International Journal of Network Management最新文献

{"title":"Enhancing QUIC Performance in Heterogeneous Networks: A Proactive Connection Migration Approach","authors":"Lizhuang Tan,&nbsp;Xin Dong,&nbsp;Xiaochuan Gao,&nbsp;Peiying Zhang,&nbsp;Wei Su,&nbsp;James Won-Ki Hong","doi":"10.1002/nem.70022","DOIUrl":"https://doi.org/10.1002/nem.70022","url":null,"abstract":"<div>\u0000 \u0000 <p>The Quick UDP Internet Connections (QUIC) protocol provides a secure, reliable, and low-latency communication foundation for HTTP/3. Connection migration is a key technology of QUIC. When the IP/Port of a connection changes, the connection ID is used to maintain a secure and uninterrupted connection. However, current connection migration is passive, designed to support mobile handover and weak network environments. In this paper, we propose proactive connection migration for QUIC (PCM-QUIC), which combines connection migration and online path selection, enabling QUIC to select the best quality transmission path while maintaining the connection. First, PCM-QUIC integrates the exploration of network quality across different paths into multiple user request actions. Then, considering response completion time and jitter, PCM-QUIC identifies the optimal access path for the current Internet service through online learning. In addition, we propose an upper confidence bound-based path selection algorithm with the goal of minimizing the confidence upper limit of the path reward. Experimental results show that, compared with the original QUIC, PCM-QUIC reduces the average response completion time by up to 59.43%.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 5","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144681053","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Editorial for the Special Issue on Research Trends in Network Operations and Management With Selected Papers From the 42nd Brazilian Symposium on Computer Networks and Distributed Systems","authors":"Célio Albuquerque,&nbsp;Magnos Martinello","doi":"10.1002/nem.70021","DOIUrl":"https://doi.org/10.1002/nem.70021","url":null,"abstract":"&lt;p&gt;The Brazilian Symposium on Computer Network and Distributed Systems (SBRC) is an annual event held by the Brazilian Computer Society (SBC) and the Computer Network Laboratory (LARC). Over the course of more than four decades, SBRC has established itself as the most important Brazilian scientific event in computer networks and distributed systems, reaching international coverage with the presence of researchers, technicians and scientists from Latin America and the world. The 42nd edition of the symposium was held from May 20–24, 2024 in the city of Niterói, at the Fluminense Federal University.&lt;/p&gt;&lt;p&gt;In the first contribution, entitled “MTS-PolKA: Weighted Multipath Traffic Splitting With Source Routing for Elephant and Mice Flows,” dos Santos et al. present MTS-PolKA, a novel traffic engineering mechanism for datacenter networks that enhances packet-level traffic splitting across multiple paths. Unlike traditional methods like ECMP and WCMP, MTS-PolKA dynamically adjusts traffic division using source-routing labels embedded in packet headers—without requiring reconfiguration of network switches. Implemented in P4 and leveraging the Residue Number System (RNS), MTS-PolKA demonstrates improved flow stability, agility, and efficient multipath utilization through experiments in Mininet.&lt;/p&gt;&lt;p&gt;In the second paper, entitled “Performance and Resilience Impact of Microservice Granularity: An Empirical Evaluation using Service Weaver and Amazon EKS,” Medeiros Rêgo et al. study how service granularity affects performance and resilience in cloud-based microservice applications. Using the Service Weaver framework and deploying the Online Boutique app on Amazon EKS, the study reveals that finer granularity improves scalability but increases communication overhead, while cloud-native resilience features mitigate failures at the cost of performance, especially in tightly coupled configurations. Our findings emphasize the need to strike a careful balance between service granularity, performance, and resilience to build robust and efficient cloud-based microservice applications.&lt;/p&gt;&lt;p&gt;In the third contribution, entitled “Beyond Size: Investigating the Impact of Scaled-Down Network Telescopes on Threat Detection,” Camargo et al. examine how reducing IPv4 address space affects the effectiveness of network telescopes used in cyber threat intelligence. As IPv4 becomes scarcer, organizations face pressure to repurpose addresses, potentially weakening threat detection. By analyzing two telescopes, the research shows that even with a 50% reduction in space, it is still possible to detect around 80% of unique attack sources, and that address allocation patterns have minimal impact on detection accuracy.