IEEE Transactions on Network and Service Management最新文献

{"title":"Augmentation and Fusion: Multi-Feature Fusion-Based Self-Supervised Learning Approach for Traffic Tables","authors":"Xuan Zheng;Xiuli Ma;Lifu Xu;Yanliang Jin;Chun Ke","doi":"10.1109/TNSM.2025.3554824","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3554824","url":null,"abstract":"As modern networks face increasing demands for superior service and management, Encrypted Traffic Classification (ETC) technology has become increasingly crucial. Considering that traffic data is easy to collect but hard to label, self-supervised ETC methods have attracted more and more attention. Compared to popular methods based on traffic images and text, traffic tables are simple to construct and more suitable for the flow-packet structure. However, existing methods have two problems: (1) The lack of data augmentation methods for tables weakens the performance of self-supervised learning. (2) Most methods only focus on single feature and cannot make full use of distinct features of traffic tables, such as temporal feature. To solve these problems, we propose a multi-feature fusion method based self-supervised learning approach for traffic tables. A new data augmentation method called Random Subsets Selection (RSS) is introduced alongside an effective fusion approach. In this way, temporal features can be successfully extracted and concatenated with the latent representations of input traffic tables. Experimental results from two open datasets and one self-collected dataset have shown that on imbalanced datasets, our method can effectively solve ETC problems even with a small number of labeled data. Empirically, both classification performance and processing speed are improved. Specifically, compared to the state-of-the-art tabular self-supervised learning method, our method achieves the better classification results on all datasets while the processing speed increases by almost two times, from 1.83 tables per second to 3.76 tables per second.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 3","pages":"2647-2662"},"PeriodicalIF":4.7,"publicationDate":"2025-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144232151","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Distributed Server Allocation for Internet-of-Things Monitoring Services With Preventive Start-Time Optimization Against Server Failure","authors":"Shoya Imanaka;Akio Kawabata;Bijoy Chand Chatterjee;Eiji Oki","doi":"10.1109/TNSM.2025.3555277","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3555277","url":null,"abstract":"Internet-of-Things (IoT) services require high performance regarding low delay and fault tolerance. Distributed server allocation is well-suited for meeting these requirements in IoT monitoring services. Previous work focused on reducing delay but overlooked the need for fault tolerance in distributed server allocation. This paper proposes a distributed server allocation model based on preventive start-time optimization (PSO) for IoT monitoring services against server failure. The proposed model preventively determines the server allocation to minimize the largest maximum delay between IoT devices and application servers and between database and application servers among all failure patterns. We formulate the proposed model as an integer linear programming (ILP) problem. We introduce a server allocation algorithm based on PSO to accelerate the computation to obtain an optimal server allocation, compared to the ILP approach. We prove that the introduced algorithm obtains a PSO-based optimal allocation in polynomial time. Numerical results show that the introduced algorithm outputs an optimal server allocation faster than the ILP approach. We compare the PSO-based server allocation with allocations based on the start-time and run-time optimization. We observe that the PSO-based allocation reduces the largest maximum delay by 5.5% for a network model with eleven servers compared to the start-time optimization and avoids unnecessary network disconnections while increasing the maximum delay by 5.1% compared to the run-time optimization.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 3","pages":"2679-2701"},"PeriodicalIF":4.7,"publicationDate":"2025-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10943239","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144231994","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The DUDFTO Attack: Towards Down-to-UP Timeout Probing and Dynamically Flow Table Overflowing in SDN","authors":"Jiasong Li;Yunhe Cui;Yi Chen;Guowei Shen;Chun Guo;Qing Qian","doi":"10.1109/TNSM.2025.3574260","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3574260","url":null,"abstract":"As a new network structure, the decoupling of the control plane and forwarding plane makes Software-Defined Networking (SDN) widely used in large-scale network scenarios. However, the decoupling network architecture also brings new vulnerabilities. The flow table overflow attack is an attack strategy that