Sign in to use this feature.

Years

Between: -

Subjects

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline

Journals

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline

Article Types

Countries / Regions

remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline
remove_circle_outline

Search Results (301)

Search Parameters:
Keywords = modeling of IP networks

Order results
Result details
Results per page
Select all
Export citation of selected articles as:
19 pages, 1334 KB  
Article
Reduction Method for a Network-on-Chip Low-Level Modeling
by Evgeny V. Lezhnev, Aleksandr Y. Romanov, Dmitry V. Telpukhov, Roman A. Solovyev and Mikhail Y. Romashikhin
Micromachines 2025, 16(10), 1096; https://doi.org/10.3390/mi16101096 - 26 Sep 2025
Viewed by 289
Abstract
This article explores the concept of low-level modeling of networks-on-chip (NoCs). A method for reducing the low-level NoC model by replacing the real IP blocks with a data packet generator module is proposed. This method is implemented in the low-level NoC modeling ECAD [...] Read more.
This article explores the concept of low-level modeling of networks-on-chip (NoCs). A method for reducing the low-level NoC model by replacing the real IP blocks with a data packet generator module is proposed. This method is implemented in the low-level NoC modeling ECAD tool HDLNoCGen. This makes it possible to significantly increase the maximum number of nodes in the simulated NoC, as well as speed up the modeling and investigate the resource costs for network synthesis. A universal interface that can be used to connect new components to the network is also described. This interface has two main benefits: it reduces connection resource costs by eliminating the need to modify the connected component and shortens the time required to configure the connection interface itself. The proposed methodology of low-level NoC modeling is shown to be effective in analyzing the operation of routing algorithms of the NoC communication subsystem based on various topologies. Full article
(This article belongs to the Section E:Engineering and Technology)
Show Figures

Figure 1

19 pages, 29061 KB  
Article
IPE-YOLO: A Multi-Scale Defect Detection Method for Power Equipment Inspection
by Mingxia Xu, Zibo Cai, Kewei Cai, Dongpu Li, Yongsheng Miao and Chuanfang Xu
Electronics 2025, 14(19), 3767; https://doi.org/10.3390/electronics14193767 - 24 Sep 2025
Viewed by 345
Abstract
The inspection of power equipment is vital for maintaining the safe and reliable operation of power systems. Among various inspection tasks, the detection of defects in insulators and wind turbine blades holds particular importance. However, existing detection methods often suffer from limited accuracy, [...] Read more.
The inspection of power equipment is vital for maintaining the safe and reliable operation of power systems. Among various inspection tasks, the detection of defects in insulators and wind turbine blades holds particular importance. However, existing detection methods often suffer from limited accuracy, largely due to substantial scale variations among defect targets and the loss of features associated with small objects. To address these challenges, this paper proposes Inspection of Power Equipment-YOLO (IPE-YOLO), an enhanced defect detection algorithm based on the YOLOv8n framework. First, a Cross Stage Partial Multi-Scale Edge Information Enhancement (CSP_MSEIE) module is introduced to improve multi-scale feature extraction, enhancing the detection of targets with significant scale diversity while reducing computational complexity. Second, we reconstruct the neck network with a Context-Guided Spatial Feature Reconstruction for Feature Pyramid Networks (CGRFPN), which promotes cross-scale feature fusion and enriches the fine-grained details of small objects, thereby alleviating feature loss in deeper network layers. Finally, a Lightweight Shared Convolutional Detection Head (LSCD) is employed, leveraging shared convolutional layers to decrease model parameters and computational costs without sacrificing detection precision. Experimental results demonstrate that, compared to the baseline YOLOv8n model, IPE-YOLO improves defect detection accuracy for insulators and wind turbine blades by 2.6% and 2.9%, respectively, while reducing the number of parameters by 12.3% and computational costs by 24.7%. These results indicate that IPE-YOLO achieves a superior balance between accuracy and efficiency, making it well-suited for practical engineering deployments in power equipment inspection. Full article
(This article belongs to the Special Issue Fault Detection Technology Based on Deep Learning)
Show Figures