&lt;/p&gt;&lt;p&gt;In the fourth contribution, entitled “An Adaptive Routing Architecture for IoT Multipath Video Transmission,” Bhering et al. present a dynamic wireless multipath routing architecture designed to improve video application performance in multihop IoT networks. By ","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 4","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.70021","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144582178","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Performance and Resilience Impact of Microservice Granularity: An Empirical Evaluation Using Service Weaver and Amazon EKS","authors":"Camila Medeiros Rêgo,&nbsp;Ricardo César Mendonça Filho,&nbsp;Nabor C. Mendonça","doi":"10.1002/nem.70019","DOIUrl":"https://doi.org/10.1002/nem.70019","url":null,"abstract":"<p>Determining the optimal granularity level for microservices applications is a critical challenge in modern software architecture. This study leverages the Service Weaver framework to investigate the performance and resilience implications of different service granularity configurations in a public cloud environment. We deployed multiple configurations of the Online Boutique microservice demo application on Amazon Elastic Kubernetes Service (EKS) and conducted a series of experiments to evaluate their behavior under varying workloads and failure conditions. Our results indicate that distributing services across multiple EKS nodes can significantly enhance scalability, particularly under high workloads, but at the cost of increased communication overhead. We also found that while cloud-native resilience mechanisms, such as automatic re-starts and retries, effectively mitigate frequent random failures, they tend to impose a notable performance overhead, especially in configurations with tightly coupled services. Our findings highlight the importance of carefully balancing service granularity with both performance and resilience considerations when designing robust cloud-based microservice applications.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 4","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.70019","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144473050","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"QuantumNetSec: Quantum Machine Learning for Network Security","authors":"Diego Abreu,&nbsp;David Moura,&nbsp;Christian Esteve Rothenberg,&nbsp;Antônio Abelém","doi":"10.1002/nem.70018","DOIUrl":"https://doi.org/10.1002/nem.70018","url":null,"abstract":"<p>As the digital landscape becomes increasingly complex, traditional cybersecurity measures are struggling to keep pace with the growing sophistication of cyber threats. This escalating challenge calls for new, more robust solutions. In this context, quantum computing emerges as a powerful tool that can change our approach to network security. Our research addresses this by introducing QuantumNetSec, a novel intrusion detection system (IDS) that combines quantum and classical computing techniques. QuantumNetSec employs quantum machine learning (QML) personalized methodologies to analyze network patterns and detect malicious activities. Through detailed experimentation with publicly shared datasets, QuantumNetSec demonstrated superior performance in both binary and multiclass classification tasks. Our findings highlight the significant potential of quantum-enhanced cybersecurity solutions, showcasing QuantumNetSec's ability to accurately detect a wide range of cyber threats, paving the way for more resilient and effective IDSs in the age of quantum utility.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 4","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.70018","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144190844","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Traffic Engineering Optimization in Hybrid Software-Defined Networks: A Mixed Integer Non-Linear Programming Model and Heuristic Algorithm","authors":"Samiullah Mehraban,&nbsp;Rajesh K. Yadav","doi":"10.1002/nem.70017","DOIUrl":"https://doi.org/10.1002/nem.70017","url":null,"abstract":"<div>\u0000 \u0000 <p>In contemporary networking infrastructure, the integration of software-defined networking (SDN) concepts with traditional networking methodologies has given rise to hybrid software-defined networking (HSDN); as the current network infrastructure evolves, it combines the programmability of SDN with the established protocols of traditional network infrastructure. This paradigm shift introduces novel opportunities and challenges in traffic engineering (TE), necessitating innovative solutions to enhance network performance, resource utilization, and efficiency. In this study, we examined the challenges associated with TE in a hybrid SDN environment, where traditional network devices coexist alongside SDN nodes; we investigated the routing optimization of traffic engineering in a migrated hybrid network and formulated the problem as a mixed integer non-linear programming model. We proposed a heuristic algorithm (H-STE) that optimizes both the OSPF weight setting and the splitting ratio of SDN nodes in the hybrid environment. Extensive evaluations were conducted using real network topologies to validate our method. The results demonstrate that a 30% deployment ratio of SDN nodes significantly improves traffic engineering performance. Specifically, the Maximum Link Utilization (MLU) stabilizes at this ratio, indicating near-optimal network efficiency. This research provides valuable insights for researchers, practitioners, and network architects navigating SDN, hybrid SDN, and traffic engineering optimization.