{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,13]],"date-time":"2026-02-13T17:16:35Z","timestamp":1771002995152,"version":"3.50.1"},"reference-count":39,"publisher":"SAGE Publications","issue":"4","license":[{"start":{"date-parts":[[2025,2,12]],"date-time":"2025-02-12T00:00:00Z","timestamp":1739318400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Journal of Computational Methods in Sciences and Engineering"],"published-print":{"date-parts":[[2025,7]]},"abstract":"<jats:p>This study proposes a security detection algorithm based on convolutional neural networks (CNNs) to enhance anomaly detection in API call sequences, addressing the challenges of capturing complex temporal relationships and nonlinear features in high-dimensional sparse API data. The proposed algorithm includes several preprocessing steps, such as deduplication to reduce redundancy, feature extraction using the TF-IDF (term frequency-inverse document frequency) algorithm, and logarithmic transformation to mitigate the impact of high-frequency APIs. An importance scoring mechanism is introduced to quantify the role of each API in anomaly detection. A customized TextCNN architecture is designed for API sequences, incorporating input layers, word embedding, multi-size convolution and pooling layers, attention layers, and fully connected layers. The attention layer is particularly applied to enhance the detection efficiency of evasion features. The model is trained using the Sigmoid activation function, CrossEntropyLoss loss function, and optimized via the Adam algorithm. The Softmax function is utilized to transform the feature vector into a probability distribution, with a threshold of 0.5 for anomaly detection. Clustering and auxiliary information are integrated to further improve classification accuracy and guide security strategy formulation. Experimental results demonstrate that the optimized TextCNN anomaly detection algorithm achieves an average accuracy of 95.88%, a recall rate of 91.23%, a false positive rate of 2.34%, and a false negative rate of 1.78%. These findings highlight the algorithm\u2019s ability to enhance feature extraction accuracy, improve high-dimensional data processing, and provide an effective solution for real-time security monitoring, thus strengthening the security of the development environment.<\/jats:p>","DOI":"10.1177\/14727978251318813","type":"journal-article","created":{"date-parts":[[2025,2,12]],"date-time":"2025-02-12T17:19:16Z","timestamp":1739380756000},"page":"3239-3254","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":4,"title":["Security detection algorithm using CNN: Anomaly detection for API call sequence"],"prefix":"10.1177","volume":"25","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-0367-7127","authenticated-orcid":false,"given":"Jie","family":"Chang","sequence":"first","affiliation":[{"name":"Electric Power Research Institute, State Grid Hebei Electric Power Co., Ltd, Shijiazhuang, China"}]},{"given":"Lipeng","family":"Shi","sequence":"additional","affiliation":[{"name":"Electric Power Research Institute, State Grid Hebei Electric Power Co., Ltd, Shijiazhuang, China"}]},{"given":"Zhefeng","family":"Li","sequence":"additional","affiliation":[{"name":"Electric Power Research Institute, State Grid Hebei Electric Power Co., Ltd, Shijiazhuang, China"}]},{"given":"Xiaojun","family":"Zuo","sequence":"additional","affiliation":[{"name":"Electric Power Research Institute, State Grid Hebei Electric Power Co., Ltd, Shijiazhuang, China"}]},{"given":"Botao","family":"Hou","sequence":"additional","affiliation":[{"name":"Electric Power Research Institute, State Grid Hebei Electric Power Co., Ltd, Shijiazhuang, China"}]}],"member":"179","published-online":{"date-parts":[[2025,2,12]]},"reference":[{"key":"e_1_3_3_2_2","doi-asserted-by":"publisher","DOI":"10.1145\/3470133"},{"key":"e_1_3_3_3_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2021.3059907"},{"key":"e_1_3_3_4_2","doi-asserted-by":"publisher","DOI":"10.3390\/app9020239"},{"key":"e_1_3_3_5_2","doi-asserted-by":"publisher","DOI":"10.1049\/iet-ifs.2018.5268"},{"key":"e_1_3_3_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNNLS.2021.3084827"},{"key":"e_1_3_3_7_2","doi-asserted-by":"publisher","DOI":"10.3390\/computers12080151"},{"key":"e_1_3_3_8_2","doi-asserted-by":"publisher","DOI":"10.1038\/s41567-019-0648-8"},{"issue":"1","key":"e_1_3_3_9_2","first-page":"60","article-title":"Anomaly detection with API calls BY using machine learning: systematic literature review","volume":"2","author":"Sahin V","year":"2024","unstructured":"Sahin V, Arat F, Akleylek S. Anomaly detection with API calls BY using machine learning: systematic literature review. Current Trends in Computing 2024; 2(1): 60\u201385.","journal-title":"Current Trends in Computing"},{"key":"e_1_3_3_10_2","doi-asserted-by":"publisher","DOI":"10.3390\/fi16100369"},{"issue":"1","key":"e_1_3_3_11_2","first-page":"34","article-title":"AI to detect and mitigate