Figure 1

26 pages, 1061 KB  
Article
EEViT: Efficient Enhanced Vision Transformer Architectures with Information Propagation and Improved Inductive Bias
by Rigel Mahmood, Sarosh Patel and Khaled Elleithy
AI 2025, 6(9), 233; https://doi.org/10.3390/ai6090233 - 17 Sep 2025
Viewed by 762
Abstract
The Transformer architecture has been the foundational cornerstone of the recent AI revolution, serving as the backbone of Large Language Models, which have demonstrated impressive language understanding and reasoning capabilities. When pretrained on large amounts of data, Transformers have also shown to be [...] Read more.
The Transformer architecture has been the foundational cornerstone of the recent AI revolution, serving as the backbone of Large Language Models, which have demonstrated impressive language understanding and reasoning capabilities. When pretrained on large amounts of data, Transformers have also shown to be highly effective in image classification via the advent of the Vision Transformer. However, they still lag in vision application performance compared to Convolutional Neural Networks (CNNs), which offer translational invariance, whereas Transformers lack inductive bias. Further, the Transformer relies on the attention mechanism, which despite increasing the receptive field, makes it computationally inefficient due to its quadratic time complexity. In this paper, we enhance the Transformer architecture, focusing on its above two shortcomings. We propose two efficient Vision Transformer architectures that significantly reduce the computational complexity without sacrificing classification performance. Our first enhanced architecture is the EEViT-PAR, which combines features from two recently proposed designs of PerceiverAR and CaiT. This enhancement leads to our second architecture, EEViT-IP, which provides implicit windowing capabilities akin to the SWIN Transformer and implicitly improves the inductive bias, while being extremely memory and computationally efficient. We perform detailed experiments on multiple image datasets to show the effectiveness of our architectures. Our best performing EEViT outperforms existing SOTA ViT models in terms of execution efficiency and surpasses or provides competitive classification accuracy on different benchmarks. Full article
Show Figures

Figure 1

30 pages, 6577 KB  
Article
Private 5G and AIoT in Smart Agriculture: A Case Study of Black Fungus Cultivation
by Cheng-Hui Chen, Wei-Han Kuo and Hsiao-Yu Wang
Electronics 2025, 14(18), 3594; https://doi.org/10.3390/electronics14183594 - 10 Sep 2025
Viewed by 485
Abstract
Black fungus cultivation in bagged form requires frequent inspection of mycelial growth, a process that is labor-intensive and susceptible to subjective judgment. In addition, timely detection of contamination in low-light and high-humidity environments remains a significant challenge. To address these issues, this paper [...] Read more.
Black fungus cultivation in bagged form requires frequent inspection of mycelial growth, a process that is labor-intensive and susceptible to subjective judgment. In addition, timely detection of contamination in low-light and high-humidity environments remains a significant challenge. To address these issues, this paper proposed an intelligent agriculture system for black fungus cultivation, with emphasis on practical deployment under real farming conditions. The system integrates a private 5G network with a YOLOv8-based deep learning model for real-time object detection and growth monitoring. Continuous image acquisition and data feedback are achieved through a multi-parameter environmental sensing module and an autonomous ground vehicle (AGV) equipped with IP cameras. To improve model robustness, more than 42,000 labeled training images were generated through data augmentation, and a modified C2f network architecture was employed. Experimental results show that the model achieved a detection accuracy of 93.7% with an average confidence score of 0.96 under live testing conditions. The deployed 5G network provided a downlink throughput of 645.2 Mbps and an uplink throughput of 147.5 Mbps, ensuring sufficient bandwidth and low latency for real-time inference and transmission. Field trials conducted over five cultivation batches demonstrated improvements in disease detection, reductions in labor requirements, and an increase in the average yield success rate to 80%. These findings indicate that the proposed method offers a scalable and practical solution for precision agriculture, integrating next-generation communication technologies with deep learning to enhance cultivation management. Full article
(This article belongs to the Collection Electronics for Agriculture)
Show Figures