can overwhelm SDN switches. Nevertheless, the existing flow table overflow attacks may fail in probing timeouts and match fields of flow entries, due to link failure, measurement of the round-trip time (RTT) of different packets, interference of hard-timeout and idle-timeout. Meanwhile, the stealthiness of the existing attacks may also reduce, as these attacks use fixed attack rate. To improve the timeout probing accuracy and the stealthiness of attack, a new flow table overflow attack strategy, DUDFTO, is proposed to accurately probe timeout settings and match fields, then stealthily overflow SDN flow tables. Firstly, it probes the match fields by measuring the one-sided transmission delay of the packets. After that, DUDFTO designs a down-to-up feedback-based timeout probing algorithm to eliminate the issues caused by high RTT, link failure, interference between hard-timeout and idle-timeout. Then, DUDFTO designs a dynamic attack packets sending algorithm to improve its stealthiness. Finally, DUDFTO probes the flow table state to stop sending new attack packets. The evaluation results demonstrate that DUDFTO outperforms the existing attacks in terms of match fields probing ability, timeout probing relative error, number of packet_in and flow_mod messages generated by the attack, rate distribution of packet_in and flow_mod messages generated during the attack, and number of detected attack packets.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 5","pages":"4898-4916"},"PeriodicalIF":5.4,"publicationDate":"2025-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145230070","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Challenges in Securing UAV IoT Framework: Future Research Perspective","authors":"Abdullah Aljumah;Tariq Ahamed Ahanger;Imdad Ullah","doi":"10.1109/TNSM.2025.3554354","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3554354","url":null,"abstract":"Unmanned Aerial Vehicles (UAVs) offer the immense capability for allowing novel applications in a variety of domains including security, military, surveillance, medicine, and traffic monitoring. The prevalence of UAV systems is due to the collaboration and accomplishment of tasks efficiently and effectively. UAVs embedded with camcorders, GPS receivers, and wireless sensors propose enormous promise in realizing the Internet of Things (IoT) service delivery in vast domains. It results in establishing an airborne field of the IoT when empowered with communication protocols of LTE, 4G, and 5G/6G networks. However, numerous difficulties must be addressed before UAVs may be used effectively namely privacy, security, and administration. Conspicuously, in the current article, novel UAV-specific domains enabled by IoT and 5G/6G technology are explored. Moreover, the presented technique assesses sensor requirements and provides an overview of fleet management systems that address aerial networking, privacy, and security concerns. Furthermore, a framework based on the IoT-5G/6G aspect is proposed which can be deployed over UAVs. Finally, in a heterogeneous computational platform, the proposed framework provides a complete IoT architecture that enables secure UAVs.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 3","pages":"2607-2629"},"PeriodicalIF":4.7,"publicationDate":"2025-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144232174","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Unveiling Real-Time Stalling Detection for Video Streaming Traffic","authors":"Ximin Li;Xiaodong Xu;Guo Wei;Xiaowei Qin","doi":"10.1109/TNSM.2025.3554822","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3554822","url":null,"abstract":"In the rapidly evolving field of video traffic, ensuring a smooth video streaming experience for users is critical for network operators. Accurately and promptly detecting stalling events, a significant indicator of poor quality of experience, remains challenging due to varying detection time resolutions in existing techniques, which often detect stalls every video chunk, or every five or ten seconds. This paper makes three key contributions. First, we introduce the concept of detection granularities to enable fair performance comparisons and reveal their impact on detection performance from the data sampling perspective. Second, we propose a novel feature extraction approach that captures both packet-level and chunk-level features in a unified sequential manner to effectively detect stalling events. Third, a novel sample reweighting method is proposed to address the detection timeliness problem by focusing more on difficult samples around stalling starting or ending. Experimental results on both video-on-demand and live streaming traces demonstrate that our feature extraction approach achieves an average improvement of 5.3% in f1-score, 4.7% in coverage rate, and reduces stalling response time by 0.4 seconds compared to existing techniques. Additionally, the sample reweighting method further improves the detection sensitivity without compromising f1-scores for all detection techniques.