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 3","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143883799","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MTS-PolKA: Weighted Multipath Traffic Splitting With Source Routing for Elephant and Mice Flows","authors":"Giancarlo O. dos Santos,&nbsp;Cristina K. Dominicini,&nbsp;Gilmar L. Vassoler,&nbsp;Rafael S. Guimarães,&nbsp;Isis Oliveira,&nbsp;Domingos Jose P. Paraiso,&nbsp;Rodolfo S. Villaça","doi":"10.1002/nem.70016","DOIUrl":"https://doi.org/10.1002/nem.70016","url":null,"abstract":"<p>Modern datacenter networks rely on multi-root tree topologies, to ensure efficient and reliable connectivity. However, traditional traffic engineering solutions like equal cost multiple path (ECMP) and weighted-cost multipath (WCMP) often fall short in addressing dynamic and heterogeneous traffic conditions. Specifically, these approaches struggle with asymmetric topologies and the allocation of elephant flows, which require more granular and agile traffic management. This paper introduces MTS-PolKA (<i>Multipath Traffic Split Polynomial Key-based Architecture</i>), a novel traffic splitting mechanism designed to enhance traffic engineering in datacenter networks. MTS-PolKA enables packet-level traffic distribution across multiple paths by embedding a source routing label in the packet header that dictates the per-flow traffic division profile. Unlike existing methods that require reconfiguring network tables at each switch, MTS-PolKA enables dynamic adjustments across all switches in the path through simple packet header modifications, significantly enhancing the agility and efficiency of traffic management. The implementation of MTS-PolKA on programmable switches using the P4 language, along with the residue number system (RNS) and M-PolKA architecture, showcases its potential through experiments conducted in the Mininet emulator. The results highlight the ability of MTS-PolKA to maintain flow stability, explore network multipaths, and enable rapid reconfigurations of traffic division profiles, enhancing the performance and efficiency of modern datacenter networks.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 3","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.70016","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143840790","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Design and Development of a Trust Mechanism to Enhance Security Protection in SDN-Based IoT Network","authors":"Pang-Wei Tsai,&nbsp;Chao-Wei Lee,&nbsp;Ting-Wen Wang","doi":"10.1002/nem.70015","DOIUrl":"https://doi.org/10.1002/nem.70015","url":null,"abstract":"<div>\u0000 \u0000 <p>A reliable and trustworthy network is essential for ensuring efficient data transmission, particularly because the widespread adoption of the Internet of Things (IoT) requires management of a large and diverse set of smart devices. In addition, privacy and security concerns in IoT systems, such as access authentication, authorization, and accounting, have become increasingly important. Software-defined networking (SDN) offers a flexible and adaptive approach to network management and is a promising solution for addressing these challenges. Hence, this paper proposes a security mechanism that leverages the operational behaviors and characteristics of IoT devices to analyze their traffic flows using an SDN controller, thereby enhancing the overall security of IoT networks. The proposed architecture integrates a two-factor authentication process to prevent unauthorized access while utilizing SDN-based traffic monitoring to enforce fine-grained access control. Experimental results show that the implemented solution assists the SDN controller in detecting abnormal behaviors and triggering mitigation measures, thereby minimizing disruptions to normal traffic flows in testing scenarios.