Graphical abstract

26 pages, 4880 KB  
Article
Cell-Sequence-Based Covert Signal for Tor De-Anonymization Attacks
by Ran Xin, Yapeng Wang, Xiaohong Huang, Xu Yang and Sio Kei Im
Future Internet 2025, 17(9), 403; https://doi.org/10.3390/fi17090403 - 4 Sep 2025
Viewed by 1015
Abstract
This research introduces a novel de-anonymization technique targeting the Tor network, addressing limitations in prior attack models, particularly concerning router positioning following the introduction of bridge relays. Our method exploits two specific, inherent protocol-level vulnerabilities: the absence of a continuity check for circuit-level [...] Read more.
This research introduces a novel de-anonymization technique targeting the Tor network, addressing limitations in prior attack models, particularly concerning router positioning following the introduction of bridge relays. Our method exploits two specific, inherent protocol-level vulnerabilities: the absence of a continuity check for circuit-level cells and anomalous residual values in RELAY_EARLY cell counters, working by manipulating cell headers to embed a covert signal. This signal is composed of reserved fields, start and end delimiters, and a payload that encodes target identifiers. Using this signal, malicious routers can effectively mark data flows for later identification. These routers employ a finite state machine (FSM) to adaptively switch between signal injection and detection. Experimental evaluations, conducted within a controlled environment using attacker-controlled onion routers, demonstrated that the embedded signals are undetectable by standard Tor routers, cause no noticeable performance degradation, and allow reliable correlation of Tor users with public services and deanonymization of hidden service IP addresses. This work reveals a fundamental design trade-off in Tor: the decision to conceal circuit length inadvertently exposes cell transmission characteristics. This creates a bidirectional vector for stealthy, protocol-level de-anonymization attacks, even though Tor payloads remain encrypted. Full article
Show Figures

Figure 1

22 pages, 1724 KB  
Article
AdpA, a Global Regulator of Hundreds of Genes, Including Those for Secondary Metabolism, in Streptomyces venezuelae
by Marcin Wolański, Małgorzata Płachetka, Volha Naumouskaya, Agnieszka Strzałka, Michał Tracz, Diana Valietova and Jolanta Zakrzewska-Czerwińska
Antibiotics 2025, 14(9), 878; https://doi.org/10.3390/antibiotics14090878 - 30 Aug 2025
Viewed by 782
Abstract
Background: Streptomyces bacteria are prolific producers of secondary metabolites (SMs), including many antibiotics. However, most biosynthetic gene clusters (BGCs) remain silent under laboratory conditions. Global transcriptional regulators, such as AdpA, can activate these BGCs, but their roles in secondary metabolism are not fully [...] Read more.
Background: Streptomyces bacteria are prolific producers of secondary metabolites (SMs), including many antibiotics. However, most biosynthetic gene clusters (BGCs) remain silent under laboratory conditions. Global transcriptional regulators, such as AdpA, can activate these BGCs, but their roles in secondary metabolism are not fully understood. This study investigates the regulatory function of AdpA in Streptomyces venezuelae (AdpASv), a fast-growing model species and natural chloramphenicol producer that encodes over 30 BGCs. Methods: We applied RNA-seq and ChIP-seq at 12 and 20 h—corresponding to vegetative and aerial hyphae stages—to profile the AdpASv regulatory network. Results: AdpASv influenced the expression of approximately 3000 genes, including those involved in primary metabolism, quorum sensing, sulfur metabolism, ABC transporters, and all annotated BGCs, and it bound to around 200 genomic sites. Integration of RNA-seq and ChIP-seq data identified a core regulon of 49–91 directly regulated genes, with additional effects likely mediated indirectly via other transcription factors or non-canonical binding sites. Motif analysis confirmed similarity to the canonical Streptomyces griseus AdpA-binding sequence, with a novel 5-bp 3′ extension. AdpASv directly regulated several SM pathways, including chloramphenicol biosynthesis, potentially alleviating Lsr2-mediated repression. Conclusions: This study defines, for the first time, the direct AdpA regulon in S. venezuelae and establishes AdpASv as a central regulator of secondary metabolism. Our findings highlight S. venezuelae as a promising chassis strain for heterologous expression and suggest strategies for activating silent BGCs in other Streptomyces species. Full article
Show Figures

