of minority class attacks is always a difficult task when dealing with attacks in complex network environments. To improve the detection capability of minority-class attacks, this study proposes an intrusion detection method based on a two-layer structure. The first layer employs a CNN-BiLSTM model incorporating an attention mechanism to classify network traffic into normal traffic, majority class attacks, and merged minority class attacks. The second layer further segments the minority class attacks through Stacking ensemble learning. The datasets are selected from the generic network dataset CIC-IDS2017, NSL-KDD, and the… More >

Federica Uccello^1,2, Marek Pawlicki^3,4, Salvatore D'Antonio¹, Rafał Kozik^3,4, Michał Choraś^3,4,*

CMC-Computers, Materials & Continua, Vol.83, No.2, pp. 1607-1621, 2025, DOI:10.32604/cmc.2025.062801 - 16 April 2025

Abstract The growing sophistication of cyberthreats, among others the Distributed Denial of Service attacks, has exposed limitations in traditional rule-based Security Information and Event Management systems. While machine learning–based intrusion detection systems can capture complex network behaviours, their “black-box” nature often limits trust and actionable insight for security operators. This study introduces a novel approach that integrates Explainable Artificial Intelligence—xAI—with the Random Forest classifier to derive human-interpretable rules, thereby enhancing the detection of Distributed Denial of Service (DDoS) attacks. The proposed framework combines traditional static rule formulation with advanced xAI techniques—SHapley Additive exPlanations and Scoped Rules More >

Yue Yang^1,2, Xiangyan Tang^2,3,*, Zhaowu Liu^2,3,*, Jieren Cheng^2,3, Haozhe Fang³, Cunyi Zhang³

CMC-Computers, Materials & Continua, Vol.82, No.3, pp. 4389-4408, 2025, DOI:10.32604/cmc.2025.060357 - 06 March 2025

Abstract With the rapid development of Internet of Things technology, the sharp increase in network devices and their inherent security vulnerabilities present a stark contrast, bringing unprecedented challenges to the field of network security, especially in identifying malicious attacks. However, due to the uneven distribution of network traffic data, particularly the imbalance between attack traffic and normal traffic, as well as the imbalance between minority class attacks and majority class attacks, traditional machine learning detection algorithms have significant limitations when dealing with sparse network traffic data. To effectively tackle this challenge, we have designed a lightweight… More >