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 3","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143809511","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Beyond Size: Investigating the Impact of Scaled-Down Network Telescopes on Threat Detection","authors":"Arthur Vinícius Cunha Camargo,&nbsp;Lisandro Granville,&nbsp;Leandro M. Bertholdo","doi":"10.1002/nem.70014","DOIUrl":"https://doi.org/10.1002/nem.70014","url":null,"abstract":"<div>\u0000 \u0000 <p>Cyber threat intelligence relies on network telescopes to detect attacks and emerging threats, traditionally utilizing a substantial portion of the IPv4 address space. However, the escalating scarcity and value of this resource force companies and research centers to grapple with the challenge of repurposing their address spaces, potentially impacting cybersecurity effectiveness and hindering research efforts. In this article, we first investigate the historical usage of IPv4 address space in network telescopes and the current reduction trend in several initiatives. Then, we examine the impact of reducing the allocated space on the ability of these systems to identify attackers and attack campaigns. We explore two network telescopes with the intention of assessing the impact of this reduction by quantifying the losses in several ways. Our findings reveal that even halving the allocated space for a network telescope may still permit the detection of 80% of unique cyberattack sources and the address allocation schema has little to no influence on this detection. We also found that most of the proportions and patterns remain present, albeit with reduced intensity.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 3","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143688932","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Adaptive Routing Architecture for IoT Multipath Video Transmission","authors":"Fabiano Bhering,&nbsp;Debora Oliveira,&nbsp;Célio Albuquerque,&nbsp;Diego Passos,&nbsp;Katia Obraczka","doi":"10.1002/nem.70013","DOIUrl":"https://doi.org/10.1002/nem.70013","url":null,"abstract":"<p>Video applications in wireless multihop Internet of Things (IoT) scenarios can benefit from multipath routing strategies to meet their often stringent quality of service (QoS) requirements. However, the dynamics of the underlying network and video service requirements call for a multipath routing fabric that can dynamically adapt to changing conditions. In this paper, we present a wireless multipath routing architecture that is able to adapt to varying network topology conditions and video traffic characteristics by finding new paths dynamically, resulting in enhanced end user's quality of experience. Additionally, we provide an overview of the IoT wireless video application landscape and a taxonomy of the state-of-the-art in route selection mechanisms for multipath routing.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 2","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.70013","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143622465","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Brand Design Data Security and Privacy Protection Under 6G Network Slicing Architecture","authors":"Peng Li,&nbsp;Jianing Du","doi":"10.1002/nem.70009","DOIUrl":"https://doi.org/10.1002/nem.70009","url":null,"abstract":"<div>\u0000 \u0000 <p>The rapid growth of networking technology has generated several situations and issues in the field of safeguarding critical brand design data in the present hyper connected context, particularly with the arrival of the 6^th Generation (6G). As brand development relies more on cloud-based services, protecting client data and intellectual property (IP) is essential. By using 6G network slicing architecture, which contains dedicated, secure network sections for brand design services, improved encryption, and anomaly detection systems, the research suggested a solution to such issues. The data includes features such as network performance, security measurements, and user data privacy measures. The methodology entails pre-processing brand design data with Z-score normalization to standardize feature distributions, followed by Principal Component Analysis (PCA) for a decrease of dimensions. The proposed method uses a Fully Homomorphic Encryption Driven Quantum Support Vector Machine (FHE-QSVM) to detect anomalies in real time while assuring safe and efficient resource allocation in dedicated slices. FHE-QSVM anomaly detection model produced significant metrics, with accuracy (98%), recall (96%), precision (97%), and F1-score (96%) data by accurately categorizing threats while maintaining data confidentiality. The finding shows the FHE-QSVM enhances both the security and privacy of brand design data by accurately categorizing threats while maintaining data confidentiality. Overall, this strategy offers a scalable solution for secure AI-powered brand design services, highlighting the importance of creative encryption, real-time monitoring, and 6G network slicing to meet contemporary data security standards.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 2","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-02-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143513823","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}