Figure 1

17 pages, 1149 KB  
Article
IP Spoofing Detection Using Deep Learning
by İsmet Kaan Çekiş, Buğra Ayrancı, Fezayim Numan Salman and İlker Özçelik
Appl. Sci. 2025, 15(17), 9508; https://doi.org/10.3390/app15179508 - 29 Aug 2025
Viewed by 729
Abstract
IP spoofing is a critical component in many cyberattacks, enabling attackers to evade detection and conceal their identities. This study rigorously compares eight deep learning models—LSTM, GRU, CNN, MLP, DNN, RNN, ResNet1D, and xLSTM—for their efficacy in detecting IP spoofing attacks. Overfitting was [...] Read more.
IP spoofing is a critical component in many cyberattacks, enabling attackers to evade detection and conceal their identities. This study rigorously compares eight deep learning models—LSTM, GRU, CNN, MLP, DNN, RNN, ResNet1D, and xLSTM—for their efficacy in detecting IP spoofing attacks. Overfitting was mitigated through techniques such as dropout, early stopping, and normalization. Models were trained using binary cross-entropy loss and the Adam optimizer. Performance was assessed via accuracy, precision, recall, F1 score, and inference time, with each model executed a total of 15 times to account for stochastic variability. Results indicate a powerful performance across all models, with LSTM and GRU demonstrating superior detection efficacy. After ONNX conversion, the MLP and DNN models retained their performance while achieving significant reductions in inference time, miniaturized model sizes, and platform independence. These advancements facilitated the effective utilization of the developed systems in real-time network security applications. The comprehensive performance metrics presented are crucial for selecting optimal IP spoofing detection strategies tailored to diverse application requirements, serving as a valuable reference for network anomaly monitoring and targeted attack detection. Full article
(This article belongs to the Section Computing and Artificial Intelligence)
Show Figures

Figure 1

13 pages, 1802 KB  
Article
NR3C1/GLMN-Mediated FKBP12.6 Ubiquitination Disrupts Calcium Homeostasis and Impairs Mitochondrial Quality Control in Stress-Induced Myocardial Damage
by Jingze Cong, Lihui Liu, Rui Shi, Mengting He, Yuchuan An, Xiaowei Feng, Xiaoyu Yin, Yingmin Li, Bin Cong and Weibo Shi
Int. J. Mol. Sci. 2025, 26(17), 8245; https://doi.org/10.3390/ijms26178245 - 25 Aug 2025
Viewed by 853
Abstract
Excessive stress disrupts cardiac homeostasis via complex and multifactorial mechanisms, resulting in cardiac dysfunction, cardiovascular disease, or even sudden cardiac death, yet the underlying molecular mechanisms remain poorly understood. Accordingly, we aimed to elucidate how stress induces calcium dysregulation and contributes to cardiac [...] Read more.
Excessive stress disrupts cardiac homeostasis via complex and multifactorial mechanisms, resulting in cardiac dysfunction, cardiovascular disease, or even sudden cardiac death, yet the underlying molecular mechanisms remain poorly understood. Accordingly, we aimed to elucidate how stress induces calcium dysregulation and contributes to cardiac dysfunction and injury through the nuclear receptor subfamily 3 group c member 1 (NR3C1)/Glomulin (GLMN)/FK506-binding protein 12.6 (FKBP12.6) signaling pathway. Using mouse models of acute and chronic restraint stress, we observed that stress-exposed mice exhibited reduced left ventricular ejection fraction, ventricular wall thickening, elevated serum and myocardial cTnI levels, along with pathological features of myocardial ischemia and hypoxia, through morphological, functional, and hormonal assessments. Using transmission electron microscopy and Western blotting, we found that stress disrupted mitochondrial quality control in cardiomyocytes, evidenced by progressive mitochondrial swelling, cristae rupture, decreased expression of fusion proteins (MFN1/OPA1) and biogenesis regulator PGC-1α, along with aberrant accumulation of fission protein (FIS1) and autophagy marker LC3. At the cellular level, ChIP-qPCR and siRNA knockdown confirmed that stress activates the glucocorticoid receptor NR3C1 to repress its downstream target GLMN, thereby preventing FKBP12.6 ubiquitination and degradation, resulting in calcium leakage and overload, which ultimately impairs mitochondrial quality control and damages cardiomyocytes. In conclusion, our findings reveal that stress induces myocardial damage through NR3C1/GLMN-mediated FKBP12.6 ubiquitination, disrupting calcium homeostasis and mitochondrial quality control, and lay a theoretical foundation for dissecting the intricate molecular network of stress-induced cardiomyopathy. Full article
(This article belongs to the Section Molecular Endocrinology and Metabolism)
Show Figures

