Xiaohu Song¹, Zhiliang Zhu^2,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-19, 2026, DOI:10.32604/cmc.2025.068930 - 10 November 2025

Abstract Vulnerabilities are a known problem in modern Open Source Software (OSS). Most developers often rely on third-party libraries to accelerate feature implementation. However, these libraries may contain vulnerabilities that attackers can exploit to propagate malicious code, posing security risks to dependent projects. Existing research addresses these challenges through Software Composition Analysis (SCA) for vulnerability detection and remediation. Nevertheless, current solutions may introduce additional issues, such as incompatibilities, dependency conflicts, and additional vulnerabilities. To address this, we propose Vulnerability Scan and Protection (), a robust solution for detection and remediation vulnerabilities in Java projects. Specifically, builds… More >

Victor Otieno Mony^*, Anselemo Peters Ikoha, Roselida O. Maroko

Journal of Cyber Security, Vol.7, pp. 395-415, 2025, DOI:10.32604/jcs.2025.070952 - 30 September 2025

Abstract The widespread adoption of Cloud-Based Services has significantly increased the surface area for cyber threats, particularly targeting authentication mechanisms, which remain among the most vulnerable components of cloud security. This study aimed to address these challenges by developing and evaluating an Intelligent Zero Trust Architecture model tailored to mitigate authentication-related threats in Cloud-Based Services environments. Data was sourced from public repositories, including Kaggle and the National Institute for Standards and Technology MITRE Corporation’s Adversarial Tactics, Techniques, & Common Knowledge (ATT&CK) framework. The study utilized two trust signals: Behavioral targeting system users and Contextual targeting system… More >

Xiao-Xiao Luo, Bi Peng, Jian-Hua Wang, Guang-Yuan Hu, Xiang-Lin Yuan, Guo-Xian Long^*

Oncology Research, Vol.33, No.10, pp. 2903-2921, 2025, DOI:10.32604/or.2025.066308 - 26 September 2025

Abstract Objective: The World Health Organization (WHO) grading based on histopathology cannot always accurately predict tumor behavior of meningiomas. To overcome the limitations of the WHO grading, the study aims to propose a novel oxidative stress-based molecular classification for WHO grade 2/3 meningiomas. Methods: Differentially expressed oxidative stress-related genes were analyzed between 86 WHO grade 1 (low grade) meningiomas and 99 grade 2/3 (high grade) meningiomas. An oxidative stress-based molecular classification was developed in high-grade meningiomas through consensus clustering analysis. Immune microenvironment features, responses to immunotherapy and chemotherapy, and targeted drugs were evaluated. Three machine learning… More >

Siyi Wang, Yan Zhuang^*, Zhizhuang Zhou, Xinhao Wang, Menglan Li

CMC-Computers, Materials & Continua, Vol.85, No.2, pp. 3041-3066, 2025, DOI:10.32604/cmc.2025.067636 - 23 September 2025

Abstract Heap memory anomalies, such as Use-After-Free (UAF), Double-Free, and Memory Leaks, pose critical security threats including system crashes, data leakage, and remote exploits. Existing methods often fail to handle multiple anomaly types and meet real-time detection demands. To address these challenges, this paper proposes MemHookNet, a real-time multi-class heap anomaly detection framework that combines log hooking with deep learning. Without modifying source code, MemHookNet non-intrusively captures memory operation logs at runtime and transforms them into structured sequences encoding operation types, pointer identifiers, thread context, memory sizes, and temporal intervals. A sliding-window Long Short-Term Memory (LSTM) More >

Xiongwei Cui, Yunchao Wang, Qiang Wei^*

CMC-Computers, Materials & Continua, Vol.83, No.3, pp. 4939-4959, 2025, DOI:10.32604/cmc.2025.063592 - 19 May 2025

Abstract The development of the Internet of Things (IoT) has brought convenience to people’s lives, but it also introduces significant security risks. Due to the limitations of IoT devices themselves and the challenges of re-hosting technology, existing fuzzing for IoT devices is mainly conducted through black-box methods, which lack effective execution feedback and are blind. Meanwhile, the existing static methods mainly rely on taint analysis, which has high overhead and high false alarm rates. We propose a new directed fuzz testing method for detecting bugs in web service programs of IoT devices, which can test IoT… More >

