Jay Barach^*

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-23, 2026, DOI:10.32604/cmc.2025.071705 - 09 December 2025

Abstract Human Resource (HR) operations increasingly rely on cloud-based platforms that provide hiring, payroll, employee management, and compliance services. These systems, typically built on multi-tenant microservice architectures, offer scalability and efficiency but also expand the attack surface for adversaries. Ransomware has emerged as a leading threat in this domain, capable of halting workflows and exposing sensitive employee records. Traditional defenses such as static hardening and signature-based detection often fail to address the dynamic requirements of HR Software as a Service (SaaS), where continuous availability and privacy compliance are critical. This paper presents a Moving Target Defense… More >

Yunhao Yu¹, Boda Zhang¹, Meiling Dizha¹, Ruibin Wen¹, Fuhua Luo¹, Xiang Guo¹, Zhenyong Zhang^2,*

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-19, 2026, DOI:10.32604/cmc.2025.070577 - 09 December 2025

Abstract Load frequency control (LFC) is a critical function to balance the power consumption and generation. The grid frequency is a crucial indicator for maintaining balance. However, the widely used information and communication infrastructure for LFC increases the risk of being attacked by malicious actors. The dynamic load altering attack (DLAA) is a typical attack that can destabilize the power system, causing the grid frequency to deviate from its nominal value. Therefore, in this paper, we mathematically analyze the impact of DLAA on the stability of the grid frequency and propose the network parameter regulation (NPR)… More >

Kirubavathi Ganapathiyappan^1,*, Kiruba Marimuthu Eswaramoorthy¹, Abi Thangamuthu Shanthamani¹, Aksaya Venugopal¹, Asita Pon Bhavya Iyyappan¹, Thilaga Manickam¹, Ateeq Ur Rehman^2,*, Habib Hamam^3,4,5,6

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-31, 2026, DOI:10.32604/cmc.2025.070067 - 09 December 2025

Abstract The growing use of Portable Document Format (PDF) files across various sectors such as education, government, and business has inadvertently turned them into a major target for cyberattacks. Cybercriminals take advantage of the inherent flexibility and layered structure of PDFs to inject malicious content, often employing advanced obfuscation techniques to evade detection by traditional signature-based security systems. These conventional methods are no longer adequate, especially against sophisticated threats like zero-day exploits and polymorphic malware. In response to these challenges, this study introduces a machine learning-based detection framework specifically designed to combat such threats. Central to… More >

Kirubavathi Ganapathiyappan¹, Heba G. Mohamed², Abhishek Yadav¹, Guru Akshya Chinnaswamy¹, Ateeq Ur Rehman^3,*, Habib Hamam^4,5,6,7

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-18, 2026, DOI:10.32604/cmc.2025.069951 - 09 December 2025

Abstract The escalating complexity of modern malware continues to undermine the effectiveness of traditional signature-based detection techniques, which are often unable to adapt to rapidly evolving attack patterns. To address these challenges, this study proposes X-MalNet, a lightweight Convolutional Neural Network (CNN) framework designed for static malware classification through image-based representations of binary executables. By converting malware binaries into grayscale images, the model extracts distinctive structural and texture-level features that signify malicious intent, thereby eliminating the dependence on manual feature engineering or dynamic behavioral analysis. Built upon a modified AlexNet architecture, X-MalNet employs transfer learning to… More >

Abeer Alhuzali^1,*, Qamar Al-Qahtani¹, Asmaa Niyazi¹, Lama Alshehri¹, Fatemah Alharbi²

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-19, 2026, DOI:10.32604/cmc.2025.069491 - 10 November 2025

Abstract The surge in smishing attacks underscores the urgent need for robust, real-time detection systems powered by advanced deep learning models. This paper introduces PhishNet, a novel ensemble learning framework that integrates transformer-based models (RoBERTa) and large language models (LLMs) (GPT-OSS 120B, LLaMA3.3 70B, and Qwen3 32B) to enhance smishing detection performance significantly. To mitigate class imbalance, we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques. Our system employs a dual-layer voting mechanism: weighted majority voting among LLMs and a final ensemble vote to classify messages as ham, spam, or smishing. Experimental More >