Figure 1

24 pages, 7251 KB  
Article
WTCMC: A Hyperspectral Image Classification Network Based on Wavelet Transform Combining Mamba and Convolutional Neural Networks
by Guanchen Liu, Qiang Zhang, Xueying Sun and Yishuang Zhao
Electronics 2025, 14(16), 3301; https://doi.org/10.3390/electronics14163301 - 20 Aug 2025
Viewed by 671
Abstract
Hyperspectral images are rich in spectral and spatial information. However, their high dimensionality and complexity pose significant challenges for effective feature extraction. Specifically, the performance of existing models for hyperspectral image (HSI) classification remains constrained by spectral redundancy among adjacent bands, misclassification at [...] Read more.
Hyperspectral images are rich in spectral and spatial information. However, their high dimensionality and complexity pose significant challenges for effective feature extraction. Specifically, the performance of existing models for hyperspectral image (HSI) classification remains constrained by spectral redundancy among adjacent bands, misclassification at object boundaries, and significant noise in hyperspectral data. To address these challenges, we propose WTCMC—a novel hyperspectral image classification network based on wavelet transform combining Mamba and convolutional neural networks. To establish robust shallow spatial–spectral relationships, we introduce a shallow feature extraction module (SFE) at the initial stage of the network. To enable the comprehensive and efficient capture of both spectral and spatial characteristics, our architecture incorporates a low-frequency spectral Mamba module (LFSM) and a high-frequency multi-scale convolution module (HFMC). The wavelet transform suppresses noise for LFSM and enhances fine spatial and contour features for HFMC. Furthermore, we devise a spectral–spatial complementary fusion module (SCF) that selectively preserves the most discriminative spectral and spatial features. Experimental results demonstrate that the proposed WTCMC network attains overall accuracies (OA) of 98.94%, 98.67%, and 97.50% on the Pavia University (PU), Botswana (BS), and Indian Pines (IP) datasets, respectively, outperforming the compared state-of-the-art methods. Full article
(This article belongs to the Section Artificial Intelligence)
Show Figures

Figure 1

23 pages, 5310 KB  
Article
Greek Sign Language Detection with Artificial Intelligence
by Ioannis Panopoulos, Evangelos Topalis, Nikos Petrellis and Loukas Hadellis
Electronics 2025, 14(16), 3241; https://doi.org/10.3390/electronics14163241 - 15 Aug 2025
Viewed by 803
Abstract
Sign language serves as a vital way to communicate with individuals with hearing loss, deafness, or a speech disorder, yet accessibility remains limited, requiring technological advances to bridge the gap. This study presents the first real-time Greek Sign Language recognition system utilizing deep [...] Read more.
Sign language serves as a vital way to communicate with individuals with hearing loss, deafness, or a speech disorder, yet accessibility remains limited, requiring technological advances to bridge the gap. This study presents the first real-time Greek Sign Language recognition system utilizing deep learning and embedded computers. The recognition system is implemented using You Only Look Once (YOLO11X-seg), an advanced object detection model, which is embedded in a Python-based framework. The model is trained to recognize Greek Sign Language letters and an expandable set of specific words, i.e., the model is capable of distinguishing between static hand shapes (letters) and dynamic gestures (words). The most important advantage of the proposed system is its mobility and scalable processing power. The data are recorded using a mobile IP camera (based on Raspberry Pi 4) via a Motion-Joint Photographic Experts Group (MJPEG) Stream. The image is transmitted over a private ZeroTier network to a remote powerful computer capable of quickly processing large sign language models, employing Moonlight streaming technology. Smaller models can run on an embedded computer. The experimental evaluation shows excellent 99.07% recognition accuracy, while real-time operation is supported, with the image frames processed in 42.7 ms (23.4 frames/s), offering remote accessibility without requiring a direct connection to the processing unit. Full article
(This article belongs to the Special Issue Methods for Object Orientation and Tracking)
Show Figures

Figure 1

15 pages, 3236 KB  
Article
Analysis of OpenCV Security Vulnerabilities in YOLO v10-Based IP Camera Image Processing Systems for Disaster Safety Management
by Do-Yoon Jung and Nam-Ho Kim
Electronics 2025, 14(16), 3216; https://doi.org/10.3390/electronics14163216 - 13 Aug 2025
Viewed by 1076
Abstract
This paper systematically analyzes security vulnerabilities that may occur during the OpenCV library and IP camera linkage process for the YOLO v10-based IP camera image processing system used in the disaster safety management field. Recently, the use of AI-based real-time image analysis technology [...] Read more.
This paper systematically analyzes security vulnerabilities that may occur during the OpenCV library and IP camera linkage process for the YOLO v10-based IP camera image processing system used in the disaster safety management field. Recently, the use of AI-based real-time image analysis technology in disaster response and safety management systems has been increasing, but it has been confirmed that open source-based object detection frameworks and security vulnerabilities in IP cameras can pose serious threats to the reliability and safety of actual systems. In this study, the structure of an image processing system that applies the latest YOLO v10 algorithm was analyzed, and major security threats (e.g., remote code execution, denial of service, data tampering, authentication bypass, etc.) that might occur during the IP camera image collection and processing process using OpenCV were identified. In particular, the possibility of attacks due to insufficient verification of external inputs (model files, configuration files, image data, etc.), failure to set an initial password, and insufficient encryption of network communication sections were presented with cases. These problems could lead to more serious results in mission-critical environments such as disaster safety management. Full article
Show Figures