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 3","pages":"2630-2646"},"PeriodicalIF":4.7,"publicationDate":"2025-03-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144231995","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"CRP: A Cluster-Based Routing Protocol for Lightweight Nodes in Payment Channel Networks","authors":"Jinghui Chen;Qingqing Cai;Gang Sun;Hongfang Yu;Dusit Niyato","doi":"10.1109/TNSM.2025.3555174","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3555174","url":null,"abstract":"Although blockchain empowers the IoT trading market and presents new development opportunities for IoT, scalability issues of blockchain limit its application in this area. Payment Channel Networks (PCNs) have emerged as a promising solution to address the scalability issues. With the help of routing protocols, two users can utilize payment channels to conduct off-chain transactions. However, most Payment Channel Network (PCN) routing protocols overlook the scalability of PCNs, resulting in substantial storage, communication, and computational overhead for lightweight nodes, such as IoT devices. Additionally, frequent utilization of a payment channel can quickly exhaust the channel’s balance, leading to congestion and causing subsequent payments to fail. Channel congestion restricts the throughput of PCNs, yet most PCN routing protocols lack designs for channel congestion control. In this paper, we propose a Cluster-based scalable and high-throughput Routing Protocol (CRP), to enhance the scalability and throughput of PCNs. CRP organizes PCNs into clusters to reduce the average routing table size, thereby alleviating users’ storage, communication, and computational overhead. Furthermore, CRP aims to minimize maximum channel congestion when selecting payment routes, thereby improving throughput. Extensive simulations demonstrate that CRP achieves high scalability and throughput compared to state-of-the-art PCN routing protocols.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 3","pages":"2663-2678"},"PeriodicalIF":4.7,"publicationDate":"2025-03-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144232102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"DIDA: Distributed In-Network Intelligent Data Plane for Machine Learning Applications","authors":"Giulio Sidoretti;Lorenzo Bracciale;Stefano Salsano;Hesham ElBakoury;Pierpaolo Loreti","doi":"10.1109/TNSM.2025.3548477","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3548477","url":null,"abstract":"Recent advances in network switch designs have enabled machine learning inference directly within the switch at line speed. However, hardware constraints limit switches capabilities of tracking stateful features essential for accurate inference, as the demand for these features grows rapidly with line rates. To address this, we propose DIDA, a distributed in-network machine learning approach. In DIDA, feature extraction occurs at the host, features are transmitted via in-band telemetry, and inference is performed on the switches. In this paper, we evaluate the effectiveness and efficiency of this architecture. We examine its impact on network bandwidth, CPU and memory usage at the host, and its robustness across different feature sets and deep neural network classifications.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 3","pages":"2564-2579"},"PeriodicalIF":4.7,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144232194","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"NAGA: A Deterministic Programmable Network With Update Timing Guarantees","authors":"Nemanja Ðerić;Amir Varasteh;Andreas Blenk;Wolfgang Kellerer","doi":"10.1109/TNSM.2025.3553401","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3553401","url":null,"abstract":"There is no system yet that provides predictable data plane and control plane operations in programmable networks. However, both predictable data plane and control plane operations are needed, e.g., in industrial networks. Particularly there, the operation of the network needs to be planned and, hence, relies on network operations that are deterministic and executed in a timely manner. To fill this gap, this paper proposes our system named <monospace>NAGA</monospace>, which provides data plane deterministic guarantees along with consistent and timely network updates in programmable networks. In order to not rely on specialized hardware, <monospace>NAGA</monospace> uses widely-available hardware capabilities such as priority queuing and label-based forwarding. Whereas the real implementation of <monospace>NAGA</monospace> in a P4-based testbed demonstrates that applications receive guaranteed performance in terms of latency and data rate, simulation studies show the ability of <monospace>NAGA</monospace> to be even deployed in large scale scenarios beyond industrial networks, such as wide area and data center networks.