Dawei Xu^1,2, Fan Huang¹, Jiaxin Zhang¹, Yunfang Liang¹, Baokun Zheng^3,*, Jian Zhao¹

CMC-Computers, Materials & Continua, Vol.83, No.2, pp. 2207-2220, 2025, DOI:10.32604/cmc.2025.061455 - 16 April 2025

Abstract With the rapid proliferation of Internet of Things (IoT) devices, ensuring their communication security has become increasingly important. Blockchain and smart contract technologies, with their decentralized nature, provide strong security guarantees for IoT. However, at the same time, smart contracts themselves face numerous security challenges, among which reentrancy vulnerabilities are particularly prominent. Existing detection tools for reentrancy vulnerabilities often suffer from high false positive and false negative rates due to their reliance on identifying patterns related to specific transfer functions. To address these limitations, this paper proposes a novel detection method that combines pattern matching… More >

Kithmini Godewatte Arachchige¹, Mohsin Murtaza², Chi-Tsun Cheng², Bader M. Albahlal^3,*, Cheng-Chi Lee^4,5,*

CMC-Computers, Materials & Continua, Vol.81, No.3, pp. 3679-3705, 2024, DOI:10.32604/cmc.2024.059378 - 19 December 2024

Abstract Information security has emerged as a crucial consideration over the past decade due to escalating cyber security threats, with Internet of Things (IoT) security gaining particular attention due to its role in data communication across various industries. However, IoT devices, typically low-powered, are susceptible to cyber threats. Conversely, blockchain has emerged as a robust solution to secure these devices due to its decentralised nature. Nevertheless, the fusion of blockchain and IoT technologies is challenging due to performance bottlenecks, network scalability limitations, and blockchain-specific security vulnerabilities. Blockchain, on the other hand, is a recently emerged information… More >

Mohammed Amin Almaiah^1,*, Leen Mohammad Saqr¹, Leen Ahmad Al-Rawwash¹, Layan Ahmed Altellawi¹, Romel Al-Ali^2,*, Omar Almomani³

CMC-Computers, Materials & Continua, Vol.81, No.2, pp. 3189-3220, 2024, DOI:10.32604/cmc.2024.057673 - 18 November 2024

Abstract Database systems have consistently been prime targets for cyber-attacks and threats due to the critical nature of the data they store. Despite the increasing reliance on database management systems, this field continues to face numerous cyber-attacks. Database management systems serve as the foundation of any information system or application. Any cyber-attack can result in significant damage to the database system and loss of sensitive data. Consequently, cyber risk classifications and assessments play a crucial role in risk management and establish an essential framework for identifying and responding to cyber threats. Risk assessment aids in understanding… More >

Ahmed Redha Mahlous^*

CMC-Computers, Materials & Continua, Vol.79, No.3, pp. 4781-4803, 2024, DOI:10.32604/cmc.2024.050821 - 20 June 2024

Abstract Smart agriculture modifies traditional farming practices, and offers innovative approaches to boost production and sustainability by leveraging contemporary technologies. In today’s world where technology is everything, these technologies are utilized to streamline regular tasks and procedures in agriculture, one of the largest and most significant industries in every nation. This research paper stands out from existing literature on smart agriculture security by providing a comprehensive analysis and examination of security issues within smart agriculture systems. Divided into three main sections—security analysis, system architecture and design and risk assessment of Cyber-Physical Systems (CPS) applications—the study delves… More >

Ziqi Wang^*, Weihan Tian, Baojiang Cui

CMC-Computers, Materials & Continua, Vol.78, No.2, pp. 1797-1820, 2024, DOI:10.32604/cmc.2023.047051 - 27 February 2024

Abstract The API used to access cloud services typically follows the Representational State Transfer (REST) architecture style. RESTful architecture, as a commonly used Application Programming Interface (API) architecture paradigm, not only brings convenience to platforms and tenants, but also brings logical security challenges. Security issues such as quota bypass and privilege escalation are closely related to the design and implementation of API logic. Traditional code level testing methods are difficult to construct a testing model for API logic and test samples for in-depth testing of API logic, making it difficult to detect such logical vulnerabilities. We… More >