Figure 1

26 pages, 423 KB  
Article
Enhancing Privacy-Preserving Network Trace Synthesis Through Latent Diffusion Models
by Jin-Xi Yu, Yi-Han Xu, Min Hua, Gang Yu and Wen Zhou
Information 2025, 16(8), 686; https://doi.org/10.3390/info16080686 - 12 Aug 2025
Viewed by 609
Abstract
Network trace is a comprehensive record of data packets traversing a computer network, serving as a critical resource for analyzing network behavior. However, in practice, the limited availability of high-quality network traces, coupled with the presence of sensitive information such as IP addresses [...] Read more.
Network trace is a comprehensive record of data packets traversing a computer network, serving as a critical resource for analyzing network behavior. However, in practice, the limited availability of high-quality network traces, coupled with the presence of sensitive information such as IP addresses and MAC addresses, poses significant challenges to advancing network trace analysis. To address these issues, this paper focuses on network trace synthesis in two practical scenarios: (1) data expansion, where users create synthetic traces internally to diversify and enhance existing network trace utility; (2) data release, where synthesized network traces are shared externally. Inspired by the powerful generative capabilities of latent diffusion models (LDMs), this paper introduces NetSynDM, which leverages LDM to address the challenges of network trace synthesis in data expansion scenarios. To address the challenges in the data release scenario, we integrate differential privacy (DP) mechanisms into NetSynDM, introducing DPNetSynDM, which leverages DP Stochastic Gradient Descent (DP-SGD) to update NetSynDM, incorporating privacy-preserving noise throughout the training process. Experiments on five widely used network trace datasets show that our methods outperform prior works. NetSynDM achieves an average 166.1% better performance in fidelity compared to baselines. DPNetSynDM strikes an improved balance between privacy and fidelity, surpassing previous state-of-the-art network trace synthesis method fidelity scores of 18.4% on UGR16 while reducing privacy risk scores by approximately 9.79%. Full article
Show Figures

Figure 1

36 pages, 3039 KB  
Article
Decision Tree Pruning with Privacy-Preserving Strategies
by Yee Jian Chew, Shih Yin Ooi, Ying Han Pang and Zheng You Lim
Electronics 2025, 14(15), 3139; https://doi.org/10.3390/electronics14153139 - 6 Aug 2025
Viewed by 835
Abstract
Machine learning techniques, particularly decision trees, have been extensively utilized in Network-based Intrusion Detection Systems (NIDSs) due to their transparent, rule-based structures that enable straightforward interpretation. However, this transparency presents privacy risks, as decision trees may inadvertently expose sensitive information such as network [...] Read more.
Machine learning techniques, particularly decision trees, have been extensively utilized in Network-based Intrusion Detection Systems (NIDSs) due to their transparent, rule-based structures that enable straightforward interpretation. However, this transparency presents privacy risks, as decision trees may inadvertently expose sensitive information such as network configurations or IP addresses. In our previous work, we introduced a sensitive pruning-based decision tree to mitigate these risks within a limited dataset and basic pruning framework. In this extended study, three privacy-preserving pruning strategies are proposed: standard sensitive pruning, which conceals specific sensitive attribute values; optimistic sensitive pruning, which further simplifies the decision tree when the sensitive splits are minimal; and pessimistic sensitive pruning, which aggressively removes entire subtrees to maximize privacy protection. The methods are implemented using the J48 (Weka C4.5 package) decision tree algorithm and are rigorously validated across three full-scale NIDS datasets: GureKDDCup, UNSW-NB15, and CIDDS-001. To ensure a realistic evaluation of time-dependent intrusion patterns, a rolling-origin resampling scheme is employed in place of conventional cross-validation. Additionally, IP address truncation and port bilateral classification are incorporated to further enhance privacy preservation. Experimental results demonstrate that the proposed pruning strategies effectively reduce the exposure of sensitive information, significantly simplify decision tree structures, and incur only minimal reductions in classification accuracy. These findings reaffirm that privacy protection can be successfully integrated into decision tree models without severely compromising detection performance. To further support the proposed pruning strategies, this study also includes a comprehensive review of decision tree post-pruning techniques. Full article
Show Figures