Md Shohel Rana^1,2,3,4,*, Tonmoy Ghosh³, Mohammad Nur Nobi⁵, Anichur Rahman^1,6,*, Andrew H. Sung⁴

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-38, 2026, DOI:10.32604/cmc.2025.069212 - 10 November 2025

Abstract Zero-click attacks represent an advanced cybersecurity threat, capable of compromising devices without user interaction. High-profile examples such as Pegasus, Simjacker, Bluebugging, and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access, exfiltrate data, and enable long-term surveillance. Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging. This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework, a widely adopted standard for modeling adversarial behavior. Through this mapping, we categorize real-world attack vectors and better understand how… More >

Abeer Alnuaim^*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-33, 2026, DOI:10.32604/cmc.2025.069110 - 10 November 2025

Abstract The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats. In the evolving landscape of cybersecurity, the efficacy of Intrusion Detection Systems (IDS) is increasingly measured by technical performance, operational usability, and adaptability. This study introduces and rigorously evaluates a Human-Computer Interaction (HCI)-Integrated IDS with the utilization of Convolutional Neural Network (CNN), CNN-Long Short Term Memory (LSTM), and Random Forest (RF) against both a Baseline Machine Learning (ML) and a Traditional IDS model, through an extensive experimental framework encompassing many performance metrics, including detection latency, accuracy, alert prioritization, classification… More >

Fatima Al-Quayed^*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-16, 2026, DOI:10.32604/cmc.2025.069102 - 10 November 2025

Abstract Due to the growth of smart cities, many real-time systems have been developed to support smart cities using Internet of Things (IoT) and emerging technologies. They are formulated to collect the data for environment monitoring and automate the communication process. In recent decades, researchers have made many efforts to propose autonomous systems for manipulating network data and providing on-time responses in critical operations. However, the widespread use of IoT devices in resource-constrained applications and mobile sensor networks introduces significant research challenges for cybersecurity. These systems are vulnerable to a variety of cyberattacks, including unauthorized access,… More >

Amjad Rehman^1,*, Tanzila Saba¹, Mona M. Jamjoom², Shaha Al-Otaibi³, Muhammad I. Khan¹

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-15, 2026, DOI:10.32604/cmc.2025.068958 - 10 November 2025

Abstract Modern intrusion detection systems (MIDS) face persistent challenges in coping with the rapid evolution of cyber threats, high-volume network traffic, and imbalanced datasets. Traditional models often lack the robustness and explainability required to detect novel and sophisticated attacks effectively. This study introduces an advanced, explainable machine learning framework for multi-class IDS using the KDD99 and IDS datasets, which reflects real-world network behavior through a blend of normal and diverse attack classes. The methodology begins with sophisticated data preprocessing, incorporating both RobustScaler and QuantileTransformer to address outliers and skewed feature distributions, ensuring standardized and model-ready inputs.… More >

Xiaohu Song¹, Zhiliang Zhu^2,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-19, 2026, DOI:10.32604/cmc.2025.068930 - 10 November 2025

Abstract Vulnerabilities are a known problem in modern Open Source Software (OSS). Most developers often rely on third-party libraries to accelerate feature implementation. However, these libraries may contain vulnerabilities that attackers can exploit to propagate malicious code, posing security risks to dependent projects. Existing research addresses these challenges through Software Composition Analysis (SCA) for vulnerability detection and remediation. Nevertheless, current solutions may introduce additional issues, such as incompatibilities, dependency conflicts, and additional vulnerabilities. To address this, we propose Vulnerability Scan and Protection (), a robust solution for detection and remediation vulnerabilities in Java projects. Specifically, builds… More >