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"1874-1888"},"PeriodicalIF":4.7,"publicationDate":"2025-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143860976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Resilient Federated Adversarial Learning With Auxiliary-Classifier GANs and Probabilistic Synthesis for Heterogeneous Environments","authors":"Yasaman Haghbin;Mohammad Hossein Badiei;Nguyen H. Tran;Md. Jalil Piran","doi":"10.1109/TNSM.2025.3571688","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3571688","url":null,"abstract":"Recently, collaborative learning paradigms like Federated Learning (FL) are gaining significant attention as a means of deploying artificial intelligence (AI)-based Internet of Things (IoT) applications. This is due to the fact that participants keep their heterogeneous data on their local devices and share only model updates with the central server. As a result of FL, new challenges arise, such as vulnerabilities to unknown data and adversarial samples, as well as security risks associated with inference, which may expose the system to potential evasion attacks. In this article, we introduce Auxiliary Federated Adversarial Learning (AuxiFed) as a solution to address these serious challenges. AuxiFed synthesizes data by using pre-trained auxiliary-classifier generative adversarial networks (AC-GANs) and probabilistic logic, enhancing model resilience and promoting accurate predictions while safeguarding against adversarial attacks. By leveraging locally trained models, AuxiFed provides representative and diverse synthetic samples for model updates during FL based on the pre-trained AC-GAN generators of individual clients. By merging these synthetic samples with real data during training, we foster diversity of data and improve the model’s ability to generalize to unknown data. In two distinct environments, with homogeneous and heterogeneous data, we train the model on two datasets, MNIST and EMNIST. Different adversarial evasion attacks are tested, as well as scenarios without attacks. The AuxiFed algorithm is also bolstered using robust adversarial techniques, and subsequently compared with the baseline algorithms. AuxiFed generally outperforms Federated Averaging (FedAvg), FL with Variational Autoencoders (FedAvg+VAEs), and FL with Conditional Generative Adversarial Networks (FedAvg+C-GANs) in terms of accuracy, generalization, and robustness. Comparatively to baseline methods, including FedAvg, FedAvg+VAE, and FedAvg+C-GAN, it shows better convergence during training and better performance on unknown data. Various adversarially trained variants of AuxiFed, such as AuxiFed-PGD and AuxiFed-FGSM, also outperform the previously mentioned baseline methods, along with their robust variants. As a result, AuxiFed enhances the performance of models, provides resilience against adversarial attacks, and can generalize to unknown data.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 5","pages":"4998-5014"},"PeriodicalIF":5.4,"publicationDate":"2025-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145230087","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"P4-Secure: In-Band DDoS Detection in Software Defined Networks","authors":"Liam Daly Manocchio;Yaying Chen;Siamak Layeghy;David Gwynne;Marius Portmann","doi":"10.1109/TNSM.2025.3552844","DOIUrl":"https://doi.org/10.1109/TNSM.2025.3552844","url":null,"abstract":"Efficient detection of Distributed Denial of Service (DDoS) attacks in datacentres and corporate networks is an active research domain. This paper introduces, P4-Secure, an efficient approach for in-band detection of DDoS attacks, without using the controller resources and channel. The pure in-band implementation of DDoS detection, makes it a practical and viable solution for real-world network security applications, including large-scale backbone networks. The proposed DDoS detection uses an axis-aligned classifier based on the packet asymmetry metric, trained through the negative selection approach. The trained axis-aligned classifier was then implemented in the data plane using P4 programming and managed to classify network flows with a configurable false-positive ratio. Through experiments on two independent real-world network datasets (UQ and ISP) and the CAIDA DDoS attack dataset, the robustness of the proposed approach was evaluated across varying network characteristics. The approach demonstrated a notably superior performance in minimising false positives compared to alternative methods, with a rate of only 0.5%. This achievement was coupled with a 90% F1 score, highlighting its effectiveness in addressing DDoS attacks while avoiding unnecessary false alarms. The evaluation on real-world hardware demonstrates that P4-Secure incurs minimal overhead even at high packet rates, such as 8 Mpps, making it highly suitable for datacentres and backbone network security applications.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 2","pages":"2120-2137"},"PeriodicalIF":4.7,"publicationDate":"2025-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143860793","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}