security vulnerabilities in APIs: encryption, authentication, and anomaly detection in enterprise-level distributed systems","volume":"5","author":"Kaul D","year":"2021","unstructured":"Kaul D, Khurana R. AI to detect and mitigate security vulnerabilities in APIs: encryption, authentication, and anomaly detection in enterprise-level distributed systems. Eigenpub Rev Sci Tech 2021; 5(1): 34\u201362.","journal-title":"Eigenpub Rev Sci Tech"},{"key":"e_1_3_3_12_2","doi-asserted-by":"publisher","DOI":"10.3390\/electronics13061092"},{"key":"e_1_3_3_13_2","doi-asserted-by":"publisher","DOI":"10.6040\/j.issn.1671-9352.2.2021.117"},{"key":"e_1_3_3_14_2","doi-asserted-by":"publisher","DOI":"10.3390\/math12010020"},{"key":"e_1_3_3_15_2","doi-asserted-by":"publisher","DOI":"10.1109\/TETCI.2023.3281833"},{"key":"e_1_3_3_16_2","doi-asserted-by":"publisher","DOI":"10.11959\/j.issn.2096\u2212109x.2020073"},{"key":"e_1_3_3_17_2","doi-asserted-by":"publisher","DOI":"10.1109\/TETC.2019.2910086"},{"key":"e_1_3_3_18_2","doi-asserted-by":"publisher","DOI":"10.1142\/S021819402140009X"},{"key":"e_1_3_3_19_2","doi-asserted-by":"publisher","DOI":"10.17559\/TV-20210202132203"},{"key":"e_1_3_3_20_2","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2019.2927285"},{"key":"e_1_3_3_21_2","doi-asserted-by":"publisher","DOI":"10.3390\/app10217673"},{"key":"e_1_3_3_22_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11219-022-09602-4"},{"key":"e_1_3_3_23_2","doi-asserted-by":"publisher","DOI":"10.3390\/app13095439"},{"key":"e_1_3_3_24_2","first-page":"1181","article-title":"Implementation of TF-IDF method and support vector machine algorithm for job applicants text classification","volume":"4","author":"Luthfi MF","year":"2020","unstructured":"Luthfi MF, Lhaksamana KM. Implementation of TF-IDF method and support vector machine algorithm for job applicants text classification. Jurnal Media Informatika Budidarma 2020; 4.4: 1181\u20131186.","journal-title":"Jurnal Media Informatika Budidarma"},{"key":"e_1_3_3_25_2","doi-asserted-by":"publisher","DOI":"10.1007\/s13198-021-01135-6"},{"issue":"1","key":"e_1_3_3_26_2","first-page":"304","article-title":"Comparative assessment of extractive summarization: textrank tf-idf and lda","volume":"65","author":"Rani U","year":"2021","unstructured":"Rani U, Bidhan K. Comparative assessment of extractive summarization: textrank tf-idf and lda. J Sci Res 2021; 65(1): 304\u2013311.","journal-title":"J Sci Res"},{"key":"e_1_3_3_27_2","doi-asserted-by":"publisher","DOI":"10.3390\/electronics13050963"},{"key":"e_1_3_3_28_2","doi-asserted-by":"publisher","DOI":"10.1093\/comjnl\/bxac198"},{"key":"e_1_3_3_29_2","doi-asserted-by":"publisher","DOI":"10.11591\/eei.v10i5.3157"},{"key":"e_1_3_3_30_2","doi-asserted-by":"publisher","DOI":"10.3969\/j.issn.1000.386x.2019.09.05"},{"issue":"5","key":"e_1_3_3_31_2","first-page":"110","article-title":"Malware detection and classification based on API grouping reconstruction and image representation","volume":"9","author":"Yang H","year":"2024","unstructured":"Yang H, Zhang Y, Liang Z, et al. Malware detection and classification based on API grouping reconstruction and image representation. Journal of Cyber Security 2024; 9(5): 110\u2013126.","journal-title":"Journal of Cyber Security"},{"key":"e_1_3_3_32_2","doi-asserted-by":"publisher","DOI":"10.1080\/10447318.2024.2314350"},{"key":"e_1_3_3_33_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11042-023-17007-z"},{"key":"e_1_3_3_34_2","doi-asserted-by":"publisher","DOI":"10.25046\/aj0505154"},{"key":"e_1_3_3_35_2","doi-asserted-by":"publisher","DOI":"10.1049\/iet-sen.2018.5046"},{"key":"e_1_3_3_36_2","doi-asserted-by":"publisher","DOI":"10.1145\/3510413"},{"key":"e_1_3_3_37_2","doi-asserted-by":"publisher","DOI":"10.7236\/IJASC.2020.9.2.173"},{"key":"e_1_3_3_38_2","doi-asserted-by":"publisher","DOI":"10.1109\/TGRS.2019.2961947"},{"key":"e_1_3_3_39_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCYB.2019.2925015"},{"key":"e_1_3_3_40_2","doi-asserted-by":"publisher","DOI":"10.17977\/um018v2i12019p41-46"}],"container-title":["Journal of Computational Methods in Sciences and Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/14727978251318813","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.1177\/14727978251318813","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/14727978251318813","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,13]],"date-time":"2026-02-13T16:31:03Z","timestamp":1771000263000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.1177\/14727978251318813"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,2,12]]},"references-count":39,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2025,7]]}},"alternative-id":["10.1177\/14727978251318813"],"URL":"https:\/\/doi.org\/10.1177\/14727978251318813","relation":{},"ISSN":["1472-7978","1875-8983"],"issn-type":[{"value":"1472-7978","type":"print"},{"value":"1875-8983","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,2,12]]}}}