Figure 1

18 pages, 4863 KB  
Article
Evaluation of Explainable, Interpretable and Non-Interpretable Algorithms for Cyber Threat Detection
by José Ramón Trillo, Felipe González-López, Juan Antonio Morente-Molinera, Roberto Magán-Carrión and Pablo García-Sánchez
Electronics 2025, 14(15), 3073; https://doi.org/10.3390/electronics14153073 - 31 Jul 2025
Viewed by 519
Abstract
As anonymity-enabling technologies such as VPNs and proxies become increasingly exploited for malicious purposes, detecting traffic associated with such services emerges as a critical first step in anticipating potential cyber threats. This study analyses a network traffic dataset focused on anonymised IP addresses—not [...] Read more.
As anonymity-enabling technologies such as VPNs and proxies become increasingly exploited for malicious purposes, detecting traffic associated with such services emerges as a critical first step in anticipating potential cyber threats. This study analyses a network traffic dataset focused on anonymised IP addresses—not direct attacks—to evaluate and compare explainable, interpretable, and opaque machine learning models. Through advanced preprocessing and feature engineering, we examine the trade-off between model performance and transparency in the early detection of suspicious connections. We evaluate explainable ML-based models such as k-nearest neighbours, fuzzy algorithms, decision trees, and random forests, alongside interpretable models like naïve Bayes, support vector machines, and non-interpretable algorithms such as neural networks. Results show that neural networks achieve the highest performance, with a macro F1-score of 0.8786, but explainable models like HFER offer strong performance (macro F1-score = 0.6106) with greater interpretability. The choice of algorithm depends on project-specific needs: neural networks excel in accuracy, while explainable algorithms are preferred for resource efficiency and transparency, as stated in this work. This work underscores the importance of aligning cybersecurity strategies with operational requirements, providing insights into balancing performance with interpretability. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Graphical abstract

26 pages, 2653 KB  
Article
Attacker Attribution in Multi-Step and Multi-Adversarial Network Attacks Using Transformer-Based Approach
by Romina Torres and Ana García
Appl. Sci. 2025, 15(15), 8476; https://doi.org/10.3390/app15158476 - 30 Jul 2025
Viewed by 592
Abstract
Recent studies on network intrusion detection using deep learning primarily focus on detecting attacks or classifying attack types, but they often overlook the challenge of attributing each attack to its specific source among many potential adversaries (multi-adversary attribution). This is a critical and [...] Read more.
Recent studies on network intrusion detection using deep learning primarily focus on detecting attacks or classifying attack types, but they often overlook the challenge of attributing each attack to its specific source among many potential adversaries (multi-adversary attribution). This is a critical and underexplored issue in cybersecurity. In this study, we address the problem of attacker attribution in complex, multi-step network attack (MSNA) environments, aiming to identify the responsible attacker (e.g., IP address) for each sequence of security alerts, rather than merely detecting the presence or type of attack. We propose a deep learning approach based on Transformer encoders to classify sequences of network alerts and attribute them to specific attackers among many candidates. Our pipeline includes data preprocessing, exploratory analysis, and robust training/validation using stratified splits and 5-fold cross-validation, all applied to real-world multi-step attack datasets from capture-the-flag (CTF) competitions. We compare the Transformer-based approach with a multilayer perceptron (MLP) baseline to quantify the benefits of advanced architectures. Experiments on this challenging dataset demonstrate that our Transformer model achieves near-perfect accuracy (99.98%) and F1-scores (macro and weighted ≈ 99%) in attack attribution, significantly outperforming the MLP baseline (accuracy 80.62%, macro F1 65.05% and weighted F1 80.48%). The Transformer generalizes robustly across all attacker classes, including those with few samples, as evidenced by per-class metrics and confusion matrices. Our results show that Transformer-based models are highly effective for multi-adversary attack attribution in MSNA, a scenario not or under-addressed in the previous intrusion detection systems (IDS) literature. The adoption of advanced architectures and rigorous validation strategies is essential for reliable attribution in complex and imbalanced environments. Full article
(This article belongs to the Special Issue Application of Deep Learning for Cybersecurity)
Show Figures

Figure 1

Back to TopTop